feat(sandbox): L7 credential injection — query param rewriting and Basic auth encoding#631
Draft
htekdev wants to merge 1 commit intoNVIDIA:mainfrom
Draft
Conversation
…sic auth encoding Add two credential injection capabilities to the L7 proxy's SecretResolver: 1. Query parameter rewriting: resolve placeholder tokens in URL query parameter values (e.g. ?api_key=openshell:resolve:env:KEY) with proper percent-encoding of the resolved secret. 2. Basic Authorization header encoding: decode base64 Basic auth tokens, resolve placeholder tokens in the decoded username:password string, and re-encode before forwarding upstream. Both features operate within the existing rewrite_http_header_block flow and require no changes to the network policy file spec or proto schema. Closes NVIDIA#630
Collaborator
|
Is there a UX change here? How would a user use these? |
Contributor
Author
|
No ux changed. I am testing this now. Essentially it's extending the reach of credentials injection into query parameters and basic authorization which won't work for credentials injection given query parameters are not headers and basic authentication is encoded base 64. It's required for github copilot integration seeing thst some calls use user:pat token Once I confirm it is working in a live env I will ping again |
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
2 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds two credential injection capabilities to the L7 proxy's
SecretResolver, closing the remaining gaps identified in #630 (supersedes #538 and #541).Query parameter rewriting
Resolves placeholder tokens in URL query parameter values before forwarding upstream. When the sandbox child process constructs a request like:
The proxy rewrites the request line to inject the real credential:
Basic Authorization header encoding
Supports credentials stored as raw
username:passwordthat need base64 encoding for HTTP Basic auth. When the child process constructs:The proxy decodes the base64 token, resolves placeholders in the decoded string, and re-encodes:
What's NOT changed
rewrite_http_header_blockflowTesting
11 new unit tests covering:
Closes #630