0

I was reading the docs on API GATEWAY, but I couldn't find the solution for the problem:

What I am struggling to achieve is, I have multiple services on cloud run, and one service is the authentication, I want all the requests from clients that hit API GATEWAY to be redirected to this custom authentication service where I will access a token and session Id and use them accordingly to validate get user data from session data and froward these data to appropriate service it was calling.

I use gRPC in my API calls, so I would like to know how I can achieve this using GCP API Gateway.

Thanks!

I couldn't find anything in the docs that would explain me how I could achieve this.

Brent Worden
  • 10,624
  • 7
  • 52
  • 57
Raphael Chaula
  • 318
  • 2
  • 7
  • Architectural questions are discouraged on Stack overflow. – DazWilkin Jun 14 '23 at 22:22
  • 2
    gRPC doesn't have a redirect mechanism. Your gRPC clients should (1) invoke an authentication request method on your auth service and receive an auth response; (2) invoke the other gRPC services passing the credentials (probably in Metadata); (3) Each gRPC service will authenticate the incoming credentials (probably using an Interceptor), pass through if valid and reject if invalid|expired. (4) gRPC clients will need to deal with invalid and expired (preferably refreshing before expiry). – DazWilkin Jun 14 '23 at 22:25

1 Answers1

0

Posting DazWilkin's answer in the comments as a community wiki for everyone's visibility.

gRPC doesn't give a redirect mechanism. Your gRCP client should

1. Invoke an authentication request method on your auth service and receive an auth response;
2. Invoke the other gRPC service passing the credentials;
3. Each gRCP service will authenticate the incoming credentials, pass through if valid and reject if invalid/expired.
4. gRCP clients will need to deal with invalid and expired credentials.

You can check the official documentation of gRPC for more information.

Michael C
  • 308
  • 1
  • 6