Plugin interface for own authentication

[fapo85]

Describe the feature request

We would like to use Unleash Edge in a zero trust environment.
There, jwt is issued by the api token which must be validated accordingly.
It would make sense for us to create a corresponding custom authentication function and configure it accordingly in Unleash Edge.
A plugin interface would be suitable for this.

it must also be possible to add a corresponding header to requests in the upstream direction.

Background

No response

Solution suggestions

It might also make sense to use the plugin interface for custom decision scenarios.
But I'm sure you can decide that better.

[sighphyre]

This is a pretty interesting request. I don't see a way this is possible right now because of the way Unleash works with SDKs. In theory, Edge is a proxy with some interesting details between an SDK and Unleash itself. How do you see this working if we take Edge out of the equation?

[fapo85]

We currently have our own proxy, written in typescript.

For authentication towards unleash we simply add a header injector by passing a customHeadersFunction.

We also have java services which talk directly to unleash, there is also the function to pass a customHttpHeadersProvider.

so at least in the nodejs and java sdk there is this possibility.

I'm not familiar enough with rust, but I think there will also be a corresponding option or it could simply be added.

If this function does not exist in the rust sdk, I think it would definitely be a corresponding added value, otherwise the sdk's for the other languages would not have this possibility.

and then the corresponding functions must be passed to the outside world via a plugin interface.

[sighphyre]

@fapo85 This is honestly a lot bigger than it sounds. Edge's auth later is pretty involved around the way it resolves tokens and uses those to hydrate it's data internally. It doesn't actually use the Rust SDK directly to do that.

I don't think this is a trivial thing to do, I've pulled it onto our backlog, we'll have to take a look in a future quarter

[fapo85]

super, thanks