diff --git a/adapter/internal/discovery/xds/server.go b/adapter/internal/discovery/xds/server.go index 48dd73ed60..8733cd52e8 100644 --- a/adapter/internal/discovery/xds/server.go +++ b/adapter/internal/discovery/xds/server.go @@ -378,9 +378,33 @@ func GenerateEnvoyResoucesForGateway(gatewayName string) ([]types.Resource, } logger.LoggerAPKOperator.Debugf("JWT Requirements for API %+v is %+v", envoyInternalAPI.adapterInternalAPI.UUID, jwtRequirements) if len(jwtRequirements) > 0 { - jwtRequirementMap[envoyInternalAPI.adapterInternalAPI.UUID] = &jwt.JwtRequirement{RequiresType: &jwt.JwtRequirement_RequiresAny{RequiresAny: &jwt.JwtRequirementOrList{Requirements: append(jwtRequirements, &jwt.JwtRequirement{ - RequiresType: &jwt.JwtRequirement_AllowMissingOrFailed{}, - })}}} + if envoyInternalAPI.adapterInternalAPI.GetAPIType() == "GraphQL" || + envoyInternalAPI.adapterInternalAPI.GetAPIType() == "GRPC" || + !envoyInternalAPI.adapterInternalAPI.GetDisableMtls() { + jwtRequirementMap[envoyInternalAPI.adapterInternalAPI.UUID] = &jwt.JwtRequirement{ + RequiresType: &jwt.JwtRequirement_RequiresAny{ + RequiresAny: &jwt.JwtRequirementOrList{ + Requirements: append(jwtRequirements, &jwt.JwtRequirement{ + RequiresType: &jwt.JwtRequirement_AllowMissingOrFailed{}, + }), + }, + }, + } + } else { + if len(jwtRequirements) == 1 { + jwtRequirementMap[envoyInternalAPI.adapterInternalAPI.UUID] = jwtRequirements[0] + } else { + jwtRequirementMap[envoyInternalAPI.adapterInternalAPI.UUID] = &jwt.JwtRequirement{ + RequiresType: &jwt.JwtRequirement_RequiresAny{ + RequiresAny: &jwt.JwtRequirementOrList{ + Requirements: jwtRequirements, + }, + }, + } + } + + } + } else { logger.LoggerAPKOperator.Debugf("No JWT Requirements for API %+v is %+v", envoyInternalAPI.adapterInternalAPI.UUID, jwtRequirements) removeJWTRequirements = true diff --git a/adapter/internal/oasparser/envoyconf/envoyconf_internal_test.go b/adapter/internal/oasparser/envoyconf/envoyconf_internal_test.go index cc33c77329..d734a55cb8 100644 --- a/adapter/internal/oasparser/envoyconf/envoyconf_internal_test.go +++ b/adapter/internal/oasparser/envoyconf/envoyconf_internal_test.go @@ -81,8 +81,8 @@ func TestCreateRoute(t *testing.T) { Value: true, }, } - clusterSpecifier := &routev3.RouteAction_ClusterHeader{ - ClusterHeader: clusterHeaderName, + clusterSpecifier := &routev3.RouteAction_Cluster{ + Cluster: "resource_operation_id", } regexRewriteWithXWso2BasePath := &envoy_type_matcherv3.RegexMatchAndSubstitute{ Pattern: &envoy_type_matcherv3.RegexMatcher{ @@ -150,9 +150,9 @@ func TestCreateRouteClusterSpecifier(t *testing.T) { &resourceWithGet, clusterName, nil, false)) assert.Nil(t, err, "Error while creating route") assert.NotNil(t, route[0], "Route should not be null") - assert.NotNil(t, route[0].GetRoute().GetClusterHeader(), "Route Cluster Header should not be null.") - assert.Empty(t, route[0].GetRoute().GetCluster(), "Route Cluster Name should be empty.") - assert.Equal(t, clusterHeaderName, route[0].GetRoute().GetClusterHeader(), "Route Cluster Name mismatch.") + // assert.NotNil(t, route[0].GetRoute().GetClusterHeader(), "Route Cluster Header should not be null.") + // assert.Empty(t, route[0].GetRoute().GetCluster(), "Route Cluster Name should be empty.") + assert.Equal(t, "cluster", route[0].GetRoute().GetCluster(), "Route Cluster Name mismatch.") } // func TestCreateRouteExtAuthzContext(t *testing.T) { diff --git a/adapter/internal/oasparser/envoyconf/response_mapper.go b/adapter/internal/oasparser/envoyconf/response_mapper.go index ba47c77d48..2f8101f2f5 100644 --- a/adapter/internal/oasparser/envoyconf/response_mapper.go +++ b/adapter/internal/oasparser/envoyconf/response_mapper.go @@ -64,6 +64,27 @@ func init() { func getErrorResponseMappers() []*hcmv3.ResponseMapper { responseMappers := []*hcmv3.ResponseMapper{} + responseMappers = append(responseMappers, &hcmv3.ResponseMapper{ + Filter: &access_logv3.AccessLogFilter{ + FilterSpecifier: &access_logv3.AccessLogFilter_StatusCodeFilter{ + StatusCodeFilter: &access_logv3.StatusCodeFilter{ + Comparison: &access_logv3.ComparisonFilter{ + Op: access_logv3.ComparisonFilter_EQ, + Value: &corev3.RuntimeUInt32{ + DefaultValue: 401, + RuntimeKey: "key123", + }, + }, + }, + }, + }, + StatusCode: wrapperspb.UInt32(401), + Body: &corev3.DataSource{ + Specifier: &corev3.DataSource_InlineBytes{ + InlineBytes: []byte("{\"error_message\":\"Invalid Credentials\",\"code\":401,\"ErrorDescription\":\"Make sure you have provided the correct security credentials\"}"), + }, + }, + }) conf := config.ReadConfigs() if conf.Adapter.SoapErrorInXMLEnabled { for flag, details := range errorResponseMap { diff --git a/adapter/internal/oasparser/envoyconf/routes_configs.go b/adapter/internal/oasparser/envoyconf/routes_configs.go index e1b801196a..7732e06063 100644 --- a/adapter/internal/oasparser/envoyconf/routes_configs.go +++ b/adapter/internal/oasparser/envoyconf/routes_configs.go @@ -127,7 +127,7 @@ func generateRouteMatch(routeRegex string) *routev3.RouteMatch { return match } -func generateRouteAction(apiType string, routeConfig *model.EndpointConfig, ratelimitCriteria *ratelimitCriteria, mirrorClusterNames []string, isBackendBasedAIRatelimitEnabled bool, descriptorValueForBackendBasedAIRatelimit string, weightedCluster *routev3.WeightedCluster_ClusterWeight, isWeighted bool) (action *routev3.Route_Route) { +func generateRouteAction(apiType string, routeConfig *model.EndpointConfig, ratelimitCriteria *ratelimitCriteria, mirrorClusterNames []string, isBackendBasedAIRatelimitEnabled bool, descriptorValueForBackendBasedAIRatelimit string, weightedCluster *routev3.WeightedCluster_ClusterWeight, isWeighted bool, aiRoundRobinEnabled bool, clusterName string) (action *routev3.Route_Route) { if isWeighted { // check if weightedCluster is already in the list @@ -163,7 +163,7 @@ func generateRouteAction(apiType string, routeConfig *model.EndpointConfig, rate }, }, } - } else { + } else if aiRoundRobinEnabled { action = &routev3.Route_Route{ Route: &routev3.RouteAction{ HostRewriteSpecifier: &routev3.RouteAction_AutoHostRewrite{ @@ -178,6 +178,21 @@ func generateRouteAction(apiType string, routeConfig *model.EndpointConfig, rate }, }, } + } else { + action = &routev3.Route_Route{ + Route: &routev3.RouteAction{ + HostRewriteSpecifier: &routev3.RouteAction_AutoHostRewrite{ + AutoHostRewrite: &wrapperspb.BoolValue{ + Value: true, + }, + }, + UpgradeConfigs: getUpgradeConfig(apiType), + MaxStreamDuration: getMaxStreamDuration(apiType), + ClusterSpecifier: &routev3.RouteAction_Cluster{ + Cluster: clusterName, + }, + }, + } } if routeConfig != nil { diff --git a/adapter/internal/oasparser/envoyconf/routes_with_clusters.go b/adapter/internal/oasparser/envoyconf/routes_with_clusters.go index 69a7c990c6..24f12166f6 100644 --- a/adapter/internal/oasparser/envoyconf/routes_with_clusters.go +++ b/adapter/internal/oasparser/envoyconf/routes_with_clusters.go @@ -1008,6 +1008,19 @@ func createRoutes(params *routeCreateParams) (routes []*routev3.Route, err error LuaLocal: luaFilter, wellknown.CORS: corsFilter, } + if !resource.ShouldSendToEnforcer() { + perFilterConfigExtProc := extProcessorv3.ExtProcPerRoute{ + Override: &extProcessorv3.ExtProcPerRoute_Disabled{ + Disabled: true, + }, + } + dataExtProc, _ := proto.Marshal(&perFilterConfigExtProc) + filterExtProc := &any.Any{ + TypeUrl: extProcPerRouteName, + Value: dataExtProc, + } + perRouteFilterConfigs[HTTPExternalProcessor] = filterExtProc + } // if !params.isAiAPI { // perFilterConfigExtProc := extProcessorv3.ExtProcPerRoute{ // Override: &extProcessorv3.ExtProcPerRoute_Disabled{ @@ -1284,8 +1297,8 @@ func createRoutes(params *routeCreateParams) (routes []*routev3.Route, err error metadataValue := operation.GetMethod() + "_to_" + newMethod match2.DynamicMetadata = generateMetadataMatcherForInternalRoutes(metadataValue) - action1 := generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, mirrorClusterNameList, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters) - action2 := generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, mirrorClusterNameList, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters) + action1 := generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, mirrorClusterNameList, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters, resource.AIModelBasedRoundRobin != nil, clusterName) + action2 := generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, mirrorClusterNameList, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters, resource.AIModelBasedRoundRobin != nil, clusterName) requestHeadersToRemove := make([]string, 0) // Create route1 for current method. @@ -1310,7 +1323,7 @@ func createRoutes(params *routeCreateParams) (routes []*routev3.Route, err error } else { var action *routev3.Route_Route if requestRedirectAction == nil { - action = generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, mirrorClusterNameList, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters) + action = generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, mirrorClusterNameList, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters, resource.AIModelBasedRoundRobin != nil, clusterName) } logger.LoggerOasparser.Debug("Creating routes for resource with policies", resourcePath, operation.GetMethod()) // create route for current method. Add policies to route config. Send via enforcer @@ -1337,7 +1350,7 @@ func createRoutes(params *routeCreateParams) (routes []*routev3.Route, err error } match := generateRouteMatch(routePath) match.Headers = generateHTTPMethodMatcher(methodRegex, clusterName) - action := generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, nil, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters) + action := generateRouteAction(apiType, routeConfig, rateLimitPolicyCriteria, nil, resource.GetEnableBackendBasedAIRatelimit() && params.isAiAPI, resource.GetBackendBasedAIRatelimitDescriptorValue(), &weightedCluster, isWeightedClusters, resource.AIModelBasedRoundRobin != nil, clusterName) rewritePath := generateRoutePathForReWrite(basePath, resourcePath, pathMatchType) action.Route.RegexRewrite = generateRegexMatchAndSubstitute(rewritePath, resourcePath, pathMatchType) requestHeadersToRemove := make([]string, 0) diff --git a/adapter/internal/oasparser/model/adapter_internal_api.go b/adapter/internal/oasparser/model/adapter_internal_api.go index de15f2b98c..1401406b85 100644 --- a/adapter/internal/oasparser/model/adapter_internal_api.go +++ b/adapter/internal/oasparser/model/adapter_internal_api.go @@ -537,7 +537,7 @@ func (adapterInternalAPI *AdapterInternalAPI) Validate() error { // SetInfoHTTPRouteCR populates resources and endpoints of adapterInternalAPI. httpRoute.Spec.Rules.Matches // are used to create resources and httpRoute.Spec.Rules.BackendRefs are used to create EndpointClusters. -func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwapiv1.HTTPRoute, resourceParams ResourceParams, ruleIdxToAiRatelimitPolicyMapping map[int]*dpv1alpha3.AIRateLimitPolicy, extractTokenFrom string) error { +func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwapiv1.HTTPRoute, resourceParams ResourceParams, ruleIdxToAiRatelimitPolicyMapping map[int]*dpv1alpha3.AIRateLimitPolicy, extractTokenFrom string, sendToEnforcer bool) error { var resources []*Resource outputAuthScheme := utils.TieBreaker(utils.GetPtrSlice(maps.Values(resourceParams.AuthSchemes))) outputAPIPolicy := utils.TieBreaker(utils.GetPtrSlice(maps.Values(resourceParams.APIPolicies))) @@ -984,7 +984,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap loggers.LoggerAPI.Debugf("ModelBasedRoundRobin extracted %v", extracted) modelBasedRoundRobin = extracted } - + loggers.LoggerAPI.Debugf("resource path %+v methods %+v sendtoenforcer %+v", resourcePath, operations, sendToEnforcer || enableBackendBasedAIRatelimit) resource := &Resource{ path: resourcePath, methods: operations, @@ -996,6 +996,7 @@ func (adapterInternalAPI *AdapterInternalAPI) SetInfoHTTPRouteCR(httpRoute *gwap backendBasedAIRatelimitDescriptorValue: descriptorValue, extractTokenFrom: extractTokenFrom, AIModelBasedRoundRobin: modelBasedRoundRobin, + sendToEnforcer: sendToEnforcer || enableBackendBasedAIRatelimit, } resource.endpoints = &EndpointCluster{ diff --git a/adapter/internal/oasparser/model/resource.go b/adapter/internal/oasparser/model/resource.go index a4acba6311..d7b51390d2 100644 --- a/adapter/internal/oasparser/model/resource.go +++ b/adapter/internal/oasparser/model/resource.go @@ -49,6 +49,7 @@ type Resource struct { enableBackendBasedAIRatelimit bool backendBasedAIRatelimitDescriptorValue string extractTokenFrom string + sendToEnforcer bool } // GetEndpointSecurity returns the endpoint security object of a given resource. @@ -213,3 +214,8 @@ func (resource *Resource) GetBackendBasedAIRatelimitDescriptorValue() string { func (resource *Resource) GetExtractTokenFromValue() string { return resource.extractTokenFrom } + +// ShouldSendToEnforcer returns the value of sendToEnforcer +func (resource *Resource) ShouldSendToEnforcer() bool { + return resource.sendToEnforcer +} diff --git a/adapter/internal/operator/controllers/dp/api_controller.go b/adapter/internal/operator/controllers/dp/api_controller.go index 77650db896..1bd3db55af 100644 --- a/adapter/internal/operator/controllers/dp/api_controller.go +++ b/adapter/internal/operator/controllers/dp/api_controller.go @@ -978,6 +978,7 @@ func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context aiProviderPtr := utils.GetAIProvider(ctx, apiReconciler.client, apiPolicy.Namespace, apiPolicy.Spec.Default.AIProvider.Name, &api) if aiProviderPtr != nil { + loggers.LoggerAPKOperator.Debugf("API Name: %s, AI Provider: %+v", api.Spec.APIName, aiProviderPtr) aiProvider = aiProviderPtr } } @@ -1009,6 +1010,7 @@ func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context aiProviderPtr := utils.GetAIProvider(ctx, apiReconciler.client, apiPolicy.Namespace, apiPolicy.Spec.Override.AIProvider.Name, &api) if aiProviderPtr != nil { + loggers.LoggerAPKOperator.Debugf("API Name: %s, AI Provider: %+v", api.Spec.APIName, aiProviderPtr) aiProvider = aiProviderPtr } } @@ -1152,6 +1154,7 @@ func (apiReconciler *APIReconciler) getAPIPolicyChildrenRefs(ctx context.Context } } } + loggers.LoggerAPKOperator.Debugf("API Name: %s, AI Provider: %+v", api.Spec.APIName, aiProvider) return interceptorServices, backendJWTs, subscriptionValidation, aiProvider, resolvedModelBasedRoundRobin, nil } diff --git a/adapter/internal/operator/synchronizer/rest_api.go b/adapter/internal/operator/synchronizer/rest_api.go index 1e07442827..68b4faa62c 100644 --- a/adapter/internal/operator/synchronizer/rest_api.go +++ b/adapter/internal/operator/synchronizer/rest_api.go @@ -108,7 +108,24 @@ func generateAdapterInternalAPI(apiState APIState, httpRouteState *HTTPRouteStat RateLimitPolicies: apiState.RateLimitPolicies, ResourceRateLimitPolicies: apiState.ResourceRateLimitPolicies, } - if err := adapterInternalAPI.SetInfoHTTPRouteCR(httpRouteState.HTTPRouteCombined, resourceParams, httpRouteState.RuleIdxToAiRatelimitPolicyMapping, apiState.AIProvider.Spec.RateLimitFields.PromptTokens.In); err != nil { + sendToEnforcer := false + if config.ReadConfigs().Analytics.Enabled { + loggers.LoggerAPKOperator.Infof("Analytics is enabled for API: %v", apiState.APIDefinition.Name) + sendToEnforcer = true + } + if apiState.BackendJWTMapping != nil && len(apiState.BackendJWTMapping) > 0 { + sendToEnforcer = true + } + if apiState.APIDefinition.Spec.APIType == "GRPC" { + sendToEnforcer = true + } + if apiState.MutualSSL != nil { + sendToEnforcer = !apiState.MutualSSL.Disabled + } + if (apiState.AIProvider != nil && apiState.AIProvider.Name != "") || apiState.SubscriptionValidation { + sendToEnforcer = true + } + if err := adapterInternalAPI.SetInfoHTTPRouteCR(httpRouteState.HTTPRouteCombined, resourceParams, httpRouteState.RuleIdxToAiRatelimitPolicyMapping, apiState.AIProvider.Spec.RateLimitFields.PromptTokens.In, sendToEnforcer); err != nil { loggers.LoggerAPKOperator.ErrorC(logging.PrintError(logging.Error2631, logging.MAJOR, "Error setting HttpRoute CR info to adapterInternalAPI. %v", err)) return nil, err } diff --git a/gateway/enforcer/internal/authentication/authenticator/authenticator.go b/gateway/enforcer/internal/authentication/authenticator/authenticator.go index 0cb898ad08..750cb977dc 100644 --- a/gateway/enforcer/internal/authentication/authenticator/authenticator.go +++ b/gateway/enforcer/internal/authentication/authenticator/authenticator.go @@ -28,7 +28,7 @@ func NewAuthenticator(cfg *config.Server, subAppDataStore *datastore.Subscriptio // Authenticate performs the authentication. func (authenticator *Authenticator) Authenticate(rch *requestconfig.Holder) *dto.ImmediateResponse { - if rch != nil && rch.MatchedAPI != nil { + if rch != nil && rch.MatchedAPI != nil {//&& rch.MatchedAPI.IsGraphQLAPI() { applicationSecurity := rch.MatchedAPI.ApplicationSecurity var optionalAuthenticationResponse *AuthenticationResponse var authenticationResponse AuthenticationResponse @@ -71,11 +71,13 @@ func (authenticator *Authenticator) Authenticate(rch *requestconfig.Holder) *dto } if !authenticated { if mandatoryAuthFailed || optionalAuthenticationResponse == nil { + authenticator.cfg.Logger.Sugar().Debugf("Authentication failed for the request. Responses: %+v", authenticationResponses) errorResponse := getError(authenticationResponses) jsonData, _ := json.MarshalIndent(errorResponse, "", " ") return &dto.ImmediateResponse{StatusCode: 401, Message: string(jsonData)} } else if !(optionalAuthenticationResponse.Authenticated) { + authenticator.cfg.Logger.Sugar().Debugf("Authentication failed for the request. Responses: %+v", authenticationResponses) errorResponse := &dto.ErrorResponse{ErrorMessage: optionalAuthenticationResponse.ErrorMessage, Code: optionalAuthenticationResponse.ErrorCode, ErrorDescription: "Make sure you have provided the correct security credentials"} jsonData, _ := json.MarshalIndent(errorResponse, "", " ") return &dto.ImmediateResponse{StatusCode: 401, Message: string(jsonData)} diff --git a/gateway/enforcer/internal/extproc/ext_proc.go b/gateway/enforcer/internal/extproc/ext_proc.go index 9416e7b814..74b1168bdd 100644 --- a/gateway/enforcer/internal/extproc/ext_proc.go +++ b/gateway/enforcer/internal/extproc/ext_proc.go @@ -187,6 +187,7 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro dynamicMetadataKeyValuePairs := make(map[string]string) switch v := req.Request.(type) { case *envoy_service_proc_v3.ProcessingRequest_RequestHeaders: + s.log.Sugar().Debug("Request Headers Flow") attributes, err := extractExternalProcessingXDSRouteMetadataAttributes(req.GetAttributes()) requestConfigHolder.ExternalProcessingEnvoyAttributes = attributes if err != nil { @@ -309,10 +310,8 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro } if requestConfigHolder.MatchedAPI.AiProvider != nil && requestConfigHolder.MatchedAPI.AiProvider.SupportedModels != nil && - requestConfigHolder.MatchedAPI.AIModelBasedRoundRobin == nil && requestConfigHolder.MatchedAPI.AIModelBasedRoundRobin != nil && requestConfigHolder.MatchedAPI.AIModelBasedRoundRobin.Enabled { - // s.cfg.Logger.Sugar().Info("222") resp.ModeOverride.RequestBodyMode = v31.ProcessingMode_BodySendMode(v31.ProcessingMode_BUFFERED) } if requestConfigHolder.MatchedAPI.AiProvider != nil && @@ -321,7 +320,6 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro requestConfigHolder.MatchedAPI.AiProvider.TotalToken != nil && requestConfigHolder.MatchedResource.RouteMetadataAttributes != nil && requestConfigHolder.MatchedAPI.AiProvider.CompletionToken.In == dto.InBody { - // s.cfg.Logger.Sugar().Info("333") resp.ModeOverride.ResponseBodyMode = v31.ProcessingMode_BodySendMode(v31.ProcessingMode_BUFFERED) } if requestConfigHolder.MatchedAPI.AiProvider != nil && @@ -330,7 +328,6 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro requestConfigHolder.MatchedAPI.AiProvider.TotalToken != nil && requestConfigHolder.MatchedResource.RouteMetadataAttributes != nil && requestConfigHolder.MatchedAPI.AiProvider.CompletionToken.In == dto.InHeader { - // s.cfg.Logger.Sugar().Info("444") resp.ModeOverride.ResponseHeaderMode = v31.ProcessingMode_SEND } requestConfigHolder.MatchedResource.RouteMetadataAttributes = attributes @@ -349,9 +346,6 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro } requestConfigHolder.ExternalProcessingEnvoyMetadata = metadata - // s.log.Info(fmt.Sprintf("Matched api bjc: %v", requestConfigHolder.MatchedAPI.BackendJwtConfiguration)) - // s.log.Info(fmt.Sprintf("Matched Resource: %v", requestConfigHolder.MatchedResource)) - // s.log.Info(fmt.Sprintf("req holderrr: %+v\n s: %+v", &requestConfigHolder, &s)) s.log.Sugar().Debug(fmt.Sprintf("req holderrr: %+v\n s: %+v", requestConfigHolder, s)) if requestConfigHolder.MatchedResource != nil && requestConfigHolder.MatchedResource.AuthenticationConfig != nil && !requestConfigHolder.MatchedResource.AuthenticationConfig.Disabled && !requestConfigHolder.MatchedAPI.DisableAuthentication { if immediateResponse := authorization.Validate(s.authenticator, requestConfigHolder, s.subscriptionApplicationDatastore, s.cfg); immediateResponse != nil { @@ -463,7 +457,6 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro case *envoy_service_proc_v3.ProcessingRequest_RequestBody: // httpBody := req.GetRequestBody() - s.log.Sugar().Debug("Request Body Flow") resp.Response = &envoy_service_proc_v3.ProcessingResponse_RequestBody{ RequestBody: &envoy_service_proc_v3.BodyResponse{ Response: &envoy_service_proc_v3.CommonResponse{}, @@ -867,8 +860,6 @@ func (s *ExternalProcessingServer) Process(srv envoy_service_proc_v3.ExternalPro } } case *envoy_service_proc_v3.ProcessingRequest_ResponseBody: - // httpBody := req.GetResponseBody() - // s.log.Info(fmt.Sprintf("req holder: %+v\n s: %+v", &s.requestConfigHolder, &s)) s.log.Sugar().Debug("Response Body Flow") rbq := &envoy_service_proc_v3.BodyResponse{