We are using username/password in the request header to hit the Tyk and our go plugin runs in auth_check middleware that validates the request and then middleware will set an Authorization header JWT token in the request that will be used by upstream for authentication.
we want to cache the authentication done by the go plugin to avoid hitting authentication middleware for each request.
We have internal tickets to extend its functionality to support native go plugins as well as update our documentation so it’s clearer what it supports and doesn’t.
You’ll configure the URL for the gRPC server on the Gateway level. Here’s some documentation for your reference: How to write gRPC Plugins
In the API definition, the value for your Target URL will remain your target URL (not the gRPC server URL).
Modifying request headers can be done by such plugins. Check out another sample gRPC-based authentication go plugin that has similar specifics.GitHub - TykTechnologies/tyk-grpc-go-basicauth-jwt: Custom BasicAuth with JWT to Upstream
In this particular example, the plugin generates and stores the JWT inside the session metadata.
And then the Gateway in the Global Header transform pulls the JWT from the session metadata and injects it into the header for use by the upstream.
The id_extractor still doesn’t work for native go plugins - the internal ticket is still in the backlog.
The concept of id_extractor wasn’t considered for native go plugins because they already have direct access to the session, so this can be retrieved/updated as needed directly.
If the situation is such that the plugin connects to some 3rd party service over http, and you want to optimise these calls, then caching techniques can be baked into the plugin. e.g using redis (see samples 1, 2), or in-memory cache.
Thanks for the quick reply. The idea is that I don’t want to implement things that are working and battle tested. I assumed that there is this freedom with go plugins but wanted to reutilise things that are already in place. I’ve switched to python plugins for now. But good to know. Much appreciated.