feat: add external authorization service (authzd) with JWT authentication

- Add new authzd gRPC service implementing Envoy's external authorization API - Integrate JWT authentication filter in Envoy configuration with claim extraction - Update middleware to support both cookie-based and header-based user authentication - Add comprehensive test coverage for authorization service and server - Configure proper service orchestration with authzd, sparkled, and Envoy - Update build system and Docker configuration for multi-service deployment - Add grpcurl tool for gRPC service debugging and testing This enables fine-grained authorization control through Envoy's ext_authz filter while maintaining backward compatibility with existing cookie-based authentication.
author: mo khan <mo@mokhan.ca> 2025-05-20 14:28:06 -0600
committer: mo khan <mo@mokhan.ca> 2025-05-23 14:49:19 -0600
commit: 4beee46dc6c7642316e118a4d3aa51e4b407256e (patch)
tree: 039bdf57b99061844aeb0fe55ad0bc1c864166af /vendor/cel.dev/expr/BUILD.bazel
parent: 0ba49bfbde242920d8675a193d7af89420456fc0 (diff)
1 files changed, 34 insertions, 0 deletions
diff --git a/vendor/cel.dev/expr/BUILD.bazel b/vendor/cel.dev/expr/BUILD.bazel
new file mode 100644
index 0000000..37d8adc
--- /dev/null
+++ b/vendor/cel.dev/expr/BUILD.bazel
@@ -0,0 +1,34 @@
+load("@io_bazel_rules_go//go:def.bzl", "go_library")
+
+package(default_visibility = ["//visibility:public"])
+
+licenses(["notice"])  # Apache 2.0
+
+go_library(
+    name = "expr",
+    srcs = [
+        "checked.pb.go",
+        "eval.pb.go",
+        "explain.pb.go",
+        "syntax.pb.go",
+        "value.pb.go",
+    ],
+    importpath = "cel.dev/expr",
+    visibility = ["//visibility:public"],
+    deps = [
+        "@org_golang_google_genproto_googleapis_rpc//status:go_default_library",
+        "@org_golang_google_protobuf//reflect/protoreflect",
+        "@org_golang_google_protobuf//runtime/protoimpl",
+        "@org_golang_google_protobuf//types/known/anypb",
+        "@org_golang_google_protobuf//types/known/durationpb",
+        "@org_golang_google_protobuf//types/known/emptypb",
+        "@org_golang_google_protobuf//types/known/structpb",
+        "@org_golang_google_protobuf//types/known/timestamppb",
+    ],
+)
+
+alias(
+    name = "go_default_library",
+    actual = ":expr",
+    visibility = ["//visibility:public"],
+)
author	mo khan <mo@mokhan.ca>	2025-05-20 14:28:06 -0600
committer	mo khan <mo@mokhan.ca>	2025-05-23 14:49:19 -0600
commit	4beee46dc6c7642316e118a4d3aa51e4b407256e (patch)
tree	039bdf57b99061844aeb0fe55ad0bc1c864166af /vendor/cel.dev/expr/BUILD.bazel
parent	0ba49bfbde242920d8675a193d7af89420456fc0 (diff)