Skip to content

feat: Support GAT request_header_rewrites for Web App traffic#365

Open
clement0010 wants to merge 2 commits into
masterfrom
feat/webapp-request-header-rewrites
Open

feat: Support GAT request_header_rewrites for Web App traffic#365
clement0010 wants to merge 2 commits into
masterfrom
feat/webapp-request-header-rewrites

Conversation

@clement0010

@clement0010 clement0010 commented Jul 1, 2026

Copy link
Copy Markdown
Contributor

Related Tickets & Documents

Changes

For Web App resources, the controller can specify per-resource request_header_rewrites in the GAT under resource.gateway_metadata. This PR makes the Gateway apply those header rewrites to Web App requests before forwarding them upstream.

@codecov

codecov Bot commented Jul 1, 2026

Copy link
Copy Markdown

Codecov Report

❌ Patch coverage is 50.00000% with 4 lines in your changes missing coverage. Please review.
✅ Project coverage is 85.96%. Comparing base (ae1d22b) to head (999c3df).
✅ All tests successful. No failed tests found.

Files with missing lines Patch % Lines
internal/webapphandler/handler.go 50.00% 2 Missing and 2 partials ⚠️
Additional details and impacted files

Impacted file tree graph

@@            Coverage Diff             @@
##           master     #365      +/-   ##
==========================================
- Coverage   86.17%   85.96%   -0.21%     
==========================================
  Files          40       40              
  Lines        2828     2836       +8     
==========================================
+ Hits         2437     2438       +1     
- Misses        265      271       +6     
- Partials      126      127       +1     
Flag Coverage Δ
integration 55.02% <50.00%> (+0.02%) ⬆️
unit 78.45% <50.00%> (-0.09%) ⬇️

Flags with carried forward coverage won't be shown. Click here to find out more.

Files with missing lines Coverage Δ
internal/token/gat_claims.go 100.00% <ø> (ø)
internal/webapphandler/handler.go 90.90% <50.00%> (-9.10%) ⬇️

... and 1 file with indirect coverage changes

🚀 New features to boost your workflow:
  • 📦 JS Bundle Analysis: Save yourself from yourself by tracking and limiting bundle sizes in JS merges.

@clement0010 clement0010 force-pushed the feat/webapp-request-header-rewrites branch from c0e803b to 0a8401f Compare July 2, 2026 07:14
@clement0010 clement0010 changed the title feat: apply GAT request header rewrites for Web App traffic feat: Support GAT request_header_rewrites for Web App traffic Jul 2, 2026
@clement0010 clement0010 marked this pull request as ready for review July 2, 2026 07:52
@clement0010 clement0010 requested a review from Copilot July 2, 2026 07:52
for headerName, value := range conn.GATClaims().Resource.GatewayMetadata.RequestHeaderRewrites {
tmpl, err := template.New(value)
if err != nil {
return fmt.Errorf("header %q: %w", headerName, err)

Copy link
Copy Markdown
Contributor Author

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This has the same error as above in line 77. We could set the panic message to something like header from token ... but not sure if it'd be useful 🤔

Copilot AI left a comment

Copy link
Copy Markdown
Contributor

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Pull request overview

This PR adds support for Web App–specific request_header_rewrites carried in the GAT token (resource.gateway_metadata), applying those rewrites to outbound Web App HTTP requests before proxying upstream.

Changes:

  • Extend GAT claims schema to include request_header_rewrites under resource.gateway_metadata.
  • Apply per-resource (GAT-provided) header rewrites after gateway-configured rewrites so GAT rewrites take precedence.
  • Update fake client + integration test harness to mint GATs containing request header rewrites and assert behavior end-to-end.

Reviewed changes

Copilot reviewed 6 out of 6 changed files in this pull request and generated 1 comment.

Show a summary per file
File Description
test/integration/web_app_test.go Updates Web App integration test to inject GAT header rewrites and assert overridden/added headers.
test/integration/testutil/user.go Extends NewWebAppUser to accept request header rewrite data for test setup.
test/fake/client.go Adds client options and includes RequestHeaderRewrites in the fake controller request payload for GAT minting.
internal/webapphandler/handler.go Applies GAT-provided request header rewrites after config headers in the reverse proxy rewrite hook.
internal/webapphandler/handler_test.go Adds unit tests asserting that GAT header rewrites are applied and override config headers.
internal/token/gat_claims.go Adds RequestHeaderRewrites to GatewayMetadata JSON schema (request_header_rewrites).

💡 Add Copilot custom instructions for smarter, more guided reviews. Learn how to get started.

Comment thread internal/webapphandler/handler.go
@clement0010 clement0010 requested a review from minhtule July 2, 2026 13:36
Introduce the minimal token.GatewayMetadata (request_header_rewrites only)
on Resource, and apply per-resource header rewrites from the GAT in the
Web App handler. Rewrites are applied after config headers, so they
override config headers on conflict, and support the {{...}} template
syntax.

Add a WithRequestHeaderRewrites option to the fake test client and
end-to-end integration coverage.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
Claude-Session: https://claude.ai/code/session_019PboRSndVw7e3tQP8xoSuJ
@clement0010 clement0010 force-pushed the feat/webapp-request-header-rewrites branch from 87737a1 to 8026c76 Compare July 3, 2026 01:17
@clement0010 clement0010 changed the base branch from fix/verify-connect-downstream-port to master July 3, 2026 01:17
@clement0010 clement0010 closed this Jul 3, 2026
@clement0010 clement0010 reopened this Jul 3, 2026
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Labels

None yet

Projects

None yet

Development

Successfully merging this pull request may close these issues.

2 participants