Ext_Authz: Allow extension to append or modify original query string params

[gsagula]

Description:
Recently I started exploring the idea of introducing Envoy proxy to one of our Hootsuite projects which depends on the ext_authz filter and enhancements being done by myself on behalf of Datawire. One of the goals of the wip enhancements, is to ensure that headers metadata sent from an external authorization service are injected in the original client's request before it gets sent to the upstream service.

Unfortunately, for all our use cases, the ability to manipulate only header's metadata is not sufficient. In some situations, we will also need to append query string params to the original URI before dispatching it to the upstream service. For example,

1. Downstream client calls https://domain.api.org/foo.
2. The request reaches the filter and then the HTTP context gets sent to the authorization service.
3. If the authorization service responds with OK, a map with query string params is sent along with the response. E.g., [(bar, 123)]
4. The extension modifies the original URI and sends it as following https://domain.api.org/foo?bar=123 to the upstream service.

Thanks,
Gabriel.

[josheinhorn]

Have you tried returning a modified :path pseudo-header in the ext_authz response (e.g. :path: /foo?bar=123)? I haven't tried this myself, just an idea.

[esmet]

/assign @esmet

[esmet]

I'll give this a try

[derekargueta]

FYI I'm working on #2098 which will refactory query params a bit with its own class, so this might be easier after that issue is done.