regexkubernetesistioistio-gateway

Istio virtual service regex uri is not working


Inside the virtual service, I have routed 2 paths to my service as follows -

- match:
    - uri:
        prefix: /jaeger/
    - uri:
        regex: \/oauth2\/.*jaeger.*
    route:
    - destination:
        host: oauth2-proxy
        port:
          number: 80

But the gateway returns 404 when I send request on the path /oauth2/callback?code=3QxQLUqCwxVtH_GS6mWteICfisIe32yE7RE6wQIZZVw&state=wmZSZ0BHMHq3vmS_1YBWIn72pG6FkChFQbNUNipGotQ%3A%2Fjaeger%2F

Now, I could also just use the prefix /oauth2/ to handle such URLs but currently I have multiple applications that are being authenticated by their own oauth2-proxies and this regex would match all of them. So I need to use a regex which contains the application name inside it, such as jaeger is this case.

I even checked on regex101 that this path is indeed matching the regex I used.

Also, the gateway routes the request successfully when I use the regex \/oauth2\/.*. But as I explained I can't use this regex either. Am I missing something here?

Edit: After further testing, I found out that if remove the "?" from the path, istio accepts this as valid and forwards the request to the service. I also tried the regex /oauth2\/callback\?code=.*jaeger.* but that isn't working either.


Solution

  • I did not realize that "?" marks the end of a URL and everything after that are query parameters. Istio provides matching of query parameters as well. The following code worked in my case -

      - match:
        - uri:
            prefix: /jaeger/
        - uri:
            regex: \/oauth2\/callback\?.*
          queryParams:
            state: 
              regex: .*jaeger.*
        route:
        - destination:
            host: oauth2-proxy
            port:
              number: 80