From 21b9f825eb8ecd626a0dbe4e5b75f7912cc7059d Mon Sep 17 00:00:00 2001
From: "data-plane-api(CircleCI)" <data-plane-api@users.noreply.github.com>
Date: Thu, 18 Apr 2019 04:42:52 +0000
Subject: [PATCH] ext_authz: option for clearing route cache of authorized
 requests (#6503)

Signed-off-by: Gabriel <gsagula@gmail.com>

Mirrored from https://github.com/envoyproxy/envoy @ 0e109cb3ba3be0823bdb696eacb02a827989efa1
---
 .../config/filter/http/ext_authz/v2/ext_authz.proto  | 12 ++++++++++++
 1 file changed, 12 insertions(+)

diff --git a/envoy/config/filter/http/ext_authz/v2/ext_authz.proto b/envoy/config/filter/http/ext_authz/v2/ext_authz.proto
index abe1638b..b430fe93 100644
--- a/envoy/config/filter/http/ext_authz/v2/ext_authz.proto
+++ b/envoy/config/filter/http/ext_authz/v2/ext_authz.proto
@@ -53,6 +53,18 @@ message ExtAuthz {
 
   // Enables filter to buffer the client request body and send it within the authorization request.
   BufferSettings with_request_body = 5;
+
+  // Clears route cache in order to allow the external authorization service to correctly affect
+  // routing decisions. Filter clears all cached routes when:
+  //
+  // 1. The field is set to *true*.
+  //
+  // 2. The status returned from the authorization service is a HTTP 200 or gRPC 0.
+  //
+  // 3. At least one *authorization response header* is added to the client request, or is used for
+  // altering another client request header.
+  //
+  bool clear_route_cache = 6;
 }
 
 // Configuration for buffering the request data.