feat: As a user, I want to include the request body in the opa-input, so that I can reason about its contents

[wistefan]

Description

The opa-plugin already includes various information about the http-request(path, query, headers etc.) in the opa-input. However, its not possible to also include the request body as part of the input. This would extend OPAs capabilities in terms of decision making, f.e. to check if only allowed fields of a certain entity are manipulated within a PUT request.

[LuciaCabanillasRodriguez]

Is there any news on this issue?

[wistefan]

@LuciaCabanillasRodriguez I created a pr for the feature: #11629

[LuciaCabanillasRodriguez]

Just one question, if the request contains a file, what would happen?

[wistefan]

@LuciaCabanillasRodriguez The file will be forwarded to opa in its original encoding. So it depends how the file was encoded in the request

[LuciaCabanillasRodriguez]

@wistefan Can OPA receive APISIX files and analyse them? From what I thought, APISIX sent a json input containing header parameters for example, and what we are looking for now is to add the body, but how will the files be sent?

[wistefan]

In theory, OPA can analyze every content. In this specific case, the json received by OPA will contain the file as body in its encoding. It might be just a byte-array. To create meaningful rules for that will definitely require some Rego-Skills, but should not be impossbile.

[LuciaCabanillasRodriguez]

Is there any news on this issue? :)

[LuciaCabanillasRodriguez]

Is it available now? I noticed there was a merge into the master branch — if that is the case, could you let me know how I can start using it?