From 75bb24b620144218d26b92afedbb428e4d84e506 Mon Sep 17 00:00:00 2001
From: Yangmin Zhu <ymzhu@google.com>
Date: Wed, 8 Sep 2021 12:05:08 -0700
Subject: [PATCH] add disable_clear_route_cache to the internal authn filter
 config (#2089)

* add clear_route_cache to the internal authn filter config

* update
---
 envoy/config/filter/http/authn/v2alpha1/config.proto | 7 +++++++
 1 file changed, 7 insertions(+)

diff --git a/envoy/config/filter/http/authn/v2alpha1/config.proto b/envoy/config/filter/http/authn/v2alpha1/config.proto
index bd3a9328..620dfa89 100644
--- a/envoy/config/filter/http/authn/v2alpha1/config.proto
+++ b/envoy/config/filter/http/authn/v2alpha1/config.proto
@@ -50,4 +50,11 @@ message FilterConfig {
   // When this field is set, the skip_validate_trust_domain field is ignored.
   // This field has no effect for plaintext traffic.
   repeated string allowed_trust_domains = 4;
+
+  // By default the authn filter will clear the route cache so that the validated
+  // JWT token claims can be used in routing.
+  // Advanced users can set this to true to disable the behavior if they do not
+  // want the authn filter to clear the route cache for any reasons.
+  // Warning: setting this to true will break the JWT claim based routing.
+  bool disable_clear_route_cache = 5;
 }