Encoding
| Function | Description | Meta |
|---|---|---|
base64. |
Deserializes the base64 encoded input string. Arguments: Returns:x (string)string to decode y (string)base64 deserialization of | Wasm |
base64. |
Serializes the input string into base64 encoding. Arguments: Returns:x (string)string to encode y (string)base64 serialization of | Wasm |
base64. |
Verifies the input string is base64 encoded. Arguments: Returns:x (string)string to check result (boolean)
| v0.24.0 Wasm |
base64url. |
Deserializes the base64url encoded input string. Arguments: Returns:x (string)string to decode y (string)base64url deserialization of | Wasm |
base64url. |
Serializes the input string into base64url encoding. Arguments: Returns:x (string)string to encode y (string)base64url serialization of | Wasm |
base64url. |
Serializes the input string into base64url encoding without padding. Arguments: Returns:x (string)string to encode y (string)base64url serialization of | v0.25.0-rc2 SDK-dependent |
hex. |
Deserializes the hex-encoded input string. Arguments: Returns:x (string)a hex-encoded string y (string)deserialized from | v0.25.0-rc2 SDK-dependent |
hex. |
Serializes the input string using hex-encoding. Arguments: Returns:x (string)string to encode y (string)serialization of | v0.25.0-rc2 SDK-dependent |
json. |
Verifies the input string is a valid JSON document. Arguments: Returns:x (string)a JSON string result (boolean)
| v0.25.0-rc1 Wasm |
json. |
Serializes the input term to JSON. Arguments: Returns:x (any)the term to serialize y (string)the JSON string representation of | Wasm |
json. |
Serializes the input term JSON, with additional formatting options via the Arguments: Returns:x (any)the term to serialize opts (object<indent: string, prefix: string, pretty: boolean>[string: any])encoding options y (string)the JSON string representation of | v0.64.0 SDK-dependent |
json. |
Deserializes the input string. Arguments: Returns:x (string)a JSON string y (any)the term deserialized from | Wasm |
urlquery. |
Decodes a URL-encoded input string. Arguments: Returns:x (string)the URL-encoded string y (string)URL-encoding deserialization of | SDK-dependent |
urlquery. |
Decodes the given URL query string into an object. Arguments: Returns:x (string)the query string object (object[string: array[string]])the resulting object | v0.24.0 SDK-dependent |
urlquery. |
Encodes the input string into a URL-encoded string. Arguments: Returns:x (string)the string to encode y (string)URL-encoding serialization of | SDK-dependent |
urlquery. |
Encodes the given object into a URL encoded query string. Arguments: Returns:object (object[string: any<string, array[string], set[string]>])the object to encode y (string)the URL-encoded serialization of | SDK-dependent |
yaml. |
Verifies the input string is a valid YAML document. Arguments: Returns:x (string)a YAML string result (boolean)
| v0.25.0-rc1 SDK-dependent |
yaml. |
Serializes the input term to YAML. Arguments: Returns:x (any)the term to serialize y (string)the YAML string representation of | SDK-dependent |
yaml. |
Deserializes the input string. Arguments: Returns:x (string)a YAML string y (any)the term deserialized from | SDK-dependent |
The json.marshal_with_options builtin's opts parameter accepts the following properties:
| Field | Required | Type | Default | Description |
|---|---|---|---|---|
pretty | No | bool | true if indent or prefix are declared, false otherwise | Enables multi-line, human-readable JSON output ("pretty-printing"). If this property is true, then objects will be marshaled into multi-line JSON with either user-specified or default indent/prefix options. If this property is false, indent/prefix will be ignored and this builtin functions identically to json.marshal(). |
indent | No | string | "\t" (Horizontal tab, character 0x09) | The string to use when indenting nested keys in the emitted JSON. One or more copies of this string will be included before child elements in every object or array. |
prefix | No | string | "" (empty) | The string to prefix lines with in the emitted JSON. One copy of this string will be prepended to each line. |
Default values will be used if:
optsis an empty object.optsdoes not contain the named property.
Examples
OPA Envoy Header Manipulation
This example shows how base64.encode acts as a utility function to bridge communication between client and server when they don't speak the same language.
Suppose that some legacy client sends credentials in custom headers (x-username, x-password), but the downstream service expects HTTP Basic Authentication. This example policy uses the base64 function to deliver this transparently to the downstream caller.
This might be useful in an API gateway where you need to adapt between different authentication schemes without the option of editing clients and downstream servers.
package envoy.authz
# Extract credentials from request header
headers := input.attributes.request.http.headers
username := headers["x-username"]
password := headers["x-password"]
# Default deny - only allow if credentials are provided
default allow := false
allow if {
username != ""
password != ""
}
# Add Authorization header to downstream request using base64 encoding
response_headers_to_add := {
"Authorization": sprintf(
"Basic %s", [
base64.encode(sprintf(
"%s:%s", [username, password])
)
]
)
}
{
"attributes": {
"request": {
"http": {
"headers": {
"x-username": "alice",
"x-password": "secret123"
}
}
}
}
}
"{}"