Read Runner Authentication Token

Overview

The runner authentication token with a prefix of glrt- is sent via Private-Token. We need to read that header and check if it's:

1. prefixed with glrt
2. Is base64 encoded which we can decode

After reading it we need to get the payload information so that we can classify and route to the correct Cell, for example by cell_id

Rule design

{
  "match": [
    {
      "type": "header",
      "name": "private-token",
      "regex_value": "^glrt-(?<payload>\\w+)$"
    }
  ],
  "transform": [
    {
      "type": "base64-line-delimited",
      "input": "${payload}",
      "output": "decoded"
    }
  ],
  "action": "classify",
  "classify": {
    "type": "SESSION_PREFIX",
    "value": "cell-${decoded.c}"
  }
}