grpc: add a call option to override the :authority header on a per-RPC basis

[easwars]

This is one of the items mentioned in #4717 which did not get done. The below description has been copied over verbatim from #4717. This is low priority and we want to implement this only if there is sufficient interest for it.

• Add a call option to override the :authority header on a per-RPC basis. client: Add CallOption for setting authority; allow even without WithInsecure #3444
  • An optional interface will be added, to be implemented by AuthInfo implementations, to validate this override.
    • Implementations will need to perform a hostname validation check on the peer certificate, received during the handshake, to validate this override.
    • RPCs will fail if this call option is set, but:
      • AuthInfo for the subChannel does not implement this interface
      • validation by AuthInfo fails
  • Existing TLS based credentials implementations will be enhanced to support this.
  • Existing xDS credentials implementation will be enhanced to support this.
    • Use list of SANs provided by management server to validate.
  • Insecure credentials will allow for any authority value.

[110y]

@easwars

I created a PR that adds a new CallOption for setting :authority per RPC: #5787
Could you please check this PR...?

[JaydenTeoh]

@easwars @ginayeh Happy to work on this issue if this is still of priority. If so, can I have some pointers on where to start next? I would also appreciate some clarity on what needs to be done. Thank you!

[arvindbr8]

Thanks for your interest @JaydenTeoh.
IMO, this issue requires some more clarification and might be easier for someone internal to pick this up. Sorry for the mislabel.

If you are still interested, please look for other issues marked "Status: Help Wanted" or "Hacktoberfest".