-
Notifications
You must be signed in to change notification settings - Fork 4.8k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
feat(jwt) add jwt token to ngx.ctx #2988
Conversation
Thanks for sending this PR. Could you add some specs to test that the code works as intended? |
Sure, tomorrow I will add some test
Il gio 26 ott 2017 18:25 Enrique García Cota <[email protected]> ha
scritto:
… Thanks for sending this PR. Do you think you could add some specs to test
that the code works as intended?
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#2988 (comment)>, or mute
the thread
<https://github.com/notifications/unsubscribe-auth/AFY4OKKHPtpdb7aYtU7g304mbaybUhMpks5swLJ7gaJpZM4QH1QN>
.
|
I just took a look to existing tests of jwt plugin but there is no test for variables added to The only way I can think for test this situation is to add a fake plugin that reads values from Anyway I think this is more a test for the What do you think? |
I don't think we should be merging this. I get the idea, but this is not the right moment. The planned plugin api should take all this "runloop" logic out of the plugins, as the plugins sole responsibility is authenticating. Updating the request itself is a Kong-core responsibility. Besides that we will probably provide another mechanism for some inter-plugin comms, so introducing this now, and building dependencies on top of it would only lead to breaking them later. @thibaultcha thoughts? |
Yes, if there is a bigger plan for a better inter-plugin communication I agree that populating directly the context is not a good thing. Also, since it is a very small change, I can live a personal fork of kong with this modification applied until the plugin api will allow it in a different way. My only last suggestion is the following. Maybe you can merge this but writing somewhere (directly on the code or in the documentation) a warning about using it. Something like Use it at your own risk, it will be changed soon. This warning should be added also to existing plugin interactions like setting the |
I think it would be ok to accept this (minor change), especially considering it is synchronized with #2810 thanks to @albertored 's efforts on communicating with @ikogan. Plugins already store other kind of values in I'd be in favor of merging this, and, as always, all of our current API around plugins development (especially |
Hi, any news on this? |
feat(jwt) add jwt token to ngx.ctx #2988
@albertored @ikogan I still am in favor of merging this PR and #2818, granted that they follow the same approach and eventually provide tests for this feature. (Updating one of the plugins under |
In this way subsequent plugins can do things with the token (specific payload validation, check for revocation, etc..) without having to obtain it from the request.
9308915
to
f456cc9
Compare
@thibaultcha @ikogan PR rebased and tests added I have added a custom plugin for checking values in |
It adds an header with the value of ngx.ctx present in the configured key
ae5509c
to
56df78c
Compare
Sorry about how long it's taken me to respond, I had to get my Kong development environment working again. I'm a little confused by the addition of @albertored's custom plugin. Is the purpose to allow for a universal header to be set based on the presence of a field in the context? What if you want to set more than one header? Does it's usefulness extend beyond the unit tests? Since I don't have this custom plugin, I'll have to rebase around your branch or implement my own logic in the tests. If we find that this additional plugin is useful, I'll go ahead and rebase. |
Yes, the idea is exactly that. If in future (or now) we think it can be useful to extend it to handle more than one context field we can do it. For what regards your PR I think you should wait for this to be merged, rebase and use the same plugin for your tests. All this clearly apply only if no one has other suggestion to improve/change the way the feature is tested. |
Sounds good to me, I'll wait for this to be merged. |
This way subsequent plugins can do things with the token (specific payload validation, check for revocation, etc..) without having to obtain it from the request. From #2988 Signed-off-by: Thibault Charbonnier <[email protected]>
Merged and pushed to |
Summary
In this way subsequent plugins can do things with the token
(specific payload validation, check for revocation, etc..) without
having to obtain it from the request.