jwt auth plugin support customize err msg

[malinshadow]

Description

Right now, we can see if jwt auth failed we can get a error msg {"message":"Missing JWT token in request"}
This tells us we use jwt auth. might be hacker can use the information to do something.
if we can customize the msg will be better to auth security. like consumer restriction plugin, i can use rejected_msg option to change the default msg.

thanks

[juzhiyuan]

Context: https://the-asf.slack.com/archives/CUC5MN17A/p1652978932198749

[spacewander]

"jwt-auth": {
  "_meta": {
    "rejected_msg": {
         "message":"Missing credential in request"
    }
  }
}

We can inject a common _meta with rejected_msg to the plugin.

[tokers]

"jwt-auth": {
  "_meta": {
    "rejected_msg": {
         "message":"Missing credential in request"
    }
  }
}

We can inject a common _meta with rejected_msg to the plugin.

So other auth plugins can also use the same way.

[tzssangglass]

"jwt-auth": {
  "_meta": {
    "rejected_msg": {
         "message":"Missing credential in request"
    }
  }
}

We can inject a common _meta with rejected_msg to the plugin.

I'd like to know where this technique is demonstrated, I can't find the relevant code to handle it.

[spacewander]

"jwt-auth": {
  "_meta": {
    "rejected_msg": {
         "message":"Missing credential in request"
    }
  }
}

We can inject a common _meta with rejected_msg to the plugin.

I'd like to know where this technique is demonstrated, I can't find the relevant code to handle it.

Err. It is just a plan in my mind yet.