Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(jwt-auth): store JWT in the request context #11675

Open
wants to merge 7 commits into
base: master
Choose a base branch
from

Conversation

mikyll
Copy link
Contributor

@mikyll mikyll commented Oct 23, 2024

Description

The changes introduce a new parameter to jwt-auth plugin's route schema: store_in_ctx. If set to true (default is false) the plugin will store the validated JWT object in the request context.

This feature is useful especially for custom plugins. For example, my company is currently using a custom ACL plugin, based on Casbin (lua-casbin), that parses a JWT to extract permissions.

Therefore, I would say this feature is useful for at least for two reasons:

  • since the JWT can be removed from the request attributes (via hide_credential = true configuration), this provides another way to pass the token, without exposing it;
  • this prevents custom plugins from duplicated code (retrieve and parse JWT object), which jwt-auth plugin already does.

Fixes #11281

Checklist

  • I have explained the need for this PR and the problem it solves
  • I have explained the changes or the new features added to this PR
  • I have added tests corresponding to this change
  • I have updated the documentation to reflect this change
  • I have verified that this change is backward compatible (If not, please discuss on the APISIX mailing list first)

Fixes apache#11281

Signed-off-by: Michele Righi <righi.michy@gmail.com>
Add new test case (jwt-auth4.t) to test the correct behaviour of `store_in_ctx` config parameter

Signed-off-by: Michele Righi <righi.michy@gmail.com>
Added the new config parameter in jwt-auth docs

Signed-off-by: Michele Righi <righi.michy@gmail.com>
@mikyll mikyll marked this pull request as ready for review October 23, 2024 14:51
@dosubot dosubot bot added size:L This PR changes 100-499 lines, ignoring generated files. doc Documentation things enhancement New feature or request labels Oct 23, 2024
@mikyll

This comment was marked as outdated.

@mikyll mikyll changed the title feat(jwt-auth): parameter to store JWT in the request context feat(jwt-auth): store JWT in the request context Nov 11, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
doc Documentation things enhancement New feature or request size:L This PR changes 100-499 lines, ignoring generated files.
Projects
None yet
1 participant