You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
I'm trying to config microgateway to accept a third party JWT via plugin extauth.
The request passes extauth plugin without issue but fails in oauth plugin with 403 error below:
plugin:extauth plugin onrequest +17s
plugin:extauth Found jwt kid: thejwtkid +1ms
plugin:extauth Found JWK +0ms
plugin:extauth JWT Expiry enabled +6ms
plugin:extauth JWT is valid +45ms
plugin:oauth validating jwt +0ms
plugin:oauth product only: false +23ms
plugin:oauth no api product list +0ms
plugin:oauth** auth failure 403 access_denied { host: 'host.domain.name',..}
What failed is the following check in oauth.checkIfAuthorized;
if (!decodedToken.api_product_list) {
debug('no api product list');
return false;
}
The oauth plugin is looking for api_product_list property in decoded JWT. Well, doesn't this defeat the purpose of using extauth plugin unless there is something wrong in my setup? That property won't exist in third party JWT.
Any suggestions?
Thanks
The text was updated successfully, but these errors were encountered:
I'm trying to config microgateway to accept a third party JWT via plugin extauth.
The request passes extauth plugin without issue but fails in oauth plugin with 403 error below:
What failed is the following check in oauth.checkIfAuthorized;
The oauth plugin is looking for api_product_list property in decoded JWT. Well, doesn't this defeat the purpose of using extauth plugin unless there is something wrong in my setup? That property won't exist in third party JWT.
Any suggestions?
Thanks
The text was updated successfully, but these errors were encountered: