-
Notifications
You must be signed in to change notification settings - Fork 1
/
schema.lua
executable file
·146 lines (139 loc) · 4.6 KB
/
schema.lua
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
local typedefs = require "kong.db.schema.typedefs"
return {
name = "jwt-claims-advanced",
fields = {
{ protocols = typedefs.protocols_http },
{
config = {
type = "record",
fields = {
-- These 3 params 100% match the JWT plugin for how
-- the JWT is found in the incoming request, and used
-- from this plugin in the same way...
{
uri_param_names = {
type = "set",
elements = { type = "string" },
default = { "jwt" },
},
},
{
header_names = {
type = "set",
elements = { type = "string" },
default = { "authorization" },
},
},
{
cookie_names = {
type = "set",
elements = { type = "string" },
default = {}
},
},
-- These params are the new ones for this plugin...
{
continue_on_error = {
type = "boolean",
default = true
},
},
{
claims = {
type = "array",
default = {},
elements = {
type = "record",
fields = {
{
-- Path to the claim in the JWT payload
-- Example: custom.path.to.item
path = {
type = "string",
--required: true,
},
},
{
-- Example: X-MyHeader
output_header = {
type = "string",
},
},
-- This claim (array/table) must contain the value specified with the "contains" param
{
contains = {
type = "string",
},
},
-- This claim (array/table) must NOT contain the value specified with the "does_not_contain" param
{
does_not_contain = {
type = "string",
},
},
-- This claim (array/table) must contain at least ONE of the values specified with the "contains_one_of" param
{
contains_one_of = {
type = "array",
elements = {
type = "string",
},
default = {},
},
},
-- This claim (array/table) must NOT contain ANY of the values specified with the "contains_none_of" param
{
contains_none_of = {
type = "array",
elements = {
type = "string",
},
default = {},
},
},
-- This claim must match the value specified with the "equals" param
{
equals = {
type = "string",
},
},
-- This claim must NOT match the value specified with the "does_not_equal" param
{
does_not_equal = {
type = "string",
},
},
-- This claim must match at least ONE of the values specified with the "equals_one_of" param
{
equals_one_of = {
type = "array",
elements = {
type = "string",
},
default = {},
},
},
-- This claim must NOT match ANY of the values specified with the "equals_none_of" param
{
equals_none_of = {
type = "array",
elements = {
type = "string",
},
default = {},
},
},
},
entity_checks = {
{
at_least_one_of = { "output_header", "contains", "does_not_contain", "contains_one_of", "contains_none_of", "equals", "does_not_equal", "equals_one_of", "equals_none_of" },
},
},
},
},
},
},
},
},
}
}