1. Did you mean to put the consumer_name to the ctx in open-connect plugin? 2. Then we can limit by consumer_name in limit-* plugins.
*ZhengSong Tu* My GitHub: https://github.com/tzssangglass Apache APISIX: https://github.com/apache/apisix Joga, singh <[email protected]> 于2021年11月26日周五 上午12:26写道: > > Hi Guys, > I was advised on the discussions group to post my query here to see if > somebody has already similar in mind. > > I have my consumers already defined in Keycloak. Consumers get the token > using Client Credentials flow i.e. using ClientId and ClientSecret. Using > ‘openid-connect’ plugin I am able successfully authenticate/authorize the > consumers. However, I would like to implement rate limiting based on consumer > name, because due to some reason I cannot do it based on consumer ip address. > Therefore, I need a way to identify the consumer from the token. I know that > APISIX does not support this now. But I think with a small change in the > ‘openid-connect’ plugin, it should be possible to do, because the response > from ‘introspection_endpoint’ already contains the attributes (e.g. username, > clientId etc.) needed to identify the consumer. > > I think ‘ladp_auth’ plugin already does this. > > What do you think? Is it possible to do? Are there any challenges in it? > If yes, I would like to try my hands on this. Therefore, would need getting > started tips/hints for building, compiling and other related processes. > > Best Regards, > > Joga > > > Hyundai AutoEver Europe GmbH > Kaiserleistr. 8A, 63067 Offenbach a.M., Deutschland > Geschäftsführer/CEO: Jong-Il Yun Registergericht/registration court: > Amtsgericht Offenbach Registernummer/registration number: HRB 42684 > USt-IdNr./tax ID-no.: DE252841722
