On 08/04/2021 21:55, Aleksandar Lazic wrote:
> Hi.
>
> Attached the patch to add the json_string sample.
>
> In combination with the JWT patch is a pre-validation of a bearer token
> part possible.
>
> I have something like this in mind.
>
> http-request set-var(sess.json)
> req.hdr(Authorization),word(2,.),ub64dec,json_string('$.iss')
> http-request deny unless { var(sess.json) -m str
> 'kubernetes/serviceaccount' }
>
> Regards
> Aleks
Hi,
I have also thought about something similar.
However I am not sure using a third party library is encouraged because
it may make the code less portable. Also using a third party library by
directly importing its code may be hard to maintain later.
In the end I am wondering if it is not easier to handle json parsing via
a LUA module for example.
--
Moemen