shreemaan-abhishek commented on code in PR #11089: URL: https://github.com/apache/apisix/pull/11089#discussion_r1556967363
########## t/plugin/openid-connect5.t: ########## @@ -138,3 +138,77 @@ __DATA__ } --- response_body_like hello world + + + +=== TEST 2: Call to route with locking session storage, no authentication and unauth_action 'deny' should not block subsequent requests on same session +--- config + set $session_storage redis; + set $session_redis_uselocking on; + + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local http = require "resty.http" + local login_keycloak = require("lib.keycloak").login_keycloak + local concatenate_cookies = require("lib.keycloak").concatenate_cookies + + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "openid-connect": { + "discovery": "http://127.0.0.1:8080/realms/University/.well-known/openid-configuration", + "realm": "University", + "client_id": "course_management", + "client_secret": "d1ec69e9-55d2-4109-a3ea-befa071579d5", + "redirect_uri": "http://127.0.0.1:]] .. ngx.var.server_port .. [[/authenticated", + "ssl_verify": false, + "unauth_action": "deny" + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/*" + }]] + ) + + local uri = "http://127.0.0.1:" .. ngx.var.server_port .. "/hello" + + -- Make the final call to protected route WITHOUT cookie + local httpc = http.new() + local res, err = httpc:request_uri(uri, {method = "GET"}) + + -- Extract cookie which is not authenticated + local cookie_str = concatenate_cookies(res.headers['Set-Cookie']) Review Comment: okay my bad, I think the request will first be redirected to /authenticate -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org