starsz commented on code in PR #11089: URL: https://github.com/apache/apisix/pull/11089#discussion_r1557448300
########## t/plugin/openid-connect5.t: ########## @@ -138,3 +138,77 @@ __DATA__ } --- response_body_like hello world + + + +=== TEST 2: Call to route with locking session storage, no authentication and unauth_action 'deny' should not block subsequent requests on same session +--- config + set $session_storage redis; + set $session_redis_uselocking on; + + location /t { + content_by_lua_block { + local t = require("lib.test_admin").test + local http = require "resty.http" + local login_keycloak = require("lib.keycloak").login_keycloak + local concatenate_cookies = require("lib.keycloak").concatenate_cookies + + local code, body = t('/apisix/admin/routes/1', + ngx.HTTP_PUT, + [[{ + "plugins": { + "openid-connect": { + "discovery": "http://127.0.0.1:8080/realms/University/.well-known/openid-configuration", + "realm": "University", + "client_id": "course_management", + "client_secret": "d1ec69e9-55d2-4109-a3ea-befa071579d5", + "redirect_uri": "http://127.0.0.1:]] .. ngx.var.server_port .. [[/authenticated", + "ssl_verify": false, + "unauth_action": "deny" + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/*" + }]] + ) + + local uri = "http://127.0.0.1:" .. ngx.var.server_port .. "/hello" + + -- Make the final call to protected route WITHOUT cookie + local httpc = http.new() + local res, err = httpc:request_uri(uri, {method = "GET"}) + + -- Extract cookie which is not authenticated + local cookie_str = concatenate_cookies(res.headers['Set-Cookie']) + + -- Make the call to protected route cookie + local function firstRequest() + local httpc = http.new() + httpc:request_uri(uri, { + method = "GET", + headers = { + ["Cookie"] = cookie_str + } + }) + end + ngx.thread.spawn(firstRequest) Review Comment: How can you ensure that the first request is arrived before the second one? I think maybe you can give a return value of the `firstRequest` function , and use `ngx.thread.wait` to get the return value. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org