mikyll commented on issue #11435: URL: https://github.com/apache/apisix/issues/11435#issuecomment-2250262313
This also happens with `jwt-auth`. ### Examples 1. `multi-auth` with `jwt-auth` default values: ```bash curl -s -X PUT "http://127.0.0.1:9180/apisix/admin/routes/5" -d ' { "uris": [ "/httpbin/test/multi-auth/test3/*" ], "upstream": { "type": "roundrobin", "nodes": { "httpbin.org:80": 1 } }, "plugins": { "proxy-rewrite": { "regex_uri": [ "^/httpbin/test/multi-auth/test3/(.*)", "/get" ], "method": "GET" }, "multi-auth":{ "auth_plugins":[ { "basic-auth": {} }, { "key-auth": { "hide_credentials":true, "header":"apikey" } }, { "jwt-auth": { "hide_credentials":true } } ] } } } ' ``` test: ```bash curl -s -i "http://localhost:9080/httpbin/test/multi-auth/test3/" # This gives 500 Internal Server Error (see log message below) ``` log message: ```lang-none 2024/07/25 12:55:15 [error] 849#849: *736191 lua entry thread aborted: runtime error: /usr/local/openresty/lualib/resty/core/request.lua:118: bad argument #1 to 'lower' (string expected, got nil) stack traceback: coroutine 0: [C]: in function 'lower' /usr/local/openresty/lualib/resty/core/request.lua:118: in function '__index' /home/apisix/apisix_src/apisix/core/request.lua:110: in function 'header' ...c/apisix/plugins/scm/builtin/apisix/plugins/jwt-auth.lua:182: in function 'fetch_jwt_token' ...c/apisix/plugins/scm/builtin/apisix/plugins/jwt-auth.lua:338: in function 'rewrite' /home/apisix/apisix_src/apisix/plugins/multi-auth.lua:71: in function 'phase_func' /home/apisix/apisix_src/apisix/plugin.lua:1155: in function 'run_plugin' /home/apisix/apisix_src/apisix/init.lua:696: in function 'http_access_phase' access_by_lua(nginx.conf:319):2: in main chunk, client: ::1, server: _, request: "GET /httpbin/test/multi-auth/test3/ HTTP/1.1", host: "localhost:9080" ``` 2. `multi-auth` with `jwt-auth` and custom value for `conf.header`: ```bash curl -s -X PUT "http://127.0.0.1:9180/apisix/admin/routes/6" -d ' { "uris": [ "/httpbin/test/multi-auth/test4/*" ], "upstream": { "type": "roundrobin", "nodes": { "httpbin.org:80": 1 } }, "plugins": { "proxy-rewrite": { "regex_uri": [ "^/httpbin/test/multi-auth/test4/(.*)", "/get" ], "method": "GET" }, "multi-auth":{ "auth_plugins":[ { "basic-auth": {} }, { "key-auth": { "hide_credentials":true, "header":"apikey" } }, { "jwt-auth": { "hide_credentials":true, "header":"jwt" } } ] } } } ' ``` test: ```bash curl -s -i "http://localhost:9080/httpbin/test/multi-auth/test4/" # This gives 500 Internal Server Error (see log message below) ``` log message: ```lang-none 2024/07/25 12:55:17 [error] 843#843: *736393 lua entry thread aborted: runtime error: ...c/apisix/plugins/scm/builtin/apisix/plugins/jwt-auth.lua:208: attempt to concatenate field 'cookie' (a nil valu e) stack traceback: coroutine 0: ...c/apisix/plugins/scm/builtin/apisix/plugins/jwt-auth.lua: in function 'fetch_jwt_token' ...c/apisix/plugins/scm/builtin/apisix/plugins/jwt-auth.lua:338: in function 'rewrite' /home/apisix/apisix_src/apisix/plugins/multi-auth.lua:71: in function 'phase_func' /home/apisix/apisix_src/apisix/plugin.lua:1155: in function 'run_plugin' /home/apisix/apisix_src/apisix/init.lua:696: in function 'http_access_phase' access_by_lua(nginx.conf:319):2: in main chunk, client: ::1, server: _, request: "GET /httpbin/test/multi-auth/test4/ HTTP/1.1", host: "localhost:9080" ``` 3. `multi-auth` with `jwt-auth` and custom value for both `conf.header` and `conf.cookie`: ```bash curl -s -X PUT "http://127.0.0.1:9180/apisix/admin/routes/7" -d ' { "uris": [ "/httpbin/test/multi-auth/test5/*" ], "upstream": { "type": "roundrobin", "nodes": { "httpbin.org:80": 1 } }, "plugins": { "proxy-rewrite": { "regex_uri": [ "^/httpbin/test/multi-auth/test5/(.*)", "/get" ], "method": "GET" }, "multi-auth":{ "auth_plugins":[ { "basic-auth": {} }, { "key-auth": { "hide_credentials":true, "header":"apikey" } }, { "jwt-auth": { "hide_credentials":true, "header":"jwt", "cookie":"jwt" } } ] } } } ' ``` test: ```bash curl -s -i "http://localhost:9080/httpbin/test/multi-auth/test5/" # This works ``` -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org