Re: [PR] fix(forward-auth): extra_headers not resolving variable on $post_arg. [apisix]

Fri, 18 Jul 2025 01:43:27 -0700 


kayx23 commented on code in PR #12435:
URL: https://github.com/apache/apisix/pull/12435#discussion_r2215429554


##########
docs/en/latest/plugins/forward-auth.md:
##########
@@ -187,11 +187,12 @@ curl -X PUT 
'http://127.0.0.1:9180/apisix/admin/routes/auth' \
             "functions": [
                 "return function(conf, ctx)
                  local core = require(\"apisix.core\")
-                 if core.request.header(ctx, \"tenant_id\") then
+                 local tenant_id = core.request.header(ctx, \"tenant_id\")
+                 if tenant_id == \"123\" then
                      core.response.set_header(\"X-User-ID\", \"i-am-an-user\");

Review Comment:
   Maybe remove this line to erase any confusion? Since users will not actually 
observe this response header in this example.



##########
docs/en/latest/plugins/forward-auth.md:
##########
@@ -173,7 +173,7 @@ Location: http://example.com/auth
 When the decision is to be made on the basis of POST body, then it is 
recommended to use `$post_arg.*` with `extra_headers` field and make the 
decision on Authorization service on basis of headers rather than using POST 
`request_method` to pass the entire request body to Authorization service.
 :::
 
-Create a serverless function on the `/auth` route that checks for the presence 
of the `tenant_id` header. If present, the route responds with HTTP 200 and 
sets the `X-User-ID` header to a fixed value `i-am-an-user`. If `tenant_id` is 
missing, it returns HTTP 400 with an error message.
+Create a serverless function on the `/auth` route that checks for the presence 
of the `tenant_id` header and confirms its value. If present, the route 
responds with HTTP 200 and sets the `X-User-ID` header to a fixed value 
`i-am-an-user`. If `tenant_id` is missing, it returns HTTP 400 with an error 
message.

Review Comment:
   If the above is change, this paragraph should be updated as:
   
   ```suggestion
   Create a serverless function on the `/auth` route that checks for the 
presence of the `tenant_id` header and confirms its value. If present, the 
route responds with HTTP 200.. If `tenant_id` is missing, it returns HTTP 400 
with an error message.
   ```



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to