This is an automated email from the ASF dual-hosted git repository.
ashishtiwari pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 742fc4391 fix: redact encrypted fields from error log (#12629)
742fc4391 is described below
commit 742fc4391bb78234608d86fe50460f83d861694c
Author: Ashish Tiwari <[email protected]>
AuthorDate: Tue Sep 30 15:32:38 2025 +0530
fix: redact encrypted fields from error log (#12629)
---
apisix/admin/resource.lua | 2 --
apisix/balancer.lua | 2 --
apisix/consumer.lua | 2 --
apisix/core/config_etcd.lua | 28 +++++++++++++---------------
apisix/init.lua | 9 +++++++--
apisix/plugin.lua | 5 +----
apisix/plugins/basic-auth.lua | 8 --------
apisix/plugins/hmac-auth.lua | 5 +----
apisix/plugins/jwe-decrypt.lua | 3 ---
apisix/plugins/jwt-auth.lua | 3 ---
apisix/plugins/key-auth.lua | 3 ---
apisix/router.lua | 3 ---
t/cli/test_etcd_sync_event_handle.sh | 2 +-
t/plugin/basic-auth.t | 18 ++++++++++++++++++
t/plugin/hmac-auth.t | 22 ++++++++++++++++++++--
t/plugin/jwe-decrypt.t | 36 ++++++++++++++++++++++++++++++++++++
t/plugin/key-auth.t | 30 ++++++++++++++++++++++++++++++
17 files changed, 127 insertions(+), 54 deletions(-)
diff --git a/apisix/admin/resource.lua b/apisix/admin/resource.lua
index cb4822ed7..f02f91b66 100644
--- a/apisix/admin/resource.lua
+++ b/apisix/admin/resource.lua
@@ -117,8 +117,6 @@ function _M:check_conf(id, conf, need_id, typ, allow_time)
end
end
- core.log.info("conf : ", core.json.delay_encode(conf))
-
-- check the resource own rules
if self.name ~= "secrets" then
core.log.info("schema: ", core.json.delay_encode(self.schema))
diff --git a/apisix/balancer.lua b/apisix/balancer.lua
index 6e3675e54..ffb797307 100644
--- a/apisix/balancer.lua
+++ b/apisix/balancer.lua
@@ -193,8 +193,6 @@ end
-- 1. in the access phase so that we can set headers according to the picked
server
-- 2. each time we need to retry upstream
local function pick_server(route, ctx)
- core.log.info("route: ", core.json.delay_encode(route, true))
- core.log.info("ctx: ", core.json.delay_encode(ctx, true))
local up_conf = ctx.upstream_conf
for _, node in ipairs(up_conf.nodes) do
diff --git a/apisix/consumer.lua b/apisix/consumer.lua
index 97b4c999f..29913a6f4 100644
--- a/apisix/consumer.lua
+++ b/apisix/consumer.lua
@@ -178,7 +178,6 @@ function plugin_consumer()
plugins[name].len = plugins[name].len + 1
core.table.insert(plugins[name].nodes, plugins[name].len,
consumer)
- core.log.info("consumer:", core.json.delay_encode(consumer))
end
end
@@ -248,7 +247,6 @@ function create_consume_cache(consumers_conf, key_attr)
local consumer_names = {}
for _, consumer in ipairs(consumers_conf.nodes) do
- core.log.info("consumer node: ", core.json.delay_encode(consumer))
local new_consumer = consumer_lrucache(consumer, nil,
fill_consumer_secret, consumer)
consumer_names[new_consumer.auth_conf[key_attr]] = new_consumer
diff --git a/apisix/core/config_etcd.lua b/apisix/core/config_etcd.lua
index eca62bdd2..a91199edd 100644
--- a/apisix/core/config_etcd.lua
+++ b/apisix/core/config_etcd.lua
@@ -28,10 +28,7 @@ local etcd_apisix = require("apisix.core.etcd")
local core_str = require("apisix.core.string")
local new_tab = require("table.new")
local inspect = require("inspect")
-local errlog = require("ngx.errlog")
local process = require("ngx.process")
-local log_level = errlog.get_sys_filter_level()
-local NGX_INFO = ngx.INFO
local check_schema = require("apisix.core.schema").check
local exiting = ngx.worker.exiting
local worker_id = ngx.worker.id
@@ -121,9 +118,6 @@ end
-- append res to the queue and notify pending watchers
local function produce_res(res, err)
- if log_level >= NGX_INFO then
- log.info("append res: ", inspect(res), ", err: ", inspect(err))
- end
insert_tab(watch_ctx.res, {res=res, err=err})
for _, sema in pairs(watch_ctx.sema) do
sema:post()
@@ -215,10 +209,6 @@ local function do_run_watch(premature)
::watch_event::
while true do
local res, err = res_func()
- if log_level >= NGX_INFO then
- log.info("res_func: ", inspect(res))
- end
-
if not res then
if err ~= "closed" and
err ~= "timeout" and
@@ -463,9 +453,6 @@ local function http_waitdir(self, etcd_cli, key,
modified_index, timeout)
end
if res2 then
- if log_level >= NGX_INFO then
- log.info("http_waitdir: ", inspect(res2))
- end
return res2
end
end
@@ -494,6 +481,16 @@ local function http_waitdir(self, etcd_cli, key,
modified_index, timeout)
end
+local function is_bulk_operation(dir_res)
+ if not dir_res or not dir_res.body or not dir_res.body.node then
+ return false
+ end
+ if #dir_res.body.node > 1 then
+ return true
+ end
+ return false
+end
+
local function waitdir(self)
local etcd_cli = self.etcd_cli
local key = self.key
@@ -698,8 +695,9 @@ local function sync_data(self)
local dir_res, err = waitdir(self)
log.info("waitdir key: ", self.key, " prev_index: ", self.prev_index + 1)
- log.info("res: ", json.delay_encode(dir_res, true), ", err: ", err)
-
+ if is_bulk_operation(dir_res) then
+ log.info("etcd events sent in bulk")
+ end
if not dir_res then
if err == "compacted" or err == "restarted" then
self.need_reload = true
diff --git a/apisix/init.lua b/apisix/init.lua
index c54222f13..430572e27 100644
--- a/apisix/init.lua
+++ b/apisix/init.lua
@@ -60,7 +60,8 @@ local str_sub = string.sub
local tonumber = tonumber
local type = type
local pairs = pairs
-local tostring = tostring
+local tostring = tostring
+local pcall = pcall
local ngx_re_match = ngx.re.match
local control_api_router
@@ -266,8 +267,12 @@ local function parse_domain_in_route(route)
route.value.upstream.nodes = new_nodes
resource.set_nodes_ver_and_nodes(route.value.upstream.resource_key,
nodes_ver, new_nodes)
+ -- remove plugin before logging to avoid logging sensitive info
+ local route_log = core.table.deepcopy(route)
+ route_log.value.plugins = nil
+ route_log.value.auth_conf = nil
core.log.info("parse route which contain domain: ",
- core.json.delay_encode(route, true))
+ core.json.delay_encode(route_log, true))
return route
end
diff --git a/apisix/plugin.lua b/apisix/plugin.lua
index 2e10c0055..a01bdfd18 100644
--- a/apisix/plugin.lua
+++ b/apisix/plugin.lua
@@ -722,6 +722,7 @@ local function merge_consumer_route(route_conf,
consumer_conf, consumer_group_co
end
end
+
for name, conf in pairs(consumer_conf.plugins) do
if not new_route_conf.value.plugins then
new_route_conf.value.plugins = {}
@@ -733,14 +734,12 @@ local function merge_consumer_route(route_conf,
consumer_conf, consumer_group_co
new_route_conf.value.plugins[name] = conf
end
- core.log.info("merged conf : ", core.json.delay_encode(new_route_conf))
return new_route_conf
end
function _M.merge_consumer_route(route_conf, consumer_conf,
consumer_group_conf, api_ctx)
core.log.info("route conf: ", core.json.delay_encode(route_conf))
- core.log.info("consumer conf: ", core.json.delay_encode(consumer_conf))
core.log.info("consumer group conf: ",
core.json.delay_encode(consumer_group_conf))
local flag = route_conf.value.id .. "#" .. route_conf.modifiedIndex
@@ -885,8 +884,6 @@ end
local function check_single_plugin_schema(name, plugin_conf, schema_type,
skip_disabled_plugin)
- core.log.info("check plugin schema, name: ", name, ", configurations: ",
- core.json.delay_encode(plugin_conf, true))
if type(plugin_conf) ~= "table" then
return false, "invalid plugin conf " ..
core.json.encode(plugin_conf, true) ..
diff --git a/apisix/plugins/basic-auth.lua b/apisix/plugins/basic-auth.lua
index 8b721b4b3..752ea8133 100644
--- a/apisix/plugins/basic-auth.lua
+++ b/apisix/plugins/basic-auth.lua
@@ -107,9 +107,6 @@ local function extract_auth_header(authorization)
obj.username = ngx.re.gsub(res[1], "\\s+", "", "jo")
obj.password = ngx.re.gsub(res[2], "\\s+", "", "jo")
- core.log.info("plugin access phase, authorization: ",
- obj.username, ": ", obj.password)
-
return obj, nil
end
@@ -160,8 +157,6 @@ end
function _M.rewrite(conf, ctx)
- core.log.info("plugin access phase, conf: ", core.json.delay_encode(conf))
-
local cur_consumer, consumer_conf, err = find_consumer(ctx)
if not cur_consumer then
if not conf.anonymous_consumer then
@@ -174,9 +169,6 @@ function _M.rewrite(conf, ctx)
return 401, { message = "Invalid user authorization" }
end
end
-
- core.log.info("consumer: ", core.json.delay_encode(cur_consumer))
-
if conf.hide_credentials then
core.request.set_header(ctx, "Authorization", nil)
end
diff --git a/apisix/plugins/hmac-auth.lua b/apisix/plugins/hmac-auth.lua
index 30e8db071..60eca605e 100644
--- a/apisix/plugins/hmac-auth.lua
+++ b/apisix/plugins/hmac-auth.lua
@@ -111,8 +111,6 @@ end
function _M.check_schema(conf, schema_type)
- core.log.info("input conf: ", core.json.delay_encode(conf))
-
if schema_type == core.schema.TYPE_CONSUMER then
return core.schema.check(consumer_schema, conf)
else
@@ -121,6 +119,7 @@ function _M.check_schema(conf, schema_type)
end
+
local function get_consumer(key_id)
if not key_id then
return nil, "missing key_id"
@@ -130,8 +129,6 @@ local function get_consumer(key_id)
if not cur_consumer then
return nil, err or "Invalid key_id"
end
- core.log.info("consumer: ", core.json.delay_encode(consumer, true))
-
return cur_consumer
end
diff --git a/apisix/plugins/jwe-decrypt.lua b/apisix/plugins/jwe-decrypt.lua
index b0d1e16f6..1ecef6795 100644
--- a/apisix/plugins/jwe-decrypt.lua
+++ b/apisix/plugins/jwe-decrypt.lua
@@ -174,7 +174,6 @@ local function get_consumer(key)
if not consumers then
return nil
end
- core.log.info("consumers: ", core.json.delay_encode(consumers))
return consumers[key]
end
@@ -239,8 +238,6 @@ local function gen_token()
return core.response.exit(404)
end
- core.log.info("consumer: ", core.json.delay_encode(consumer))
-
local iv = args.iv
if not iv then
-- TODO: random bytes
diff --git a/apisix/plugins/jwt-auth.lua b/apisix/plugins/jwt-auth.lua
index 5b838d91e..197efc5fa 100644
--- a/apisix/plugins/jwt-auth.lua
+++ b/apisix/plugins/jwt-auth.lua
@@ -129,8 +129,6 @@ local _M = {
function _M.check_schema(conf, schema_type)
- core.log.info("input conf: ", core.json.delay_encode(conf))
-
local ok, err
if schema_type == core.schema.TYPE_CONSUMER then
ok, err = core.schema.check(consumer_schema, conf)
@@ -272,7 +270,6 @@ local function find_consumer(conf, ctx)
core.log.warn("failed to find consumer: ", err or "invalid user key")
return nil, nil, "Invalid user key in JWT token"
end
- core.log.info("consumer: ", core.json.delay_encode(consumer))
local auth_secret, err = get_auth_secret(consumer.auth_conf)
if not auth_secret then
diff --git a/apisix/plugins/key-auth.lua b/apisix/plugins/key-auth.lua
index 539a48999..7bef9f83c 100644
--- a/apisix/plugins/key-auth.lua
+++ b/apisix/plugins/key-auth.lua
@@ -85,7 +85,6 @@ local function find_consumer(ctx, conf)
core.log.warn("failed to find consumer: ", err or "invalid api key")
return nil, nil, "Invalid API key in request"
end
- core.log.info("consumer: ", core.json.delay_encode(consumer))
if conf.hide_credentials then
if from_header then
@@ -114,8 +113,6 @@ function _M.rewrite(conf, ctx)
return 401, { message = "Invalid user authorization"}
end
end
-
- core.log.info("consumer: ", core.json.delay_encode(consumer))
consumer_mod.attach_consumer(ctx, consumer, consumer_conf)
core.log.info("hit key-auth rewrite")
end
diff --git a/apisix/router.lua b/apisix/router.lua
index 19244da32..82270d1dd 100644
--- a/apisix/router.lua
+++ b/apisix/router.lua
@@ -22,7 +22,6 @@ local set_plugins_meta_parent =
require("apisix.plugin").set_plugins_meta_parent
local str_lower = string.lower
local ipairs = ipairs
-
local _M = {version = 0.3}
@@ -45,8 +44,6 @@ local function filter(route)
end
apisix_upstream.filter_upstream(route.value.upstream, route)
-
- core.log.info("filter route: ", core.json.delay_encode(route, true))
end
diff --git a/t/cli/test_etcd_sync_event_handle.sh
b/t/cli/test_etcd_sync_event_handle.sh
index f448b2b7f..a348b52b7 100755
--- a/t/cli/test_etcd_sync_event_handle.sh
+++ b/t/cli/test_etcd_sync_event_handle.sh
@@ -127,7 +127,7 @@ cat logs/error.log | grep "watchdir err: has no healthy
etcd endpoint available"
## }
## }
## After check, it only appears when watch recovers and returns events in bulk.
-cat logs/error.log | grep "}, {" || (echo "failed: Log case 2 unexpected";
exit 1)
+cat logs/error.log | grep "etcd events sent in bulk" || (echo "failed: Log
case 2 unexpected"; exit 1)
## Case3: Ensure that the check schema error is actually triggered.
cat logs/error.log | grep "failed to check item data" || (echo "failed: Log
case 3 unexpected"; exit 1)
diff --git a/t/plugin/basic-auth.t b/t/plugin/basic-auth.t
index db6201654..fc85f2476 100644
--- a/t/plugin/basic-auth.t
+++ b/t/plugin/basic-auth.t
@@ -46,6 +46,8 @@ __DATA__
GET /t
--- response_body
done
+--- no_error_log
+"bar"
@@ -68,6 +70,8 @@ GET /t
--- response_body
property "username" validation failed: wrong type: expected string, got number
done
+--- no_error_log
+"bar"
@@ -98,6 +102,8 @@ done
GET /t
--- response_body
passed
+--- no_error_log
+"bar"
@@ -220,6 +226,8 @@ Authorization: Basic Zm9vOmJhcg==
hello world
--- error_log
find consumer foo
+--- no_error_log
+"bar"
@@ -400,6 +408,8 @@ GET /t
GET /t
--- response_body
passed
+--- no_error_log
+"bar"
@@ -410,6 +420,8 @@ GET /echo
Authorization: Basic Zm9vOmJhcg==
--- response_headers
!Authorization
+--- no_error_log
+"bar"
@@ -446,6 +458,8 @@ Authorization: Basic Zm9vOmJhcg==
GET /t
--- response_body
passed
+--- no_error_log
+"bar"
@@ -456,6 +470,8 @@ GET /echo
Authorization: Basic Zm9vOmJhcg==
--- response_headers
Authorization: Basic Zm9vOmJhcg==
+--- no_error_log
+"bar"
@@ -666,6 +682,8 @@ Authorization: basic Zm9vOmJhcg==
hello world
--- error_log
find consumer foo
+--- no_error_log
+"bar"
diff --git a/t/plugin/hmac-auth.t b/t/plugin/hmac-auth.t
index 68029b382..9ed157887 100644
--- a/t/plugin/hmac-auth.t
+++ b/t/plugin/hmac-auth.t
@@ -52,6 +52,8 @@ __DATA__
GET /t
--- response_body
passed
+--- no_error_log
+my-secret-key
@@ -362,6 +364,8 @@ location /t {
GET /t
--- response_body
passed
+--- no_error_log
+my-secret-key
@@ -410,8 +414,6 @@ qr/.*failed to check the configuration of plugin hmac-auth
err.*/
[[{
"plugins": {
"hmac-auth": {
- "key_id": "my-access-key3",
- "secret_key": "my-secret-key3",
"clock_skew": 1000000000000
}
},
@@ -553,6 +555,8 @@ qr/{"message":"client request can't be validated"}/
qr/client request can't be validated: [^,]+/
--- grep_error_log_out
client request can't be validated: Clock skew exceeded
+--- no_error_log
+my-secret-key
@@ -643,6 +647,8 @@ location /t {
GET /t
--- response_body
passed
+--- no_error_log
+my-secret-key
@@ -731,6 +737,8 @@ qr/{"message":"client request can't be validated"}/
qr/client request can't be validated: [^,]+/
--- grep_error_log_out
client request can't be validated: expected header "x-custom-header-b" missing
in signing
+--- no_error_log
+my-secret-key
@@ -783,6 +791,8 @@ location /t {
GET /t
--- response_body
passed
+--- no_error_log
+my-secret-key
@@ -931,6 +941,8 @@ location /t {
GET /t
--- response_body
passed
+--- no_error_log
+my-secret-key
@@ -1023,6 +1035,8 @@ qr/client request can't be validated/
qr/client request can't be validated: [^,]+/
--- grep_error_log_out
client request can't be validated: Invalid signature
+--- no_error_log
+my-secret-key
@@ -1079,6 +1093,8 @@ qr/client request can't be validated/
qr/client request can't be validated: [^,]+/
--- grep_error_log_out
client request can't be validated: Invalid signature
+--- no_error_log
+my-secret-key
@@ -1172,3 +1188,5 @@ qr/client request can't be validated/
qr/client request can't be validated: [^,]+/
--- grep_error_log_out
client request can't be validated: Invalid algorithm
+--- no_error_log
+my-secret-key
diff --git a/t/plugin/jwe-decrypt.t b/t/plugin/jwe-decrypt.t
index af2af3291..1574ca7f4 100644
--- a/t/plugin/jwe-decrypt.t
+++ b/t/plugin/jwe-decrypt.t
@@ -51,6 +51,8 @@ __DATA__
}
--- response_body_like eval
qr/{"key":"123","secret":"[a-zA-Z0-9+\\\/]+={0,2}"}/
+--- no_error_log
+12345678901234567890123456789012
@@ -71,6 +73,8 @@ qr/{"key":"123","secret":"[a-zA-Z0-9+\\\/]+={0,2}"}/
--- response_body
property "key" validation failed: wrong type: expected string, got number
done
+--- no_error_log
+12345678901234567890123456789012
@@ -91,6 +95,8 @@ done
--- response_body
property "secret" validation failed: wrong type: expected string, got number
done
+--- no_error_log
+12345678901234567890123456789012
@@ -115,6 +121,8 @@ apisix:
--- response_body
the secret length should be 32 chars
done
+--- no_error_log
+123456789012345678901234567890123
@@ -139,6 +147,8 @@ apisix:
--- response_body
the secret length after base64 decode should be 32 chars
done
+--- no_error_log
+YWJjZGVmZ2hpamtsbW5vcHFyc3R1dnd4eXphYmNkZWZn
@@ -168,6 +178,8 @@ done
}
--- response_body
passed
+--- no_error_log
+12345678901234567890123456789012
@@ -188,6 +200,8 @@ passed
--- response_body
XU29sA3FEVF68hGcdPo7sg==
f9pGB0Dt4gYNCLKiINPfVSviKjQs2zfkBCT4+XZ3mDABZkJTr0orzYRD5CptDKMc
+--- no_error_log
+12345678901234567890123456789012
@@ -223,6 +237,8 @@
f9pGB0Dt4gYNCLKiINPfVSviKjQs2zfkBCT4+XZ3mDABZkJTr0orzYRD5CptDKMc
}
--- response_body
passed
+--- no_error_log
+12345678901234567890123456789012
@@ -249,6 +265,8 @@ passed
}
--- response_body
passed
+--- no_error_log
+12345678901234567890123456789012
@@ -279,6 +297,8 @@ passed
}
--- response_body
hello world
+--- no_error_log
+12345678901234567890123456789012
@@ -397,6 +417,8 @@ code: true body: passed
code: true body: passed
code: true body: passed
code: true body: passed
+--- no_error_log
+12345678901234567890123456789012
@@ -427,6 +449,8 @@ code: true body: passed
}
--- response_body
passed
+--- no_error_log
+fo4XKdZ1xSrIZyms4q2BwPrW5lMpls9qqy5tiAk2esc=
@@ -461,6 +485,8 @@ passed
}
--- response_body
passed
+--- no_error_log
+fo4XKdZ1xSrIZyms4q2BwPrW5lMpls9qqy5tiAk2esc=
@@ -487,6 +513,8 @@ passed
}
--- response_body
passed
+--- no_error_log
+fo4XKdZ1xSrIZyms4q2BwPrW5lMpls9qqy5tiAk2esc=
@@ -519,6 +547,8 @@ passed
}
--- response_body
hello world
+--- no_error_log
+fo4XKdZ1xSrIZyms4q2BwPrW5lMpls9qqy5tiAk2esc=
@@ -529,6 +559,8 @@ GET /hello
Authorization: Bearer
eyJhbGciOiJkaXIiLCJraWQiOiJ1c2VyLWtleSIsImVuYyI6IkEyNTZHQ00ifQ..MTIzNDU2Nzg5MDEy._0DrWD0.vl-ydutnNuMpkYskwNqu-Q
--- response_body
hello world
+--- no_error_log
+fo4XKdZ1xSrIZyms4q2BwPrW5lMpls9qqy5tiAk2esc=
@@ -573,6 +605,8 @@ hello world
}
--- response_body
passed
+--- no_error_log
+fo4XKdZ1xSrIZyms4q2BwPrW5lMpls9qqy5tiAk2esc=
@@ -583,3 +617,5 @@ GET /headers
Authorization:
eyJhbGciOiJkaXIiLCJraWQiOiJ1c2VyLWtleSIsImVuYyI6IkEyNTZHQ00ifQ..MTIzNDU2Nzg5MDEy._0DrWD0.vl-ydutnNuMpkYskwNqu-Q
--- response_body_like
.*"Authorization": "hello".*
+--- no_error_log
+fo4XKdZ1xSrIZyms4q2BwPrW5lMpls9qqy5tiAk2esc=
diff --git a/t/plugin/key-auth.t b/t/plugin/key-auth.t
index 5c28e6bad..fa5b6e438 100644
--- a/t/plugin/key-auth.t
+++ b/t/plugin/key-auth.t
@@ -58,6 +58,8 @@ __DATA__
GET /t
--- response_body
done
+--- no_error_log
+test-key
@@ -110,6 +112,8 @@ done
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
@@ -144,6 +148,8 @@ passed
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
@@ -154,6 +160,8 @@ GET /hello
apikey: auth-one
--- response_body
hello world
+--- no_error_log
+auth-one
@@ -165,6 +173,8 @@ apikey: 123
--- error_code: 401
--- response_body
{"message":"Invalid API key in request"}
+--- no_error_log
+auth-one
@@ -207,6 +217,8 @@ GET /add_more_consumer
apikey: auth-13
--- response_body eval
["passed\n", "hello world\n"]
+--- no_error_log
+auth-one
@@ -271,6 +283,8 @@ GET /t
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
@@ -281,6 +295,8 @@ GET /hello
Authorization: auth-one
--- response_body
hello world
+--- no_error_log
+auth-one
@@ -317,6 +333,8 @@ hello world
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
@@ -361,6 +379,8 @@ hello world
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
@@ -371,6 +391,8 @@ GET /echo
apikey: auth-one
--- response_headers
apikey: auth-one
+--- no_error_log
+auth-one
@@ -407,6 +429,8 @@ apikey: auth-one
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
@@ -417,6 +441,8 @@ GET /echo
apikey: auth-one
--- response_headers
!apikey
+--- no_error_log
+auth-one
@@ -478,6 +504,8 @@ apikey: auth-one
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
@@ -544,6 +572,8 @@ auth: auth-one
GET /t
--- response_body
passed
+--- no_error_log
+auth-one
