[GitHub] [apisix] sangnguyen7 commented on issue #7661: bug: [Plugin] OpenID-Connect had an issue or not supported when using "use_jwks=true" and use "discovery" as the JWKS endpoint
sangnguyen7 commented on issue #7661: URL: https://github.com/apache/apisix/issues/7661#issuecomment-1215242674 @Hazel6869 Got it, thanks a lot. @tokers yes, I just saw it. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] sangnguyen7 commented on issue #7661: bug: [Plugin] OpenID-Connect had an issue or not supported when using "use_jwks=true" and use "discovery" as the JWKS endpoint
sangnguyen7 commented on issue #7661: URL: https://github.com/apache/apisix/issues/7661#issuecomment-1213649126 Here is the link to the code snippet that checks the jwks_uri in the "resty.openidc" package. https://github.com/zmartzone/lua-resty-openidc/blob/b07330120ffe54dd3fbeac247726b76d0f9dc793/lib/resty/openidc.lua#L893 ``` jwks, err = openidc_jwks(opts.discovery.jwks_uri, force, opts.ssl_verify, opts.keepalive, opts.timeout, opts.jwk_expires_in, opts.proxy_opts, ``` As above, it requires the "discovery" as an object which contains "jwks_uri" -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org
[GitHub] [apisix] sangnguyen7 commented on issue #7661: bug: [Plugin] OpenID-Connect had an issue or not supported when using "use_jwks=true" and use "discovery" as the JWKS endpoint
sangnguyen7 commented on issue #7661:
URL: https://github.com/apache/apisix/issues/7661#issuecomment-1213647274
@Hazel6869 Thanks for your comment. Sorry, I did not know that I had entered
incorrectly in the Step To Reproduce above. It should be like this:
```
{
"uri": "/verify",
"plugins": {
"openid-connect": {
"client_id": "",
"client_secret": "",
"disable": false,
"discovery": "http://host:port/.well-known/jwks.json;,
"use_jwks": true
}
},
"upstream":{
"type": "roundrobin",
"nodes":{
"httpbin.org:443":1
}
}
}'
```
Yes, I did use "discovery" for my JWKS endpoint and I got the error in this
issue.
"pts.discovery.jwks_uri is not present or not a string"
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
