[GitHub] [incubator-apisix] moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix
moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix URL: https://github.com/apache/incubator-apisix/pull/1027#discussion_r363198859 ## File path: lua/apisix/plugins/jwt-auth.lua ## @@ -90,16 +91,19 @@ end local function fetch_jwt_token() -local args = ngx.req.get_uri_args() -if args and args.jwt then -return args.jwt -end - local headers = ngx.req.get_headers() if headers.Authorization then +if sub_str(headers.Authorization,1,7) == 'Bearer ' then Review comment: do we need to deal with `bearer`? This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [incubator-apisix] moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix
moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix URL: https://github.com/apache/incubator-apisix/pull/1027#discussion_r363198899 ## File path: lua/apisix/plugins/jwt-auth.lua ## @@ -90,16 +91,19 @@ end local function fetch_jwt_token() -local args = ngx.req.get_uri_args() -if args and args.jwt then -return args.jwt -end - local headers = ngx.req.get_headers() if headers.Authorization then +if sub_str(headers.Authorization,1,7) == 'Bearer ' then +return sub_str(headers.Authorization,8) Review comment: ditto This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [incubator-apisix] moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix
moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix URL: https://github.com/apache/incubator-apisix/pull/1027#discussion_r363205726 ## File path: lua/apisix/plugins/jwt-auth.lua ## @@ -90,16 +91,19 @@ end local function fetch_jwt_token() -local args = ngx.req.get_uri_args() -if args and args.jwt then -return args.jwt -end - local headers = ngx.req.get_headers() if headers.Authorization then +if sub_str(headers.Authorization,1,7) == 'Bearer ' then +return sub_str(headers.Authorization,8) +end return headers.Authorization end +local args = ngx.req.get_uri_args() +if args and args.jwt then Review comment: please use `ngx.ctx.api_ctx.jwt` This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [incubator-apisix] moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix
moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix URL: https://github.com/apache/incubator-apisix/pull/1027#discussion_r363206173 ## File path: t/plugin/jwt-auth.t ## @@ -218,7 +218,7 @@ hello world --- request GET /hello --- more_headers -Authorization: eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0.fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs +Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0.fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs Review comment: please add test case for wrong value of `Authorization Bearer` This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [incubator-apisix] moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix
moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix URL: https://github.com/apache/incubator-apisix/pull/1027#discussion_r363198693 ## File path: lua/apisix/plugins/jwt-auth.lua ## @@ -90,16 +91,19 @@ end local function fetch_jwt_token() -local args = ngx.req.get_uri_args() -if args and args.jwt then -return args.jwt -end - local headers = ngx.req.get_headers() if headers.Authorization then +if sub_str(headers.Authorization,1,7) == 'Bearer ' then Review comment: need to add space after `,` This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
[GitHub] [incubator-apisix] moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix
moonming commented on a change in pull request #1027: Jwt authentication plugin compatible with Bearer prefix URL: https://github.com/apache/incubator-apisix/pull/1027#discussion_r363198533 ## File path: lua/apisix/plugins/jwt-auth.lua ## @@ -90,16 +91,19 @@ end local function fetch_jwt_token() -local args = ngx.req.get_uri_args() -if args and args.jwt then -return args.jwt -end - local headers = ngx.req.get_headers() Review comment: please use `core.request.header(ctx, "authorization")` This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: us...@infra.apache.org With regards, Apache Git Services
