You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2021/04/21 10:05:02 UTC

[GitHub] [apisix] spacewander commented on a change in pull request #4099: feat: jwt-auth support extension payload

spacewander commented on a change in pull request #4099:
URL: https://github.com/apache/apisix/pull/4099#discussion_r617384247



##########
File path: apisix/plugins/jwt-auth.lua
##########
@@ -104,7 +105,7 @@ do
         core.table.clear(consumer_names)
 
         for _, consumer in ipairs(consumers.nodes) do
-            core.log.info("consumer node: ", core.json.delay_encode(consumer))
+            log.info("consumer node: ", core.json.delay_encode(consumer))

Review comment:
       The original `core.log` works well. Please don't touch unrelative code.

##########
File path: apisix/plugins/jwt-auth.lua
##########
@@ -277,18 +285,44 @@ function _M.rewrite(conf, ctx)
     if not consumer then
         return 401, {message = "Invalid user key in JWT token"}
     end
-    core.log.info("consumer: ", core.json.delay_encode(consumer))
+    log.info("consumer: ", core.json.delay_encode(consumer))
 
     local _, auth_secret = algorithm_handler(consumer)
     jwt_obj = jwt:verify_jwt_obj(auth_secret, jwt_obj)
-    core.log.info("jwt object: ", core.json.delay_encode(jwt_obj))
+    log.info("jwt object: ", core.json.delay_encode(jwt_obj))
 
     if not jwt_obj.verified then
         return 401, {message = jwt_obj.reason}
     end
 
     consumer_mod.attach_consumer(ctx, consumer, consumer_conf)
-    core.log.info("hit jwt-auth rewrite")
+    log.info("hit jwt-auth rewrite")
+end
+
+
+local function user_info()

Review comment:
       Is this function necessary for the core feature? We should only accept the necessary API to avoid bloating.

##########
File path: apisix/plugins/jwt-auth.lua
##########
@@ -186,48 +187,55 @@ local function get_secret(conf)
 end
 
 
-local function sign_jwt_with_HS(key, auth_conf)
+local function get_real_payload(key, auth_conf, payload)
+    local real_payload = {
+        key = key,
+        exp = ngx_time() + auth_conf.exp
+    }
+    if payload then
+        local payloadEx = core.json.decode(payload)

Review comment:
       Better to use `extra_payload`




-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

For queries about this service, please contact Infrastructure at:
users@infra.apache.org