You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@shenyu.apache.org by "skyding228 (via GitHub)" <gi...@apache.org> on 2023/02/17 08:24:45 UTC
[GitHub] [shenyu] skyding228 opened a new issue, #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
skyding228 opened a new issue, #4395:
URL: https://github.com/apache/shenyu/issues/4395
### Is there an existing issue for this?
- [X] I have searched the existing issues
### Current Behavior
The whole HttpRequestBody was replaced by The decrypt data of The field configured in “fieldNames”;
### Expected Behavior
Only The encrypt field data was replaced by The decrypt field data instead of the whole HttpRequestBody ;
### Steps To Reproduce
1. config rules as below:
2. send request body to gateway:
```json
{
"phone":"MUoxWVRwZD10cmgyMG1yN3pFOHVnZz09",
"prov":"371"
}
```
3. the backend server received:
expect a json data but a string.
`"19837107777"` is the text of `"MUoxWVRwZD10cmgyMG1yN3pFOHVnZz09"`,It's correct, but the `prov` missed;
### Environment
```markdown
ShenYu version(s):2.5.1
```
### Debug logs
Both parseBody(step 1) and modifiedBody(step 2) are correct. But the return(step 3) is wrong, some bad things happend in `CryptorUtil.replace` method when `ruleHandler.getWay()` is `DECRYPT`, the source code is:
### Anything else?
_No response_
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1434412082
It seems that the scene is that the backend service needs to obtain the decrypted entire body. If this is the only reason, it only needs to remove the decrypt judgment of replace, but it needs to be considered whether it is used by other scenarios.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] Ceilzcx commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "Ceilzcx (via GitHub)" <gi...@apache.org>.
Ceilzcx commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1448152617
> > > Maybe the decrypt way is vague. @dragon-zhang. Maybe need to expand other ways.
> >
> >
> > In `org.apache.shenyu.plugin.cryptor.handler.CryptorRuleHandler`, maybe we can add a `replaceType` and use `all` as default to ensure compatibility, then add `field` to describe just replace the field with the given name.
> > The changes should be made in `org.apache.shenyu.plugin.cryptor.request.CryptorRequestPlugin#convert`.
> > After the `CryptorResponsePlugin` also supports `replaceType`, we can refactor the code.
> > Are there any volunteers?
>
> That's what I mean.pls assign 2 me.
hi,I am interested in the project and this issue. Can I participate in it together?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] yu199195 closed issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "yu199195 (via GitHub)" <gi...@apache.org>.
yu199195 closed issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
URL: https://github.com/apache/shenyu/issues/4395
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1456143926
It's done, pls close as complete.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1435875244
Maybe the decrypt way is vague. @dragon-zhang. Maybe need to expand other ways.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1447287577
> > Maybe the decrypt way is vague. @dragon-zhang. Maybe need to expand other ways.
>
>
>
> In `org.apache.shenyu.plugin.cryptor.handler.CryptorRuleHandler`, maybe we can add a `replaceType` and use `all` as default to ensure compatibility, then add `field` to describe just replace the field with the given name.
>
>
>
> The changes should be made in `org.apache.shenyu.plugin.cryptor.request.CryptorRequestPlugin#convert`.
>
>
>
> After the `CryptorResponsePlugin` also supports `replaceType`, we can refactor the code.
>
>
>
> Are there any volunteers?
That's what I mean.pls assign 2 me.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] dragon-zhang commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "dragon-zhang (via GitHub)" <gi...@apache.org>.
dragon-zhang commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1446510310
> Maybe the decrypt way is vague. @dragon-zhang. Maybe need to expand other ways.
In `org.apache.shenyu.plugin.cryptor.handler.CryptorRuleHandler`, maybe we can add a `replaceType` and use `all` as default to ensure compatibility, then add `field` to describe just replace the field with the given name.
The changes should be made in `org.apache.shenyu.plugin.cryptor.request.CryptorRequestPlugin#convert`.
After the `CryptorResponsePlugin` also supports `replaceType`, we can refactor the code.
Are there any volunteers?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1451693843
I will submit another pr later to increase the feature that `fieldNames` supports multiple fields. So there is a need to determine whether `mapType` should add the 'fields' option;
* `field` map to value of a single field (Compatible with older versions)
* `all` map to another JSON with whole fields;
* `field` map to another JSON with the specified fields;
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] tian-pengfei commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "tian-pengfei (via GitHub)" <gi...@apache.org>.
tian-pengfei commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1442978174
> what should I text in `filedNames` which means `entire body` ? 
For now I think there is no way to do that for cryptorRequest. The beaviour of cryptorRequest plugin is worth discussing.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1442892588
@tian-pengfei
Pls decide it.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] skyding228 commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "skyding228 (via GitHub)" <gi...@apache.org>.
skyding228 commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1434403248
The request flow as below:
`{"phone":"MUoxWVRwZD10cmgyMG1yN3pFOHVnZz09","prov":"371"}`(user client)
->
`{"phone":"MUoxWVRwZD10cmgyMG1yN3pFOHVnZz09","prov":"371"}`(shenyu gateway)
->
`{"phone":"19837107777","prov":"371"}`(backend server)
I should config it in ENCRYPT mode. But when `"MUoxWVRwZD10cmgyMG1yN3pFOHVnZz09" -> 19837107777 (in shenyu gateway)` the `encrypt` method was called. It means the `encrypt` method is doing `decrypt` function.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] skyding228 commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "skyding228 (via GitHub)" <gi...@apache.org>.
skyding228 commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1435479963
what should I text in `filedNames` which means `entire body` ?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1434363473
At present, decryption only supports solving the encrypted value and returning it, and encryption will modify the field value and return the entire body:
```
If it is decrypt mode, replace the original requestBody,
if it is encrypt mode, it will replace the content of the fieldName configuration.
```
Please describe your scene, discuss whether it is necessary to be necessary to extend these encryption and decryption ruler-handler options.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [shenyu] damonxue commented on issue #4395: [BUG] cryptorRequest plugin replaces originalBody with field data when it is DECRYPT way
Posted by "damonxue (via GitHub)" <gi...@apache.org>.
damonxue commented on issue #4395:
URL: https://github.com/apache/shenyu/issues/4395#issuecomment-1448158422
> > > > Maybe the decrypt way is vague. @dragon-zhang. Maybe need to expand other ways.
>
> > >
>
> > >
>
> > > In `org.apache.shenyu.plugin.cryptor.handler.CryptorRuleHandler`, maybe we can add a `replaceType` and use `all` as default to ensure compatibility, then add `field` to describe just replace the field with the given name.
>
> > > The changes should be made in `org.apache.shenyu.plugin.cryptor.request.CryptorRequestPlugin#convert`.
>
> > > After the `CryptorResponsePlugin` also supports `replaceType`, we can refactor the code.
>
> > > Are there any volunteers?
>
> >
>
> > That's what I mean.pls assign 2 me.
>
>
>
> hi,I am interested in the project and this issue. Can I participate in it together?
pls add my wechat(id: Fibonacci_stack).
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@shenyu.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org