You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by GitBox <gi...@apache.org> on 2022/04/26 12:57:19 UTC
[GitHub] [apisix] JohnnyQianP opened a new issue, #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
JohnnyQianP opened a new issue, #6936:
URL: https://github.com/apache/apisix/issues/6936
### Description
Port 32253 is the apisix-admin service
```
# curl -X PUT 'http://192.168.126.100:32253/apisix/admin/routes/r1' \
> -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
> -d '{
> "uri":"/apisix/plugin/jwt/sign",
> "plugins":{
> "public-api": {}
> }
> }'
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>openresty</center>
</body>
</html>
```
```
# curl http://192.168.126.100:32253/apisix/plugin/jwt/sign?key=genpack-key -i
HTTP/1.1 404 Not Found
Server: openresty
Date: Tue, 26 Apr 2022 12:11:21 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 150
Connection: keep-alive
```
when i execute the put script in container:
```
/usr/local/apisix # curl -X PUT 'http://127.0.0.1:9180/apisix/admin/routes/r1' \
> -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
> -H 'Content-Type: application/json' \
> -d '{
> "uri":"/apisix/plugin/jwt/sign",
> "plugins":{
> "public-api": {}
> }
> }'
{"error_msg":"unknown plugin [public-api]"}
```
If donot use public-api plugin, how can I use jwt-auth plugin to authenticate?
### Environment
- APISIX version (run `apisix version`):2.13.1
- Operating system (run `uname -a`):
- OpenResty / Nginx version (run `openresty -V` or `nginx -V`):
- etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`):
- APISIX Dashboard version, if relevant:
- Plugin runner version, for issues related to plugin runners:
- LuaRocks version, for installation issues (run `luarocks --version`):
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] leslie-tsang commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
leslie-tsang commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110489740
> > @leslie-tsang, pls help to check.
> > @JohnnyQianP, and pls check your `config.yaml`, if overwrite the `plugins` list
>
> I can see the "plugins" node in config.yaml  What can I do next?
Please check if `public-api` in your plugin list. :)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111211282
try `curl http://localhost:9080/apisix/plugin/jwt/sign?key=genpack-key`
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111962884
> @JohnnyQianP Where is the definition of API `/gen/api/genpack`?
@tokers
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] leslie-tsang commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
leslie-tsang commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110488331
Hello there, @JohnnyQianP , I had just create test env with followed command, Unfortunately I can't reproduce the issue in my test env. More detailed reproduction steps with configuration information in needed.
```bash
# create test with apisix-docker
export APISIX_WORKBENCH=/home/runner/work/apisix/apisix-docker
mkdir -p ${APISIX_WORKBENCH}
cd ${APISIX_WORKBENCH}
# git clone repo
git clone --recursive https://github.com/apache/apisix-docker.git ${APISIX_WORKBENCH}
# launch apisix env with docker
pushd example
docker-compose up -d
popd
# create test route
curl -X PUT 'http://localhost:9080/apisix/admin/routes/r1' -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -d '{ "uri":"/apisix/plugin/jwt/sign", "plugins":{ "public-api": {} } }'
```
> Create test route output
```bash
{"action":"set","node":{"key":"\/apisix\/routes\/r1","value":{"id":"r1","status":1,"update_time":1651029414,"priority":0,"plugins":{"public-api":{}},"uri":"\/apisix\/plugin\/jwt\/sign","create_time":1651028603}}}
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tokers commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110761991
@JohnnyQianP Now the new problem is not related to the `public-api` at all, it seems that:
1. Your IP address it not allowed by admin api;
2. ETCD configuration is not correct;
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tokers commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111959873
@JohnnyQianP Where is the definition of API `/gen/api/genpack`?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110487513
> @leslie-tsang, pls help to check.
>
> @JohnnyQianP, and pls check your `config.yaml`, if overwrite the `plugins` list
I can see the "plugins" node in config.yaml
What can I do next?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110849875
> Pls show me the new guide: it's gone below
> [https://github.com/apache/apisix/blob/master/doc/install-dependencies.md](https://github.com/apache/apisix/blob/master/doc/install-dependencies.md?rgh-link-date=2022-04-27T09%3A25%3A50Z)
You can go to the ETCD community to find documentation about installing in k8s.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111647930
> try `curl http://localhost:9080/apisix/plugin/jwt/sign?key=genpack-key`
@tzssangglass
port 9080 is the apisix-gateway
port 9180 is the apisix-admin
```
# curl http://localhost:9080/apisix/plugin/jwt/sign?key=genpack-key
{"error_msg":"404 Route Not Found"}
```
"/apisix/plugin/jwt/sign", this uri is access to admin service or gateway service?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tokers commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tokers commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111974986
@JohnnyQianP Try to see the raw response body of the 404, if this is returned by APISIX, you will see key words `404 Route Not Found`.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110859377
@tzssangglass I didn't install etcd for apisix alone in K8S
@tokers hi I have already set the config in container, you see, In container env:
```
# curl -X PUT 'http://localhost:9180/apisix/admin/routes/r1' -H 'X-API-KEY: edd1c9f034335f136f87
ad84b625c8f1' -d '{ "uri":"/apisix/plugin/jwt/sign", "plugins":{ "public-api": {} } }'
{"action":"set","node":{"value":{"status":1,"plugins":{"public-api":{}},"uri":"\/apisix\/plugin\/jwt\/sign","id":"r1","update_time":1651055428,"priority":0,"create_time":1651055428},"key":"\/apisix\/routes\/r1"}}
```
It can be put. But:
```
# curl http://localhost:9180/apisix/plugin/jwt/sign?key=genpack-key -i
HTTP/1.1 404 Not Found
Server: openresty
Date: Wed, 27 Apr 2022 10:32:20 GMT
Content-Type: text/html; charset=utf-8
Content-Length: 150
Connection: keep-alive
```
Also, It shows 403 in K8S env
What I'm doing wrong, pls let me know
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110490399
> ```shell
> curl -X PUT 'http://localhost:9080/apisix/admin/routes/r1' -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -d '{ "uri":"/apisix/plugin/jwt/sign", "plugins":{ "public-api": {} } }'
> ```
No, I can't find it
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1112092927
>
I don't know why, but I re-configured the api route, It's ok now.
The steps and your suggestions are correct.
Thanks, @tokers @tzssangglass
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP closed issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP closed issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
URL: https://github.com/apache/apisix/issues/6936
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111777123
here is my reproduction steps:
### config.yaml
```yaml
apisix:
admin_key:
- name: admin
key: edd1c9f034335f136f87ad84b625c8f1 # using fixed API token has security risk, please update it when you deploy to production environment
role: admin
admin_listen:
ip: 127.0.0.1
port: 9180
```
### add consumer
```shell
$ curl http://127.0.0.1:9180/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"username": "jack",
"plugins": {
"jwt-auth": {
"key": "user-key",
"secret": "my-secret-key"
}
}
}'
```
### register uri in public API
```
$ curl -X PUT 'http://127.0.0.1:9180/apisix/admin/routes/r1' \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
-H 'Content-Type: application/json' \
-d '{
"uri": "/apisix/plugin/jwt/sign",
"plugins": {
"public-api": {}
}
}'
```
### get JWT
```shell
$ curl 'http://127.0.0.1:9080/apisix/plugin/jwt/sign?key=user-key'
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110448057
@leslie-tsang, pls help to check.
@JohnnyQianP, and pls check your `config.yaml`, if overwrite the `plugins` list
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110775787
>
I check the problem in Issue List, I can see the solution enable-grpc-gateway: true
But I don't know where to fix the configratioon, because I install the etcd with apisix in K8S. I cann't find etcd.yml file
Pls show me the new guide: it's gone below
https://github.com/apache/apisix/blob/master/doc/install-dependencies.md
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1110629437
> > > @leslie-tsang, pls help to check.
> > > @JohnnyQianP, and pls check your `config.yaml`, if overwrite the `plugins` list
> >
> >
> > I can see the "plugins" node in config.yaml  What can I do next?
>
> Please check if `public-api` in your plugin list. :)
I changed the config.yaml, added the 'public-api' plugin, and re-deployed the apisix.
In the node : same issue below,
```
# curl -X PUT 'http://192.168.126.100:32253/apisix/admin/routes/r1' -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -d '{ "uri":"/apisix/plugin/jwt/sign", "plugins":{ "public-api": {} } }'
<html>
<head><title>403 Forbidden</title></head>
<body>
<center><h1>403 Forbidden</h1></center>
<hr><center>openresty</center>
</body>
</html>
```
In container, new issue:
```
# curl -X PUT 'http://localhost:9180/apisix/admin/routes/r1' -H 'X-API-KEY: edd1c9f034335f136f87
ad84b625c8f1' -d '{ "uri":"/apisix/plugin/jwt/sign", "plugins":{ "public-api": {} } }'
{"error_msg":"has no healthy etcd endpoint available"}
```
Etcd pods are running, Is this etcd dns problem?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] tzssangglass commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
tzssangglass commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111777546
here is my reproduction steps:
### config.yaml
```yaml
apisix:
admin_key:
- name: admin
key: edd1c9f034335f136f87ad84b625c8f1 # using fixed API token has security risk, please update it when you deploy to production environment
role: admin
admin_listen:
ip: 127.0.0.1
port: 9180
```
### add consumer
```shell
$ curl http://127.0.0.1:9180/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d '
{
"username": "jack",
"plugins": {
"jwt-auth": {
"key": "user-key",
"secret": "my-secret-key"
}
}
}'
```
### register uri in public API
```
$ curl -X PUT 'http://127.0.0.1:9180/apisix/admin/routes/r1' \
-H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' \
-H 'Content-Type: application/json' \
-d '{
"uri": "/apisix/plugin/jwt/sign",
"plugins": {
"public-api": {}
}
}'
```
### get JWT
```shell
$ curl 'http://127.0.0.1:9080/apisix/plugin/jwt/sign?key=user-key'
```
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org
[GitHub] [apisix] JohnnyQianP commented on issue #6936: help request: v2.13.1 there is no public-api plugin when used jwt-auth plugin
Posted by GitBox <gi...@apache.org>.
JohnnyQianP commented on issue #6936:
URL: https://github.com/apache/apisix/issues/6936#issuecomment-1111856678
>
@tzssangglass
Here is mine
**1. Consumer:**
**2. jwt of public api**
**3.get jwt**
**4. in my api**
1. without jwt param
2. add jwt param
Sth wrong in my api?
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org
For queries about this service, please contact Infrastructure at:
users@infra.apache.org