You are viewing a plain text version of this content. The canonical link for it is here.

Posted to notifications@apisix.apache.org by "andiamvinay (via GitHub)" <gi...@apache.org> on 2023/05/04 17:19:19 UTC

[GitHub] [apisix] andiamvinay opened a new issue, #9407: bug: JWT plugin cookie not identified

andiamvinay opened a new issue, #9407:
URL: https://github.com/apache/apisix/issues/9407

   ### Current Behavior
   
   1) When JWT authentication is set to cookie, the cookie is not parsed if there are more than one cookie. The authentication is successful only if jwt auth cookie is first one.
   2) If the JWT cokkie has "Bearer" string in it, the cookie auth fails
   
   
   
   ### Expected Behavior
   
   Cookie should be selected irrespective of the position.
   
   ### Error Logs
   
   {"message":"Missing JWT token in request"}
   
   ### Steps to Reproduce
   
   1. Run APISIX Via docker
   2. Enable JWT plugin for a route
   3. Set the cookie : "access-token"
   4. Access the route
   
   Current behaviour
   1) If the JWT cookie is in second position
   `curl http://127.0.0.1:9080/route1 -H "Cookie: session_valid:100;access-token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODMzMDU3ODIsImtleSI6InVzZXJrZXkiLCJpYXQiOjE2ODMyMTk0MDJ9.5dMyoxbsZZZ9qk2laQ-LWYOEryDYo0swE27fjwIDKe0"`
   
   **Returns** : 401 {"message":"Missing JWT token in request"}
   2)If the JWT cookie is in has Bearer String
   
   `curl http://127.0.0.1:9080/route1 -H "Cookie: access-token=Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODMzMDU3ODIsImtleSI6InVzZXJrZXkiLCJpYXQiOjE2ODMyMTk0MDJ9.5dMyoxbsZZZ9qk2laQ-LWYOEryDYo0swE27fjwIDKe0"`
   
   **Returns** :  {"message":"JWT token invalid"}
   
   ### Environment
   
   - APISIX version (run `apisix version`): 3.2.0
   - Operating system (run `uname -a`): Linux ce53cecfedfd 5.10.0-21-cloud-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux
   - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): nginx version: openresty/1.21.4.1
   
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] shreemaan-abhishek commented on issue #9407: bug: JWT plugin cookie not identified

Posted by "shreemaan-abhishek (via GitHub)" <gi...@apache.org>.

shreemaan-abhishek commented on issue #9407:
URL: https://github.com/apache/apisix/issues/9407#issuecomment-1535739268

   Please share some error logs as well.


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] andiamvinay closed issue #9407: bug: JWT plugin cookie not identified

Posted by "andiamvinay (via GitHub)" <gi...@apache.org>.

andiamvinay closed issue #9407: bug: JWT plugin cookie not identified
URL: https://github.com/apache/apisix/issues/9407


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] andiamvinay commented on issue #9407: bug: JWT plugin cookie not identified

Posted by "andiamvinay (via GitHub)" <gi...@apache.org>.

andiamvinay commented on issue #9407:
URL: https://github.com/apache/apisix/issues/9407#issuecomment-1535679795

   @zccabb session_valid:100 is a Typo. The same issue happens even if the session_valid=100. 


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] zccabb commented on issue #9407: bug: JWT plugin cookie not identified

Posted by "zccabb (via GitHub)" <gi...@apache.org>.

zccabb commented on issue #9407:
URL: https://github.com/apache/apisix/issues/9407#issuecomment-1535612400

   I think you are in second position in JWT cookie
   `curl http://127.0.0.1:9080/route1 -H "Cookie: session_valid:100;access-token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODMzMDU3ODIsImtleSI6InVzZXJrZXkiLCJpYXQiOjE2ODMyMTk0MDJ9.5dMyoxbsZZZ9qk2laQ-LWYOEryDYo0swE27fjwIDKe0"`
   `session_valid:100` should be `session_valid=100`


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] shreemaan-abhishek commented on issue #9407: bug: JWT plugin cookie not identified

Posted by "shreemaan-abhishek (via GitHub)" <gi...@apache.org>.

shreemaan-abhishek commented on issue #9407:
URL: https://github.com/apache/apisix/issues/9407#issuecomment-1535726817

   Could you please share your route and consumer configuration?


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org

[GitHub] [apisix] zccabb commented on issue #9407: bug: JWT plugin cookie not identified

Posted by "zccabb (via GitHub)" <gi...@apache.org>.

zccabb commented on issue #9407:
URL: https://github.com/apache/apisix/issues/9407#issuecomment-1535681668

   If you use jwt directly
   `
   curl http://127.0.0.1:9080/route1 -H "Cookie: session_valid=100;jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODMzMDU3ODIsImtleSI6InVzZXJrZXkiLCJpYXQiOjE2ODMyMTk0MDJ9.5dMyoxbsZZZ9qk2laQ-LWYOEryDYo0swE27fjwIDKe0"
   `
   Can you get the results you want？


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscribe@apisix.apache.org

For queries about this service, please contact Infrastructure at:
users@infra.apache.org