Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

bug: jwe-decrypt Authorization header not showing up #10835

Closed
kayx23 opened this issue Jan 17, 2024 · 3 comments · Fixed by #10843
Closed

bug: jwe-decrypt Authorization header not showing up #10835

kayx23 opened this issue Jan 17, 2024 · 3 comments · Fixed by #10843
Assignees
@hanqingwu
Labels
bug Something isn't working

Comments

@kayx23
Copy link
Member

kayx23 commented Jan 17, 2024
edited
Loading

Current Behavior

Current doc: https://apisix.apache.org/docs/apisix/plugins/jwe-decrypt/

Specifically, it mentions the Authorization header with payload in plaintext should show up:

image

However in actual testing, the Authorization header doesn't show up at all:

image

Expected Behavior

Confirm first if something is wrong with the code or with the doc. Eventually the doc should match up with the actual outcome.

Steps to Reproduce

Need APISIX 3.8.0.

Expose endpoint:

curl "http://127.0.0.1:9180/apisix/admin/routes/jwe-encrypt-api" -X PUT \
  -H "X-API-KEY: ${ADMIN_API_KEY}" \
  -d '{
    "uri": "/apisix/plugin/jwe/encrypt",
    "plugins": {
      "public-api": {}
    }
  }'

Create a consumer:

curl "http://127.0.0.1:9180/apisix/admin/consumers" -X PUT \         
  -H "X-API-KEY: ${ADMIN_API_KEY}" \          
  -d '{
    "username": "jack",
    "plugins": {
      "jwe-decrypt": {
        "key": "jack-key",
        "secret": "key-length-should-be-32-chars123"
      }
    }
  }'

Create route:

curl "http://127.0.0.1:9180/apisix/admin/routes" -X PUT \
  -H "X-API-KEY: ${ADMIN_API_KEY}" \
  -d '{
    "id": "jwe-decrypt-route",
    "uri": "/anything/jwe",
    "plugins": {
      "jwe-decrypt": {
        "header": "Authorization",
        "forward_header": "Authorization"
      }
    },
    "upstream": {
      "type": "roundrobin",
      "nodes": {
        "httpbin.org:80": 1
      }
    }
  }'

Encrypt:

curl -G --data-urlencode 'payload={"uid":10000,"uname":"test"}' 'http://127.0.0.1:9080/apisix/plugin/jwe/encrypt?key=jack-key'

You should get the JWE encrypted data.

Send a request to the route with the JWE encrypted data in the Authorization header:

curl "http://127.0.0.1:9080/anything/jwe" -H 'Authorization: <YOUR_TOKEN>'

Environment

  • APISIX version (run apisix version): 3.8.0
@shreemaan-abhishek shreemaan-abhishek added the bug Something isn't working label Jan 17, 2024
@hanqingwu
Copy link
Contributor

@kayx23 , I have find root cause , and then i will submit a PR for fix it .
image

@kayx23
Copy link
Member Author

kayx23 commented Jan 18, 2024

@hanqingwu cool! Thanks.

@hanqingwu hanqingwu mentioned this issue Jan 18, 2024
Merged
5 tasks
@Vacant2333
Copy link
Contributor

@kayx23 hi! pls help him assign and move to to InProgress backlog~~

@kayx23 kayx23 moved this from 📋 Backlog to 🏗 In progress in Apache APISIX backlog Jan 19, 2024
@github-project-automation github-project-automation bot moved this from 🏗 In progress to ✅ Done in Apache APISIX backlog Jan 24, 2024
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@hanqingwu hanqingwu

Labels
bug Something isn't working
Projects
Apache APISIX backlog
Archived in project
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

fix: plugin jwe-decrypt decryption failure
4 participants
@hanqingwu @Vacant2333 @kayx23 @shreemaan-abhishek