diff --git a/apisix/plugins/authz-casdoor.lua b/apisix/plugins/authz-casdoor.lua index e082a28e99d6e..daa22e0571a0f 100644 --- a/apisix/plugins/authz-casdoor.lua +++ b/apisix/plugins/authz-casdoor.lua @@ -44,15 +44,13 @@ local _M = { schema = schema } -local function fetch_access_token(ctx, conf, state_in_session) - local args = core.request.get_uri_args(ctx) +local function fetch_access_token(code, conf) local client = http.new() local url = conf.endpoint_addr .. "/api/login/oauth/access_token" - local res, err = client:request_uri(url, { method = "POST", body = ngx.encode_args({ - code = args.code, + code = code, grant_type = "authorization_code", client_id = conf.client_id, client_secret = conf.client_secret @@ -123,8 +121,13 @@ function _M.access(conf, ctx) core.log.error(err) return 400, err end + if not args.code then + err = "invalid code" + core.log.error(err) + return 400, err + end local access_token, lifetime, err = - fetch_access_token(ctx, conf, state_in_session) + fetch_access_token(args.code, conf) if err then core.log.error(err) return 503 diff --git a/t/plugin/authz-casdoor.t b/t/plugin/authz-casdoor.t index 4289c8dd92a33..23c418a7f1def 100644 --- a/t/plugin/authz-casdoor.t +++ b/t/plugin/authz-casdoor.t @@ -143,7 +143,7 @@ done } }]] ) - if code ~= 200 then + if code >= 300 then ngx.say("failed to set up routing rule") end ngx.say("done") @@ -194,7 +194,7 @@ done }]] ) - if code ~= 200 then + if code >= 300 then ngx.status = code end ngx.say(body) @@ -284,7 +284,7 @@ done if not res3 then ngx.say(err3) end - if res3.status ~= 200 then + if res3.status >= 300 then log.error(res3.status,res3.headers["Location"]) end ngx.say("done")