feat(openid-connect): allow set headers in introspection request #11090
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
|
could you please explain about the use cases where this feature would be helpful in the linked issue thread? |
|
this pr allows provide extra HTTP headers when talks to the OpenID Connect introspection endpoint, In other API gateway has this feature alrealy, like traefik. and some oauth libs has this feature too, like oauthlib. |
|
@yuweizzz please fix the linter |
|
done. |
kayx23
reviewed
Apr 9, 2024
| @@ -89,6 +89,7 @@ description: OpenID Connect allows the client to obtain user information from th | |||
| | cache_segment | string | False | | | Optional name of a cache segment, used to separate and differentiate caches used by token introspection or JWT verification. | | |||
| | introspection_interval | integer | False | 0 | | TTL of the cached and introspected access token in seconds. | | |||
| | introspection_expiry_claim | string | False | | | Name of the expiry claim, which controls the TTL of the cached and introspected access token. The default value is 0, which means this option is not used and the plugin defaults to use the TTL passed by expiry claim defined in `introspection_expiry_claim`. If `introspection_interval` is larger than 0 and less than the TTL passed by expiry claim defined in `introspection_expiry_claim`, use `introspection_interval`. | | |||
| | introspection_addon_headers | string[] | False | | | Array of strings. Used in Append extras headers to the introspection http request, If configured header not exist in origin request, it will be ignore. | | |||
There was a problem hiding this comment.
Suggested change
| | introspection_addon_headers | string[] | False | | | Array of strings. Used in Append extras headers to the introspection http request, If configured header not exist in origin request, it will be ignore. | | |
| | introspection_addon_headers | string[] | False | | | Array of strings. Used to append additional header values to the introspection HTTP request. If the specified header does not exist in origin request, value will not be appended. | |
This is for appending header value right?
|
any update? |
shreemaan-abhishek
approved these changes
Apr 15, 2024
starsz
approved these changes
Apr 16, 2024
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
Fixes #10601
allow set headers in introspection request.
Checklist