apache · shreemaan-abhishek · Mar 29, 2024 · Mar 27, 2024 · Mar 27, 2024 · Mar 27, 2024
diff --git a/apisix/plugins/aws-lambda.lua b/apisix/plugins/aws-lambda.lua
@@ -82,7 +82,8 @@ local aws_authz_schema = {
             },
             required = {"accesskey", "secretkey"}
         }
-    }
+    },
+    encrypt_fields = {"apikey", "iam.accesskey", "iam.secretkey"}
 }
 
 local function request_processor(conf, ctx, params)

diff --git a/apisix/plugins/azure-functions.lua b/apisix/plugins/azure-functions.lua
@@ -22,15 +22,17 @@ local azure_authz_schema = {
     properties = {
         apikey = {type = "string"},
         clientid = {type = "string"}
-    }
+    },
+    encrypt_fields = {"apikey"},
 }
 
 local metadata_schema = {
     type = "object",
     properties = {
         master_apikey = {type = "string", default = ""},
         master_clientid = {type = "string", default = ""}
-    }
+    },
+    encrypt_fields = {"master_apikey"}
 }
 
 local function request_processor(conf, ctx, params)

diff --git a/apisix/plugins/jwe-decrypt.lua b/apisix/plugins/jwe-decrypt.lua
@@ -51,6 +51,7 @@ local consumer_schema = {
         is_base64_encoded = { type = "boolean" },
     },
     required = { "key", "secret" },
+    encrypt_fields = { "key", "secret" },
 }
 
 

diff --git a/apisix/plugins/openid-connect.lua b/apisix/plugins/openid-connect.lua
@@ -268,7 +268,7 @@ local schema = {
             }
         }
     },
-    encrypt_fields = {"client_secret"},
+    encrypt_fields = {"client_secret", "client_rsa_private_key"},
     required = {"client_id", "client_secret", "discovery"}
 }
 

diff --git a/apisix/plugins/openwhisk.lua b/apisix/plugins/openwhisk.lua
@@ -49,7 +49,8 @@ local schema = {
         keepalive_timeout = {type = "integer", minimum = 1000, default = 60000},
         keepalive_pool = {type = "integer", minimum = 1, default = 5}
     },
-    required = {"api_host", "service_token", "namespace", "action"}
+    required = {"api_host", "service_token", "namespace", "action"},
+    encrypt_fields = {"service_token"}
 }
 
 

diff --git a/apisix/utils/redis-schema.lua b/apisix/utils/redis-schema.lua
@@ -44,6 +44,7 @@ local policy_to_additional_properties = {
             },
         },
         required = {"redis_host"},
+        encrypt_fields = {"redis_password"}
     },
     ["redis-cluster"] = {
         properties = {

diff --git a/t/plugin/authz-casdoor.t b/t/plugin/authz-casdoor.t
@@ -137,7 +137,7 @@ done
                     "upstream": {
                         "type": "roundrobin",
                         "nodes": {
-                            "test.com:1980": 1
+                            "127.0.0.1:1980": 1
                         }
                     }
                 }]]
@@ -477,7 +477,7 @@ apisix:
                     "upstream": {
                         "type": "roundrobin",
                         "nodes": {
-                            "test.com:1980": 1
+                            "127.0.0.1:1980": 1
                         }
                     }
                 }]]
@@ -506,6 +506,8 @@ apisix:
             -- get plugin conf from etcd, password is encrypted
             local etcd = require("apisix.core.etcd")
             local res = assert(etcd.get('/routes/1'))
+            local core = require("apisix.core")
+            core.log.warn("dibag", core.json.encode(res.body.node.value.plugins["authz-casdoor"].client_secret))
             ngx.say(res.body.node.value.plugins["authz-casdoor"].client_secret)
         }
     }