Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(kong3.x): make plugin compatible with Kong 3 #4

Open
wants to merge 1 commit into
base: master
Choose a base branch
from
Open

feat(kong3.x): make plugin compatible with Kong 3 #4

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
51 changes: 32 additions & 19 deletions handler.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,27 +1,25 @@
local BasePlugin = require "kong.plugins.base_plugin"
local jwt_decoder = require "kong.plugins.jwt.jwt_parser"
local JWT_PLUGIN_PRIORITY = (require "kong.plugins.jwt.handler").PRIORITY
local CLAIM_HEADERS = require "kong.plugins.jwt-claim-headers.claim_headers"

local ngx_set_header = ngx.req.set_header
local kong = kong
local ngx_re_gmatch = ngx.re.gmatch

local JwtClaimHeadersHandler = BasePlugin:extend()
local JwtClaimHeadersHandler = {
VERSION = "2.0.0",
PRIORITY = JWT_PLUGIN_PRIORITY - 100,
}

-- Set this plugin to execute after the default jwt plugin provided by Kong
-- Plugins with higher priority are executed first
JwtClaimHeadersHandler.PRIORITY = JWT_PLUGIN_PRIORITY - 100

local function retrieve_token(request, conf)
local uri_parameters = request.get_uri_args()
local function retrieve_token(conf)
local uri_parameters = kong.request.get_query()

for _, v in ipairs(conf.uri_param_names) do
if uri_parameters[v] then
return uri_parameters[v]
end
end

local authorization_header = request.get_headers()["authorization"]
local authorization_header = kong.request.get_headers()["authorization"]
if authorization_header then
local iterator, iter_err = ngx_re_gmatch(authorization_header, "\\s*[Bb]earer\\s+(.+)")
if not iterator then
Expand All @@ -39,21 +37,36 @@ local function retrieve_token(request, conf)
end
end

function JwtClaimHeadersHandler:new()
JwtClaimHeadersHandler.super.new(self, "jwt-claim-headers")
end

function JwtClaimHeadersHandler:access(conf)
JwtClaimHeadersHandler.super.access(self)
local token, err = retrieve_token(conf)
if err then
kong.log.warn("unable to retrieve token: ", err)
return
end

local token_type = type(token)
if token_type ~= "string" then
if token_type == "nil" then
kong.log.warn("missing token")
return
else
kong.log.err("unrecognizable token")
return
end
end

local jwt, err = jwt_decoder:new(token)
if err then
kong.log.err("bad token: ", err)
return
end

local token, _ = retrieve_token(ngx.req, conf)
local jwt, _ = jwt_decoder:new(token)
local claims = jwt.claims

for claim_key, claim_value in pairs(claims) do
request_header = CLAIM_HEADERS[claim_key]
local request_header = CLAIM_HEADERS[claim_key]
if request_header ~= nil then
ngx_set_header(request_header, claim_value)
kong.service.request.set_header(request_header, claim_value)
end
end
end
Expand Down
27 changes: 22 additions & 5 deletions schema.lua
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -1,6 +1,23 @@
local typedefs = require "kong.db.schema.typedefs"

return {
no_consumer = true,
fields = {
uri_param_names = {type = "array", default = {"jwt"}}
}
}
name = "jwt",
fields = {{
consumer = typedefs.no_consumer
}, {
protocols = typedefs.protocols_http
}, {
config = {
type = "record",
fields = {{
uri_param_names = {
type = "set",
elements = {
type = "string"
},
default = {"jwt"}
}
}}
}
}},
}