search

Kong / kong

🦍 The Cloud-Native API Gateway and AI Gateway.
https://konghq.com/install/#kong-community
Apache License 2.0
38.78k stars 4.77k forks source link

KeyAuth plugin - apikey is an unknown field #3376

Closed BrunoQuaresma closed 6 years ago

BrunoQuaresma commented 6 years ago

Summary

When I send a POST to my API passing the apikey on URL or header it returns a 400 error with: 

{
    "apikey": "apikey is an unknown field"
}

Steps To Reproduce

  1. Register an API

    curl -X POST \
--url http://mykong.com/admin/apis \
--header "apikey: kong-admin-api-key" \
--data "name=myapp" \
--data "uris=/myapp" \
--data "upstream_url=http://myapp.com"

  2. Assign keyauth plugin to the API with config.hide_credentials=true

    curl -X POST \
--url http://mykong.com/admin/apis/myapp/plugins \
--header "apikey: kong-admin-api-key" \
--data "name=key-auth" \
--data "config[hide_credentials]=true"

  3. Make a POST using apikey on URL or header like: https://mykong.com/myapi/resource?apikey=some-key

    curl -X POST \
'http://mykong.com/myapp/leaves?apikey=client-api-key' \
-H 'cache-control: no-cache' \
-H 'content-type: application/json' \
-d '{
    "user_id": "1",
    "start_time": "some-time-here",
    "end_time": "some-time-here"
}'

  4. It returns 400 with the message "apikey is an unknown field"

    {
"apikey": "apikey is an unknown field"
}

Additional Details & Logs

bungle commented 6 years ago

I tried this and couldn't reproduce. Can you give us minimum example that shows this. E.g. commands to create API and plugin and consumer. The error:

{
    "apikey": "apikey is an unknown field"
}

feels like it is coming from admin (default 8001 and 8444) port, and not from proxy port (default 8000 and `8443).

bungle commented 6 years ago

Or is it actually that you proxy to Admin API? https://github.com/Kong/kong/issues/1630

Even then I couldn't reproduce with config.hide_credentials enabled.

BrunoQuaresma commented 6 years ago

@bungle Thanks for the feedback. Steps are updated!

BrunoQuaresma commented 6 years ago

I figured out the problem on my side. This error happens when the admin-api, and I don't know why, hasn't the key-auth plugin activated. For me, admin-api configurations shouldn't influence the other resources. :thinking:

awalias commented 4 years ago

Hi @BrunoQuaresma how did you solve this? I'm experiencing the same issue, thanks

BrunoQuaresma commented 4 years ago

Sorry @awalias I don't remember :/