Open ashishkumar256 opened 5 months ago
I am requesting to look into this issue; it has been pending for 2 weeks.
@ashishkumar256 As I confirmed with Kong gateway team, the key-auth plugin does not support only allowing part of the credentials but reject the others. The plugin does not support configuring consumers. So your "expected behavior" cannot be resolved in KIC currently. What is your requirement to configure the key-auth plugin to support only part of your configured credentials? We can think about some workarounds if you have any further requirement behind this.
Is there an existing issue for this?
Current Behavior
Below both curl request works -
=> curl <PROXY_IP>/factorial/4 -H apikey:first_complex_key
< HTTP/1.1 200 OK < Content-Type: application/json < Content-Length: 17 < Connection: keep-alive < Server: Werkzeug/2.2.3 Python/3.7.10 < Date: Sat, 20 Apr 2024 08:58:44 GMT {"factorial":24}=> curl <PROXY_IP>/factorial/4 -H apikey:second_complex_key
< HTTP/1.1 200 OK < Content-Type: application/json < Content-Length: 17 < Connection: keep-alive < Server: Werkzeug/2.2.3 Python/3.7.10 < Date: Sat, 20 Apr 2024 08:58:44 GMT {"factorial":24}Expected Behavior
apikey:second_complex_key
must be authenticate/factorial
only whensecond-key-auth
is annotated with servicedemo-flask
.But annotating
first-key-auth
to servicedemo-flask
, it enabled both api keysfirst_complex_key
&second_complex_key
working.Steps To Reproduce
Kong Ingress Controller version
Kubernetes version
Anything else?
No response