feat: uri_without_ticket function from cas-auth plugin need to generate uri based on container enviroment

[flearc]

Description

When deploying apisix using apisix-docker in a k8s environment, some users may access apisix via a domain using http/https on ports 80/443

However, when enable cas-auth plugin, the uri_without_ticket function generates uri based on ctx.var.host, which commonly resolves to port 9080

local function uri_without_ticket(conf, ctx)
    return ctx.var.scheme .. "://" .. ctx.var.host .. ":" ..
        ctx.var.server_port .. conf.cas_callback_uri
end

So when the CAS server redirects upon successful user login, it directs to this port, resulting in the callback failing to reach apisix as the domain is only accessed via ports 80/443.

To address this, I propose introducing a new configuration option, callback_port, within the cas-auth plugin. This configuration would allow users to specify the correct port for accessing apisix via the domain, thereby ensuring successful callbacks from the CAS server.

[shreemaan-abhishek]

ctx.var.server_port resolves to a port on which apisix is listening (not 9080 always) isn't it? Am I missing something?

[flearc]

ctx.var.server_port resolves to a port on which apisix is listening (not 9080 always) isn't it? Am I missing something?

The port is not always 9080.

I want to stress that ctx.var.server_port is the container port apisix listening to. But the fact is, when it's the container port, CAS will encounter a connect error because container port can not be used outside k8s.

So I suggest a new conf to solve this problem.

[shreemaan-abhishek]

would you like to submit a PR for this?