bug: not getting the authorization token in header using openid-connect plugin

saurabhconcentrix commented 2 months ago

Current Behavior

i am using openid-connect plugin, it setting up the cookies into headers expecting the authorization token in headers but its not setting it

{ bearer_only: false, client_id: "XXXX", client_secret: "SSSS", discovery: "https://login.microsoftonline.com/xxxxxxxxxxx/v2.0/.well-known/openid-configuration", introspection_endpoint_auth_method: "client_secret_post", realm: "master", scope: "openid profile email", set_access_token_header: true }

let me know if i am missing anything

Expected Behavior

No response

Error Logs

No response

Steps to Reproduce

create a route add the plugin openid-connect into the route expecting the headers into the authorization

Environment

APISIX version (run apisix version):
Operating system (run uname -a):
OpenResty / Nginx version (run openresty -V or nginx -V):
etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
APISIX Dashboard version, if relevant:
Plugin runner version, for issues related to plugin runners:
LuaRocks version, for installation issues (run luarocks --version):

juzhiyuan commented 2 months ago

What do you mean expecting the authorization token in headers but its not setting it?

I'm trying to understand this issue, can you list details step by step?

saurabhconcentrix commented 2 months ago

how we can get the user-information or jwt token from AD using openid-connect plugin

it is setting the cookie in header but not setting the jwt token with this configuration { bearer_only: false, client_id: "XXXX", client_secret: "SSSS", discovery: "https://login.microsoftonline.com/xxxxxxxxxxx/v2.0/.well-known/openid-configuration", introspection_endpoint_auth_method: "client_secret_post", realm: "master", scope: "openid profile email", set_access_token_header: true }

saurabhconcentrix commented 2 months ago

i used the above config it allows me to do the sso and after that i see its set the cookie as well in my browser

but i am expecting the usetdetails and. token as well in my header

please let me know if i am doing anything wrong

saurabhconcentrix commented 2 months ago

as per this docs it should come in header https://docs.api7.ai/apisix/how-to-guide/authentication/set-up-sso-with-azure-ad#authenticate-with-user-credentials

not sure what i am doing wrong @juzhiyuan we are stuck please need help asap

apache / apisix