search

motiv-labs / janus

An API Gateway written in Go
https://hellofresh.gitbooks.io/janus
MIT License
2.77k stars 319 forks source link

introspection token strategy is not work?? #429

Open zjw2011 opened 4 years ago

zjw2011 commented 4 years ago

Hi, I'm trying to set oauth2 plugin for endpoint. When I set the token_strategy as jwt, it showed that I need authentication, and then it went throug after I got a token from oauth server. However, when I set the token_strategy as introspection, it just went through without a valid token.

Here's my config for oauth2 plugin:

{
    "name": "local",
    "oauth_endpoints": {
        "introspect": {
            "preserve_host": false,
            "listen_path": "/auth/token2",
            "upstreams": {
                "balancing": "roundrobin",
                "targets": [{
                    "target": "http://192.168.10.213:8080/hello/d"
                }]
            },
            "strip_path": true,
            "append_path": false,
            "methods": [
                "GET",
                "POST"
            ]
        }
    },
    "token_strategy": {
        "name": "introspection",
        "settings": {
            "use_auth_header": true,
            "auth_header_type": "token"
        }
    }
}

jwt config is 

{
    "name": "local",
    "oauth_endpoints": {
        "token": {
            "preserve_host": false,
            "listen_path": "/auth/token",
            "upstreams": {
                "balancing": "roundrobin",
                "targets": [{
                    "target": "http://192.168.10.213:8080/hello/c"
                }]
            },
            "strip_path": true,
            "append_path": false,
            "methods": [
                "GET",
                "POST"
            ]
        }
    },
    "token_strategy": {
        "name": "introspection",
        "settings": [
            {"alg": "HS256", "key" : "secret"}
        ]
    }
}

Both of _tokenstrategy.settings maybe conflict??

Because I found that log is :

{
    "log": "{\"api_name\":\"example\",\"error\":\"You need to set a JWT secret\",\"level\":\"error\",
        \"msg\":\"Error executing plugin\",\"name\":\"oauth2\",\"time\":\"2019-12-31T23:20:05+08:00\"}\n",
    "stream": "stderr",
    "time": "2019-12-31T15:20:05.396673601Z"
}