X-ID-Token and X-Access-Token are not sent upstream

[larsw]

Hi,

Only the X-Userinfo header is sent upstream. I read through the code, and it seems that it checks whether the response from resty-openidc.authenticate() contains id_token and access_token. I tried to use set the config.response_type parameter to code id_token token to instruct Keycloak to send the access_token, but it seems like resty-openidc has hard coded the response_type to code. What is weird, is that I assumed that the query against the userinfo endpoint used the access token to retrieve the details.

Any details on how I can fix this?

[larsw]

To answer my own question; seems like this project could need some better release management; the documentation presented in the README.md that also acts as the landing page in the github repo states that the aforementioned headers (X-ID-Token and X-Access-Token) will be sent upstream - this is not true (yet), since it a new release with the feature has not been released! ...

[prompt-bot]

oh...
thanks ^.^ the master branch not a release verison on luarocks.org