Hi there! Thanks for maintaining this plugin, it helps a lot!
When the option bearer_jwt_auth_enable is used the verified access token is not passed upstream. Is this by design?
Our use case is using a token with multiple API gateways potentially being chained where the token typically is passed as Authorization header. When using the bearer_jwt_auth_enable option the token does not reach the upstream server.
Hi there! Thanks for maintaining this plugin, it helps a lot!
When the option
bearer_jwt_auth_enable
is used the verified access token is not passed upstream. Is this by design?Our use case is using a token with multiple API gateways potentially being chained where the token typically is passed as Authorization header. When using the
bearer_jwt_auth_enable
option the token does not reach the upstream server.See https://github.com/revomatico/kong-oidc/blob/d0d7a2bfc3eddd0fef721a342066562465938264/kong/plugins/oidc/handler.lua#L36-L43
And the other location when the oidc cycle is being done where the access token is set https://github.com/revomatico/kong-oidc/blob/d0d7a2bfc3eddd0fef721a342066562465938264/kong/plugins/oidc/handler.lua#L78
Thanks!