Not all claims get converted

yesinteractive / kong-jwt2header

This Kong API Gateway Plugin can be used to route requests by JWT claim. It does this by converting JWT claims to headers during rewrite phase so that Kong's route by header functionality can be used to route the request appropriately. Alternatively, the plugin can be used to simply convert JWT claims to headers that can be consumed by the upstream service.

Other

30 stars 15 forks source link

Not all claims get converted #6

Open ozonni opened 3 years ago

ozonni commented 3 years ago

I only get those headers set but jwt token has more, e.g. client_id or our custom claim account_code

I think it has something to do with _ symbol

X-Kong-JWT-Claim-iss: https://identity.domain.com
X-Kong-JWT-Claim-idp: local
X-Kong-JWT-Claim-sub: xxx
X-Kong-JWT-Claim-sid: xxx
X-Kong-JWT-Claim-name: user@domain.com

nikirago commented 3 years ago

Will take a look to see if that is the issue. Thanks for submitting the issue!

user-e-6 commented 3 years ago

I might be completely wrong, but it seems as if only claims with string values are extracted. If you cast the claim to a string before storing it in the token, it should work. Good luck!

jonathandeclan commented 3 years ago

I am facing the same issue and I think @aleks-j is correct, claims with boolean, number or array/objects are not converted and are missing.

MiguelSavignano commented 2 years ago

I think the bug is in the headers only accept strings and the source code only allows string values.

    for claim, value in pairs(claims) do
      if type(claim) == "string" and type(value) == "string" then
        kong.service.request.set_header("X-Kong-JWT-Claim-" .. claim, value)
      end
    end

Maybe instead of validating if the claim is a string, is better to transform the clam value to string

    for claim, value in pairs(claims) do
      kong.service.request.set_header("X-Kong-JWT-Claim-" .. tostring(claim), tostring(value))
    end