sangnguyen7 opened a new issue, #7661: URL: https://github.com/apache/apisix/issues/7661
### Current Behavior Get 401 Response when introspecting a JWK token: WWW-Authenticate="Bearer realm="apisix", error="invalid_token", error_description="opts.discovery.jwks_uri is not present or not a string" I have checked the openid-connect plugin code, it's using "resty.openidc" which supports "discovery" as an object that has a property "jwks_uri". However, the current openid-conect plugin required "discovery" as a String. ### Expected Behavior Should make "discovery" as an object, instead of String, so that we can config as "discovery.jwks_uri" ### Error Logs _No response_ ### Steps to Reproduce 1. Setup a route ("/verify") to an upstream with an openid-connect plugin setting as follow: ``` { "uri": "/verify", "plugins": { "openid-connect": { "client_id": "", "client_secret": "", "disable": false, "discovery.jwks_uri": "http://host:port/.well-known/jwks.json", "use_jwks": true } }, "upstream":{ "type": "roundrobin", "nodes":{ "httpbin.org:443":1 } } }' ``` 2. Make a call ``` curl -i -X GET http://127.0.0.1:9080/verify -H "Host: httpbin.org" -H "Authorization: Bearer {JWT_TOKEN}" ``` ### Environment - APISIX version (run `apisix version`): 2.15 - Operating system (run `uname -a`): Kubernetes - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): - etcd version, if relevant (run `curl http://127.0.0.1:9090/v1/server_info`): - APISIX Dashboard version, if relevant: - Plugin runner version, for issues related to plugin runners: - LuaRocks version, for installation issues (run `luarocks --version`): -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org For queries about this service, please contact Infrastructure at: us...@infra.apache.org