sangnguyen7 opened a new issue, #7661:
URL: https://github.com/apache/apisix/issues/7661
### Current Behavior
Get 401 Response when introspecting a JWK token:
WWW-Authenticate="Bearer realm="apisix", error="invalid_token",
error_description="opts.discovery.jwks_uri is not present or not a string"
I have checked the openid-connect plugin code, it's using "resty.openidc"
which supports "discovery" as an object that has a property "jwks_uri".
However, the current openid-conect plugin required "discovery" as a String.
### Expected Behavior
Should make "discovery" as an object, instead of String, so that we can
config as "discovery.jwks_uri"
### Error Logs
_No response_
### Steps to Reproduce
1. Setup a route ("/verify") to an upstream with an openid-connect plugin
setting as follow:
```
{
"uri": "/verify",
"plugins": {
"openid-connect": {
"client_id": "",
"client_secret": "",
"disable": false,
"discovery.jwks_uri": "http://host:port/.well-known/jwks.json";,
"use_jwks": true
}
},
"upstream":{
"type": "roundrobin",
"nodes":{
"httpbin.org:443":1
}
}
}'
```
2. Make a call
```
curl -i -X GET http://127.0.0.1:9080/verify -H "Host: httpbin.org" -H
"Authorization: Bearer {JWT_TOKEN}"
```
### Environment
- APISIX version (run `apisix version`): 2.15
- Operating system (run `uname -a`): Kubernetes
- OpenResty / Nginx version (run `openresty -V` or `nginx -V`):
- etcd version, if relevant (run `curl
http://127.0.0.1:9090/v1/server_info`):
- APISIX Dashboard version, if relevant:
- Plugin runner version, for issues related to plugin runners:
- LuaRocks version, for installation issues (run `luarocks --version`):
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org
For queries about this service, please contact Infrastructure at:
us...@infra.apache.org
