caibirdme opened a new issue, #9257:
URL: https://github.com/apache/apisix/issues/9257
### Description
forward-auth plugin checks the status_code responded from external service,
if it's not 2xx, it aborts the request and return the response(and the
responded status_code from external service) to the client. But there're two
cases that cannot be
well handled by forward-auth:
1. the external auth service returns **200** + `{"status": -1001,
"msg":"invalid token"}`
2. the external auth service returns **4xx** + `{"status": -1001,
"msg":"invalid token"}`, but the api calling convention between client and
service states that the api will always return **200** + json
To fully solve this problems, we need support custom judgement logic,
something like:
```yaml
only_2xx: true
check_json_body: "$.status != -1001"
success_status_code: 200 # no matter what apisix receive from auth service,
return 200 to client if passed the checking
fail_status_code: 200 # ...
```
Supporting check_json_body expression is a little bit complicated,
especially for deeply nested json and multiple conditions(a and b or c or d
...).
Maybe support only_2xx + success_status_code + fail_status_code is more
feasible.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
