andiamvinay opened a new issue, #9407:
URL: https://github.com/apache/apisix/issues/9407
### Current Behavior
1) When JWT authentication is set to cookie, the cookie is not parsed if
there are more than one cookie. The authentication is successful only if jwt
auth cookie is first one.
2) If the JWT cokkie has "Bearer" string in it, the cookie auth fails
### Expected Behavior
Cookie should be selected irrespective of the position.
### Error Logs
{"message":"Missing JWT token in request"}
### Steps to Reproduce
1. Run APISIX Via docker
2. Enable JWT plugin for a route
3. Set the cookie : "access-token"
4. Access the route
Current behaviour
1) If the JWT cookie is in second position
`curl http://127.0.0.1:9080/route1 -H "Cookie:
session_valid:100;access-token=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODMzMDU3ODIsImtleSI6InVzZXJrZXkiLCJpYXQiOjE2ODMyMTk0MDJ9.5dMyoxbsZZZ9qk2laQ-LWYOEryDYo0swE27fjwIDKe0"`
**Returns** : 401 {"message":"Missing JWT token in request"}
2)If the JWT cookie is in has Bearer String
`curl http://127.0.0.1:9080/route1 -H "Cookie: access-token=Bearer
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJleHAiOjE2ODMzMDU3ODIsImtleSI6InVzZXJrZXkiLCJpYXQiOjE2ODMyMTk0MDJ9.5dMyoxbsZZZ9qk2laQ-LWYOEryDYo0swE27fjwIDKe0"`
**Returns** : {"message":"JWT token invalid"}
### Environment
- APISIX version (run `apisix version`): 3.2.0
- Operating system (run `uname -a`): Linux ce53cecfedfd
5.10.0-21-cloud-amd64 #1 SMP Debian 5.10.162-1 (2023-01-21) x86_64 GNU/Linux
- OpenResty / Nginx version (run `openresty -V` or `nginx -V`): nginx
version: openresty/1.21.4.1
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
