Xusq513 opened a new issue, #9409:
URL: https://github.com/apache/apisix/issues/9409
### Description
`
@Override
public String name() {
return "apache-apisix-auth-plugin-runner";
}
@Override
public void filter(HttpRequest request, HttpResponse response,
PluginFilterChain chain) {
// 获取插件配置信息
String configStr = request.getConfig(this);
Gson gson = new Gson();
Map<String, Object> conf = new HashMap<>();
conf = gson.fromJson(configStr, conf.getClass());
String tokenKey =
StringUtils.obj2Str(conf.get(ApisixContants.AUTH_PLUGIN_TOKEN_KEY),
ApisixContants.TOKEN_NAME);
String forbiddenCode =
StringUtils.obj2Str(conf.get(ApisixContants.AUTH_PLUGIN_FORBIDDEN_KEY),
String.valueOf(HttpStatus.FORBIDDEN.value()));
Map<String, String> headerMap = request.getHeaders();
//打印请求
headerMap.entrySet().forEach(f -> log.debug(f.getKey() + "----" +
f.getValue()));
// 获取token
String token = request.getHeader(tokenKey.toLowerCase());
// 获取请求的url
String url = request.getPath();
// 鉴权
Boolean isCouldVisited = authService.auth(token, url);
// 鉴权失败
if (!isCouldVisited) {
Integer rejectedValue = Integer.parseInt(forbiddenCode);
response.setStatusCode(rejectedValue);
log.info("----------------鉴权失败,返回编码为:{}--------------------------",
rejectedValue);
} else {
log.info("----------------鉴权成功--------------------------");
}
chain.filter(request, response);
}
`
`
"plugins": {
"ext-plugin-pre-req": {
"allow_degradation": false,
"conf": [
{
"name": "apache-apisix-auth-plugin-runner",
"value":
"{\"token_code\":\"Authorization\",\"rejected_code\":\"403\"}"
}
]
}
`
上图是我插件里打印的日志,response返回的时候403,想要得到的结果是不回转发到目标地址,客户端返回403,事实上这里并没有,而是进行了放行。
### Environment
- APISIX version (3.2.0)
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
