moonming commented on code in PR #10252: URL: https://github.com/apache/apisix/pull/10252#discussion_r1403916807
########## docs/en/latest/plugins/jwe-decrypt.md: ########## @@ -0,0 +1,194 @@ +--- +title: jwe-decrypt +keywords: + - Apache APISIX + - API Gateway + - Plugin + - JWE Decrypt + - jwe-decrypt +description: This document contains information about the Apache APISIX jwe-decrypt Plugin. +--- + +<!-- +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +--> + +## Description + +The `jwe-decrypt` Plugin is used to decrypt [JWE](https://datatracker.ietf.org/doc/html/rfc7516) authentication header to a [Service](../terminology/service.md) or a [Route](../terminology/route.md). + +A [Consumer](../terminology/consumer.md) of the service then needs to provide a key decrypt the request. + +## Attributes + +For Consumer: + +| Name | Type | Required | Default | Valid values | Description | +|---------------|---------|-------------------------------------------------------|---------|-----------------------------|---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------| +| key | string | True | | | Unique key for a Consumer. | +| secret | string | True | | | The decrypt key. This field supports saving the value in Secret Manager using the [APISIX Secret](../terminology/secret.md) resource. | +| base64_secret | boolean | False | false | | Set to true if the secret is base64 encoded. | + +For Route: + +| Name | Type | Required | Default | Description | +|--------|--------|----------|---------------|---------------------------------------------------------------------| +| header | string | False | authorization | The header to get the token from. | +| forward_header | string | False | authorization | Set the header name pass the plaintext to the Upstream. | + +## API + +This Plugin adds `/apisix/plugin/jwe/encrypt` as an endpoint. + +:::note + +You may need to use the [public-api](public-api.md) plugin to expose this endpoint. Review Comment: @kayx23 You can modify the document directly on this PR:) looks @fishioon is busy now. -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
