[I] bug: `jwe-decrypt` Authorization header not showing up [apisix]

Tue, 16 Jan 2024 21:20:24 -0800 


kayx23 opened a new issue, #10835:
URL: https://github.com/apache/apisix/issues/10835

   ### Current Behavior
   
   Current doc: https://apisix.apache.org/docs/apisix/plugins/jwe-decrypt/
   
   Specifically, it mentions the Authorization header with payload in plaintext 
should show up:
   
   
![image](https://github.com/apache/apisix/assets/39619599/16d2284a-72e0-4648-82d4-ea3df15c2fae)
   
   However in actual testing, the Authorization header doesn't show up at all:
   
   
![image](https://github.com/apache/apisix/assets/39619599/06aa5307-c00a-49c1-96a4-861ce1616e20)
   
   
   ### Expected Behavior
   
   Confirm first if something is wrong with the code or with the doc. 
Eventually the doc should match up with the actual outcome.
   
   ### Error Logs
   
   _No response_
   
   ### Steps to Reproduce
   
   Need APISIX 3.8.0.
   
   Expose endpoint:
   
   ```shell
   curl "http://127.0.0.1:9180/apisix/admin/routes/jwe-encrypt-api"; -X PUT \
     -H "X-API-KEY: ${ADMIN_API_KEY}" \
     -d '{
       "uri": "/apisix/plugin/jwe/encrypt",
       "plugins": {
         "public-api": {}
       }
     }'
   ```
   
   Create a consumer:
   
   ```shell
   curl "http://127.0.0.1:9180/apisix/admin/consumers"; -X PUT \         
     -H "X-API-KEY: ${ADMIN_API_KEY}" \          
     -d '{
       "username": "jack",
       "plugins": {
         "jwe-decrypt": {
           "key": "jack-key",
           "secret": "key-length-should-be-32-chars123"
         }
       }
     }'
   ```
   
   Create route:
   
   ```shell
   curl "http://127.0.0.1:9180/apisix/admin/routes"; -X PUT \
     -H "X-API-KEY: ${ADMIN_API_KEY}" \
     -d '{
       "id": "jwe-decrypt-route",
       "uri": "/anything/jwe",
       "plugins": {
         "jwe-decrypt": {
           "header": "Authorization",
           "forward_header": "Authorization"
         }
       },
       "upstream": {
         "type": "roundrobin",
         "nodes": {
           "httpbin.org:80": 1
         }
       }
     }'
   ```
   
   Encrypt:
   
   ```shell
   curl -G --data-urlencode 'payload={"uid":10000,"uname":"test"}' 
'http://127.0.0.1:9080/apisix/plugin/jwe/encrypt?key=jack-key'
   ```
   
   You should get the JWE encrypted data.
   
   Send a request to the route with the JWE encrypted data in the Authorization 
header:
   
   ```shell
   curl "http://127.0.0.1:9080/anything/jwe"; -H 'Authorization: <YOUR_TOKEN>'
   ```
   
   ### Environment
   
   - APISIX version (run `apisix version`): 3.8.0
   


-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org

Reply via email to