Re: [PR] fix: close session in case of error to avoid blocked session [apisix]

[via GitHub]

shreemaan-abhishek commented on code in PR #11089:
URL: https://github.com/apache/apisix/pull/11089#discussion_r1545046878


##########
t/plugin/openid-connect5.t:
##########
@@ -138,3 +138,97 @@ __DATA__
     }
 --- response_body_like
 hello world
+
+
+
+=== TEST 2: Call to route with locking session storage, no authentication and 
unauth_action 'deny' should not block subsequent requests on same session
+--- config
+    set $session_storage redis;
+    set $session_redis_prefix                   sessions;
+    set $session_redis_database                 0;
+    set $session_redis_connect_timeout          1000; # (in milliseconds)
+    set $session_redis_send_timeout             1000; # (in milliseconds)
+    set $session_redis_read_timeout             1000; # (in milliseconds)
+    set $session_redis_host                     127.0.0.1;
+    set $session_redis_port                     6379;
+    set $session_redis_ssl                      off;
+    set $session_redis_ssl_verify               off;
+    set $session_redis_uselocking               on;
+    set $session_redis_spinlockwait             150;  # (in milliseconds)
+    set $session_redis_maxlockwait              30;   # (in seconds)
+
+    location /t {
+        content_by_lua_block {
+            local t = require("lib.test_admin").test
+            local http = require "resty.http"
+            local login_keycloak = require("lib.keycloak").login_keycloak
+            local concatenate_cookies = 
require("lib.keycloak").concatenate_cookies
+
+            local code, body = t('/apisix/admin/routes/1',
+                 ngx.HTTP_PUT,
+                 [[{
+                        "plugins": {
+                            "openid-connect": {
+                                "discovery": 
"http://127.0.0.1:8080/realms/University/.well-known/openid-configuration";,
+                                "realm": "University",
+                                "client_id": "course_management",
+                                "client_secret": 
"d1ec69e9-55d2-4109-a3ea-befa071579d5",
+                                "redirect_uri": "http://127.0.0.1:]] .. 
ngx.var.server_port .. [[/authenticated",
+                                "ssl_verify": false,
+                                "bearer_only" : false,
+                                "timeout": 10,
+                                "introspection_endpoint_auth_method": 
"client_secret_post",
+                                "introspection_endpoint": 
"http://127.0.0.1:8080/realms/University/protocol/openid-connect/token/introspect";,
+                                "set_access_token_header": true,
+                                "access_token_in_authorization_header": false,
+                                "set_id_token_header": true,
+                                "set_userinfo_header": true,
+                                "set_refresh_token_header": true,
+                                "unauth_action": "deny"

Review Comment:
   what about these? 
   
![image](https://github.com/apache/apisix/assets/61597896/f568347d-1400-40f5-849a-1b3a6c31b859)
   



-- 
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.

To unsubscribe, e-mail: notifications-unsubscr...@apisix.apache.org

For queries about this service, please contact Infrastructure at:
us...@infra.apache.org