markusmueller commented on code in PR #11089:
URL: https://github.com/apache/apisix/pull/11089#discussion_r1557758797
##########
t/plugin/openid-connect5.t:
##########
@@ -138,3 +138,77 @@ __DATA__
}
--- response_body_like
hello world
+
+
+
+=== TEST 2: Call to route with locking session storage, no authentication and
unauth_action 'deny' should not block subsequent requests on same session
+--- config
+ set $session_storage redis;
+ set $session_redis_uselocking on;
+
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local http = require "resty.http"
+ local login_keycloak = require("lib.keycloak").login_keycloak
+ local concatenate_cookies =
require("lib.keycloak").concatenate_cookies
+
+ local code, body = t('/apisix/admin/routes/1',
+ ngx.HTTP_PUT,
+ [[{
+ "plugins": {
+ "openid-connect": {
+ "discovery":
"http://127.0.0.1:8080/realms/University/.well-known/openid-configuration";,
+ "realm": "University",
+ "client_id": "course_management",
+ "client_secret":
"d1ec69e9-55d2-4109-a3ea-befa071579d5",
+ "redirect_uri": "http://127.0.0.1:]] ..
ngx.var.server_port .. [[/authenticated",
+ "ssl_verify": false,
+ "unauth_action": "deny"
+ }
+ },
+ "upstream": {
+ "nodes": {
+ "127.0.0.1:1980": 1
+ },
+ "type": "roundrobin"
+ },
+ "uri": "/*"
+ }]]
+ )
+
+ local uri = "http://127.0.0.1:"; .. ngx.var.server_port .. "/hello"
+
+ -- Make the final call to protected route WITHOUT cookie
+ local httpc = http.new()
+ local res, err = httpc:request_uri(uri, {method = "GET"})
+
+ -- Extract cookie which is not authenticated
+ local cookie_str = concatenate_cookies(res.headers['Set-Cookie'])
+
+ -- Make the call to protected route cookie
+ local function firstRequest()
+ local httpc = http.new()
+ httpc:request_uri(uri, {
+ method = "GET",
+ headers = {
+ ["Cookie"] = cookie_str
+ }
+ })
+ end
+ ngx.thread.spawn(firstRequest)
Review Comment:
@starsz Thank you for the suggestion, I have implemented a wait for the
completion of the first request.
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
