mikyll opened a new pull request, #11675: URL: https://github.com/apache/apisix/pull/11675
### Description The changes introduce a new parameter to [jwt-auth](https://apisix.apache.org/docs/apisix/plugins/jwt-auth/) plugin's route schema: `store_in_ctx`. If set to `true` (default is `false`) the plugin will store the validated JWT object in the request context. This feature is useful especially for custom plugins. For example, my company is currently using a custom ACL plugin, based on Casbin ([lua-casbin](https://github.com/casbin/lua-casbin)), that parses a JWT to extract permissions. Therefore, I would say this feature is useful at least for two reasons: - since the JWT can be removed from the request attributes (via `hide_credential = true` configuration), this provides another way to pass the token, without exposing it; - this prevents custom plugins from duplicated code (retrieve and parse JWT object), which `jwt-auth` plugin already does. Fixes #11281 ### Checklist - [x] I have explained the need for this PR and the problem it solves - [x] I have explained the changes or the new features added to this PR - [x] I have added tests corresponding to this change - [x] I have updated the documentation to reflect this change - [x] I have verified that this change is backward compatible (If not, please discuss on the [APISIX mailing list](https://github.com/apache/apisix/tree/master#community) first) <!-- Note 1. Mark the PR as draft until it's ready to be reviewed. 2. Always add/update tests for any changes unless you have a good reason. 3. Always update the documentation to reflect the changes made in the PR. 4. Make a new commit to resolve conversations instead of `push -f`. 5. To resolve merge conflicts, merge master instead of rebasing. 6. Use "request review" to notify the reviewer after making changes. 7. Only a reviewer can mark a conversation as resolved. --> -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
