Slade66 opened a new issue, #12658: URL: https://github.com/apache/apisix/issues/12658
### Description Consumer Configuration: ```bash curl -X PUT "http://10.30.60.116:9180/apisix/admin/consumers"; \ -H "X-API-KEY: your_admin_key" \ -d '{ "username": "shared-app", "plugins": { "jwt-auth": { "key": "shared-app-key", "secret": "a-string-secret-at-least-256-bit" } } }' ``` Route Configuration: ```bash curl -X PUT "http://10.30.60.116:9180/apisix/admin/routes/user-service-route"; \ -H "X-API-KEY: your_admin_key" \ -d '{ "uri": "/user/*", "plugins": { "jwt-auth": { "store_in_ctx": true }, "proxy-rewrite": { "uri": "/headers", "headers": { "set": { "X-User-ID": "$ctx_jwt_auth_payload_sub", "X-Username": "$ctx_jwt_auth_payload_username" }, "remove": [ "Authorization" ] } } }, "upstream": { "type": "roundrobin", "nodes": { "httpbin.org:443": 1 }, "scheme": "https" } }' ``` JWT Payload: ```json { "key": "shared-app-key", "username": "lyz", "iss": "user-service", "sub": "41062bf0-ba38-4993-aa11-edb7cee1ac5c", "aud": [ "api-gateway" ], "exp": 1760082649, "iat": 1759996249, "jti": "1e010168-2d9b-44be-b9c5-52934e778383" } ``` Request Command: ```bash curl "http://10.30.60.116:9080/user/profile"; \ -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJzaGFyZWQtYXBwLWtleSIsInVzZXJuYW1lIjoibHl6IiwiaXNzIjoidXNlci1zZXJ2aWNlIiwic3ViIjoiNDEwNjJiZjAtYmEzOC00OTkzLWFhMTEtZWRiN2NlZTFhYzVjIiwiYXVkIjpbImFwaS1nYXRld2F5Il0sImV4cCI6MTc2MDA4MjY0OSwiaWF0IjoxNzU5OTk2MjQ5LCJqdGkiOiIxZTAxMDE2OC0yZDliLTQ0YmUtYjljNS01MjkzNGU3NzgzODMifQ.rO9XoxbenNHjv23i2T6UvSvTMy9OUtuQvxWw40Vcias" ``` My Expectation: After processing the request, APISIX should forward a modified request to the upstream. The response from httpbin.org should show that: 1. The X-User-ID header is present with the value of the sub claim. 2. The X-Username header is present with the value of the username claim. 3. The original Authorization header has been removed. ```json { "headers": { "Accept": "*/*", "Host": "httpbin.org", "User-Agent": "curl/8.5.0", "X-Amzn-Trace-Id": "...", "X-Consumer-Username": "shared-app", "X-Forwarded-Host": "10.30.60.116", "X-User-ID": "41062bf0-ba38-4993-aa11-edb7cee1ac5c", "X-Username": "lyz" } } ``` Actual Result: **no expect header.** ```json { "headers": { "Accept": "*/*", "Authorization": "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9...", "Host": "10.30.60.116", "User-Agent": "curl/8.5.0", "X-Amzn-Trace-Id": "Root=1-68e77893-36d0062d14cbafee30970631", "X-Consumer-Username": "shared-app-key", "X-Forwarded-Host": "10.30.60.116" } } ``` ### Environment - APISIX version (run `apisix version`): 3.13.0 - Operating system (run `uname -a`): Linux fdb825996d73 4.19.90-52.22.v2207.ky10.x86_64 #1 SMP Tue Mar 14 12:19:10 CST 2023 x86_64 GNU/Linux - OpenResty / Nginx version (run `openresty -V` or `nginx -V`): nginx version: openresty/1.27.1.2 -- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. To unsubscribe, e-mail: [email protected] For queries about this service, please contact Infrastructure at: [email protected]
