jenskeiner commented on a change in pull request #2903:
URL: https://github.com/apache/apisix/pull/2903#discussion_r533159866
##########
File path: apisix/plugins/openid-connect.lua
##########
@@ -152,26 +225,28 @@ function _M.access(plugin_conf, ctx)
core.log.error("failed to introspect in openidc: ", err)
return response
end
- if response then
Review comment:
The reason is that adding the user info header is now handled in the
`introspect` method. The header will still be added, if so configured, and
introspection is done via the actual endpoint as opposed to just checking
against the public key. Let me know if you see any problem with this approach.
----------------------------------------------------------------
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
For queries about this service, please contact Infrastructure at:
[email protected]
