Multiple matching rules are causing 500
Opened this issue · 0 comments
krukowskid commented
Preflight checklist
- I could not find a solution in the existing issues, docs, nor discussions.
- I agree to follow this project's Code of Conduct.
- I have read and am following this repository's Contribution Guidelines.
- I have joined the Ory Community Slack.
- I am signed up to the Ory Security Patch Newsletter.
Ory Network Project
No response
Describe the bug
Hey!
I am trying to simplify configuration by replacing per service rules with default rule to always require token and some exclusions from the default. However, after using wildcard in url it throws 500 for requests that match both "default" rule and exclusion rule. If there is any workaround that I can use to make it work?
Reproducing the bug
[
{
"id": "allow-all",
"match": {
"url": "<https|http>://<.*>/serviceX.v1.<.*>",
"methods": ["GET", "POST", "PUT", "PATCH", "DELETE"]
},
"authenticators": [
{
"handler": "noop"
}
],
"authorizer": {
"handler": "allow"
},
"mutators": [
{
"handler": "noop"
}
]
},
{
"id": "auth-required-default",
"match": {
"url": "<https|http>://<.*>",
"methods": ["GET", "POST", "PUT", "PATCH", "DELETE"]
},
"authenticators": [
{
"handler": "bearer_token"
}
],
"authorizer": {
"handler": "allow"
},
"mutators": [{
"handler": "header"
}]
}
]Relevant log output
No response
Relevant configuration
No response
Version
v0.40.7
On which operating system are you observing this issue?
Windows
In which environment are you deploying?
Docker Compose
Additional Context
No response