Traefik middleware plugin which forwards JWT claims as request headers
The plugin needs to be configured in the Traefik static configuration before it can be used.
The following snippet can be used as an example for the values.yaml file:
pilot:
enabled: true
token: xxxxx-xxxx-xxxx
experimental:
plugins:
enabled: true
additionalArguments:
- --experimental.plugins.traefik-jwt-headers-plugin.modulename=github.com/lion7/traefik-jwt-headers-plugin
- --experimental.plugins.traefik-jwt-headers-plugin.version=v0.0.3traefik \
--experimental.pilot.token=xxxx-xxxx-xxx \
--experimental.plugins.traefik-jwt-headers-plugin.moduleName=github.com/lion7/traefik-jwt-headers-plugin \
--experimental.plugins.traefik-jwt-headers-plugin.version=v0.0.3
You can decide to limit the forwarded claims/headers to a given list with the claims option.
Each claim can be set to:
keepto keep the valuedropto drop the value
The defaultMode for claims is drop.
apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
name: my-traefik-jwt-headers-plugin
spec:
plugin:
traefik-jwt-headers-plugin:
defaultMode: drop
claims:
sub: keep
mysecret: drop
user.name: keep
organization.name: keep
[http]
[http.middlewares]
[http.middlewares.my-traefik-jwt-headers-plugin]
[http.middlewares.my-traefik-jwt-headers-plugin.plugin]
[http.middlewares.my-traefik-jwt-headers-plugin.plugin.traefik-jwt-headers-plugin]
defaultMode = "drop"
[http.middlewares.my-traefik-jwt-headers-plugin.plugin.traefik-jwt-headers-plugin.claims]
sub = "keep"
mysecret = "drop"
user.name = "keep"
organization.name = "keep"http:
middlewares:
my-traefik-jwt-headers-plugin:
plugin:
traefik-jwt-headers-plugin:
defaultMode: drop
claims:
sub: keep
mysecret: drop
user.name: keep
organization.name: keepThis software is released under the Apache 2.0 License