bearer_jwt_auth_enable: Access token not passed upstream
Closed this issue · 1 comments
Hi there! Thanks for maintaining this plugin, it helps a lot!
When the option bearer_jwt_auth_enable
is used the verified access token is not passed upstream. Is this by design?
Our use case is using a token with multiple API gateways potentially being chained where the token typically is passed as Authorization header. When using the bearer_jwt_auth_enable
option the token does not reach the upstream server.
See
kong-oidc/kong/plugins/oidc/handler.lua
Lines 36 to 43 in d0d7a2b
And the other location when the oidc cycle is being done where the access token is set
kong-oidc/kong/plugins/oidc/handler.lua
Line 78 in d0d7a2b
Thanks!
Well actually it is.. seems to be an issue with the application logic. Sorry for bothering 😅