APIcast
APIcast copied to clipboard
3scale
Issue with disabling auth cache via policy
Perhaps this is an issue with my configuration:
Using the following config I was attempting to disable the auth cache as described in the caching policy schema
{
"id": 1,
"services": [
{
"id": 2555417764324,
"backend_version": "1",
"backend_authentication_type": "service_token",
"backend_authentication_value": "redacted",
"proxy": {
"policy_chain": [{ "name": "apicast.policy.caching", "configuration": { "caching_type": "none"}}],
"api_backend": "https://echo-api.3scale.net:443",
"auth_app_key": "app_key",
"auth_app_id": "app_id",
"auth_user_key": "user_key",
"credentials_location": "query",
"error_auth_failed": "Authentication failed",
"error_limits_exceeded": "Limits exceeded",
"error_auth_missing": "Authentication parameters missing",
"error_status_auth_failed": 403,
"error_headers_auth_failed": "text/plain; charset=us-ascii",
"error_status_limits_exceeded": 429,
"error_headers_limits_exceeded": "text/plan; charset=us-ascii",
"error_status_auth_missing": 403,
"error_headers_auth_missing": "text/plain; charset=us-ascii",
"error_no_match": "No Mapping Rule matched",
"error_status_no_match": 404,
"error_headers_no_match": "text/plain; charset=us-ascii",
"secret_token": "Shared_secret_sent_from_proxy_to_API_backend",
"hostname_rewrite": null,
"oauth_login_url": null,
"hosts": [
"localhost",
"127.0.0.1"
],
"backend": {
"endpoint": "http://docker.for.mac.host.internal:3000",
"host": "docker.for.mac.host.internal"
},
"proxy_rules": [
{
"id": 481727,
"proxy_id": 110538,
"http_method": "GET",
"pattern": "/productpage",
"metric_id": 2555418138963,
"metric_system_name": "hits",
"delta": 1,
"tenant_id": 2445582571513,
"created_at": "2019-06-07T09:10:01Z",
"updated_at": "2019-09-16T11:29:21Z",
"redirect_url": null,
"position": 1,
"last": false,
"owner_id": 110538,
"owner_type": "Proxy"
},
{
"id": 547704,
"proxy_id": 110538,
"http_method": "GET",
"pattern": "/get",
"metric_id": 2555418138963,
"metric_system_name": "hits",
"delta": 1,
"tenant_id": 2445582571513,
"created_at": "2019-12-18T16:40:59Z",
"updated_at": "2019-12-18T16:57:08Z",
"redirect_url": null,
"position": 2,
"last": false,
"owner_id": 110538,
"owner_type": "Proxy"
}
]
}
}
]
}
Current Result
With this config I get no JSON response that I received without adding the policy_chain field and nested policy. I don't get an error, just a 200 and empty response. Rate limits aren't hit.
Expected Result
To get the following response:
{
"method": "GET",
"path": "/get",
"args": "user_key=redacted",
"body": "",
"headers": {
"HTTP_VERSION": "HTTP/1.1",
"HTTP_HOST": "echo-api.3scale.net",
"HTTP_ACCEPT": "*/*",
"HTTP_USER_AGENT": "curl/7.54.0",
"HTTP_X_3SCALE_PROXY_SECRET_TOKEN": "Shared_secret_sent_from_proxy_to_API_backend",
"HTTP_X_REAL_IP": "172.17.0.1",
"HTTP_X_FORWARDED_FOR": "37.228.233.51, 10.0.101.161",
"HTTP_X_FORWARDED_HOST": "echo-api.3scale.net",
"HTTP_X_FORWARDED_PORT": "443",
"HTTP_X_FORWARDED_PROTO": "https",
"HTTP_FORWARDED": "for=10.0.101.161;host=echo-api.3scale.net;proto=https"
},
"uuid": "f7aaac6a-7ee6-4bfe-a67f-343c3dfa28f3"
}
and to see rate limits respected and to see no cache hit messages in apicast logs
Additional Information
When I removed the policy_chain and set the deprecated env var APICAST_BACKEND_CACHE_HANDLER=none I got the result I expected
