kong icon indicating copy to clipboard operation
kong copied to clipboard
verified publisher icon Kong

Fix (JWT) allow int custom_id in JWT plugin

Open martinivanov opened this issue 7 years ago • 2 comments

Kong requests fail when an int custom_id parameter is set in the JWT claims. The schema for jwt_secrets table defines the key as a string, but there is no type check or stringification before querying the datastore for a JWT secret. As a result, when the custom_id claim is an integer instead of a string, the query generated by DAO fails with a type inconsistency error. The fix just makes sure, that the value passed to the query is a string before executing.

martinivanov avatar Jul 25 '18 16:07 martinivanov

@martinivanov Hi,

Thank you for the patch! Would you be able to provide a regression test for it as well? It is mandatory for us to accept it. Thank you!

thibaultcha avatar Jul 26 '18 20:07 thibaultcha

CLA assistant check
All committers have signed the CLA.

CLAassistant avatar Jul 01 '19 06:07 CLAassistant

Closing because of lack of activity. We would like to accept this contribution if anyone wishes to pick this back up.

hbagdi avatar Oct 25 '22 21:10 hbagdi