apisix icon indicating copy to clipboard operation
apisix copied to clipboard

Published 20 hours ago verified publisher icon apache

bug: forward-auth plugin return 502 when my forward-auth service return 401

Open LoveleeKay opened this issue 1 year ago • 6 comments

Current Behavior

bug: forward-auth plugin return 502 when my forward-auth service return 401

Expected Behavior

forward-auth plugin return 502 when my forward-auth service return 401

Error Logs

image

image image

Steps to Reproduce

It can only be reproduced on a mobile phone, and it occurs sporadically.

Environment

  • APISIX version (run apisix version):3.0.0
  • Operating system (run uname -a):
  • OpenResty / Nginx version (run openresty -V or nginx -V):
  • etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info):
  • APISIX Dashboard version, if relevant:
  • Plugin runner version, for issues related to plugin runners:
  • LuaRocks version, for installation issues (run luarocks --version):

LoveleeKay avatar Apr 22 '24 08:04 LoveleeKay

Please provide the steps to reproduce this issue!

nitishfy avatar Apr 23 '24 09:04 nitishfy

@LoveleeKay you can atleast provide the route/upstream configurations. And information about request the client makes.

shreemaan-abhishek avatar Apr 23 '24 15:04 shreemaan-abhishek

@shreemaan-abhishek this is the forward-auth route configurations image this is the upstream route configurations image this is the forward-auth plugin config image

LoveleeKay avatar Apr 24 '24 02:04 LoveleeKay

Please send the configuration in plain text, I cannot copy paste from a screenshot and neither does google index it 🙂

shreemaan-abhishek avatar Apr 24 '24 14:04 shreemaan-abhishek

@shreemaan-abhishek It's hard to reproduce, I only reproduce it on specific phones forward-auth route { "uris": [ "/sso-web/*" ], "name": "sso-web-qas", "methods": [ "GET", "POST", "HEAD", "PUT", "PATCH", "DELETE" ], "host": "apisixqas.ppp.com", "upstream": { "nodes": [ { "host": "ssoqas.ppp.com", "port": 443, "weight": 1 } ], "timeout": { "connect": 6, "send": 6, "read": 600 }, "type": "roundrobin", "hash_on": "vars", "scheme": "https", "pass_host": "node", "keepalive_pool": { "idle_timeout": 60, "requests": 1000, "size": 320 } }, "status": 1 } upstream route { "uri": "/personcenterfront-web/*", "name": "person-qas", "methods": [ "GET", "POST", "PUT", "DELETE", "PATCH", "HEAD", "OPTIONS", "CONNECT", "TRACE", "PURGE" ], "host": "apisixqas.ppp.com", "plugin_config_id": "checkUrlAuth-qas", "upstream": { "nodes": [ { "host": "personqas.ppp.com", "port": 443, "weight": 1 } ], "timeout": { "connect": 6, "send": 6, "read": 600 }, "type": "roundrobin", "scheme": "https", "pass_host": "node", "keepalive_pool": { "idle_timeout": 60, "requests": 1000, "size": 320 } }, "status": 1 } forward-auth plugin config { "key": "/apisix/plugin_configs/checkUrlAuth-qas", "value": { "id": "checkUrlAuth-qas", "create_time": 1684850158, "plugins": { "forward-auth": { "request_headers": [ "cookie", "timestamp" ], "request_method": "POST", "client_headers": [ "Location" ], "upstream_headers": [ "account", "name" ], "keepalive_timeout": 60000, "keepalive_pool": 5, "uri": "https://apisixqas.ppp.com/sso-web/auth/checkUrlAuth", "ssl_verify": false, "timeout": 3000, "keepalive": true }, "request-validation": { "rejected_code": 400, "header_schema": { "properties": {}, "type": "object" } } }, "update_time": 1688978755, "desc": "checkUrlAuth-qas" }, "modifiedIndex": 1170, "createdIndex": 111 }

LoveleeKay avatar Apr 25 '24 06:04 LoveleeKay

quick link to 3.0.0 forward-auth code

would you be able to try a newer version of APISIX and see if this is still an issue?

kayx23 avatar Apr 29 '24 04:04 kayx23