janus
janus copied to clipboard
Published
20 hours ago •
motiv-labs
motiv-labs
introspection token strategy is not work??
Hi, I'm trying to set oauth2 plugin for endpoint. When I set the token_strategy as jwt, it showed that I need authentication, and then it went throug after I got a token from oauth server. However, when I set the token_strategy as introspection, it just went through without a valid token.
Here's my config for oauth2 plugin:
{
"name": "local",
"oauth_endpoints": {
"introspect": {
"preserve_host": false,
"listen_path": "/auth/token2",
"upstreams": {
"balancing": "roundrobin",
"targets": [{
"target": "http://192.168.10.213:8080/hello/d"
}]
},
"strip_path": true,
"append_path": false,
"methods": [
"GET",
"POST"
]
}
},
"token_strategy": {
"name": "introspection",
"settings": {
"use_auth_header": true,
"auth_header_type": "token"
}
}
}
jwt config is
{
"name": "local",
"oauth_endpoints": {
"token": {
"preserve_host": false,
"listen_path": "/auth/token",
"upstreams": {
"balancing": "roundrobin",
"targets": [{
"target": "http://192.168.10.213:8080/hello/c"
}]
},
"strip_path": true,
"append_path": false,
"methods": [
"GET",
"POST"
]
}
},
"token_strategy": {
"name": "introspection",
"settings": [
{"alg": "HS256", "key" : "secret"}
]
}
}
Both of token_strategy.settings maybe conflict??
Because I found that log is :
{
"log": "{\"api_name\":\"example\",\"error\":\"You need to set a JWT secret\",\"level\":\"error\",
\"msg\":\"Error executing plugin\",\"name\":\"oauth2\",\"time\":\"2019-12-31T23:20:05+08:00\"}\n",
"stream": "stderr",
"time": "2019-12-31T15:20:05.396673601Z"
}
