Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Cannot use context variable claims to access JWT token header claims. #1563

Closed
hustshawn opened this issue Mar 23, 2018 · 2 comments · Fixed by #1564
Closed

Cannot use context variable claims to access JWT token header claims. #1563

hustshawn opened this issue Mar 23, 2018 · 2 comments · Fixed by #1564
Labels

Comments

@hustshawn
Copy link

Do you want to request a feature or report a bug?
bug
What is the current behavior?
I am using OIDC, with JWT to access api. After api call passed the auth, tyk_gateway cannot extract the token claim in token header. eg. kid in my token
Bearer eyJ0eXAiOiJKV1QiLCJhbGciOiJSUzI1NiIsImtpZCI6ImkxMjM0NTY3ODAxIn0.eyJpc3MiOiJodHRwOi8vaWRwLXVhdC5pZnVuZC5jb20uaGsvIiwic3ViIjoiaTEyMzQ1Njc4MDEiLCJpYXQiOjE1MjE3OTM1MDcsImV4cCI6MTUzMTc5MzUwOCwiYXVkIjoiYjJiIn0.YOPiT4KHcRnwS6ZTtKutPsrRkSLRL_FtWYRE9vgDH-B_TQPABo4zophUvMV2wMZfESK_4KqsLKtLKz7dSM_yFmni66Ij9aUEs4991hc0u88OsXR6x5u35CWCmOnhXWFq2GMQZT79_QWC2Czr_lG0pUsbChWZKE6kLdSgQJEmfDB8IJqmyd9TGQvAn8HUPMtX3khusMXFf3AqSuU5YCvkPWS0MVzXpibCxSd0uVbRzRV-LrV4h5xf3FbCL7bXsLfXumYibtQDgFd4yPhsSM9rbJjO9ogrUPFy4rwwbvIiFcAMordOQb9iEeZgxuiPlkjVCvX7EnTEP9435eVbjcWFpVFcFDGyUZF56iozqP27I7XwINjAm5PBFM7FieayI9i5T_RU-dpFbqYoTwvQj-XNxRxYC9kH4qaebCRHGVcUGtiYMG9biG3Z7Obt1ym2FuM1oND9mLpCFxaC4j587iXRyycSzACpktLTlqFJoJYINLgS27JDRJ8fSjsj6Wp8-oW7mn1kERg2G0P4o83vONV6Vk-wxhkAQZVnUldsUNOPLEfxFB8V8oqUrAhogmi0uCAqWtbpUY6sdgnjHIaxG0rUvhgeEjVSBWI8Wz75MBGTSfQs7atS7EKUsf-kc8532MpQzGbkPQAROIXa6RUu2UHu7W2QUUxMcSpwtkoCTUsdM7I

As can be find in doc, jwt_claims_CLAIMNAME - If JWT tokens are being used, then each claim in the JWT is available in this format to the context processor., seems like not all claims are parsed, only the claims in the token body.

What is the expected behavior?
Can access the token header claim from context variable.

If the current behavior is a bug, please provide the steps to reproduce and if possible a minimal demo of the problem
Create OIDC auth api, log the output from jwt_claims_TOKEN_HEADER_CLAIM.

Which versions of Tyk affected by this issue? Did this work in previous versions of Tyk?
tyk v2.5.3

@letzya letzya added the bug label Mar 23, 2018
@letzya letzya added this to the Release 2.7 milestone Mar 23, 2018
@buger buger removed this from the Release 2.7 milestone Mar 23, 2018
buger added a commit that referenced this issue Mar 23, 2018
Right now we expose to context only body claims, this PR expose header
claims like `kid`  as well.

Should fix #1563
buger added a commit that referenced this issue Mar 23, 2018
Right now we expose to context only body claims, this PR expose header
claims like `kid`  as well.

Should fix #1563
@buger
Copy link
Member

buger commented Mar 23, 2018

Fix should be included into 2.5.4 aimed to next week

@iamtour
Copy link

iamtour commented Mar 24, 2018

@buger In the same case of above, we also fail to get $tyk_context.jwt_claims_iat and $tyk_context.jwt_claims_exp, please advise, thanks.
cloned to issue #1567

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
Projects
None yet
Development

Successfully merging a pull request may close this issue.

4 participants