You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
When attempting to perform a JWT Claim to Header extraction, envoy will fail to do the extraction if the claim is a URL-like string, for instance http://example.org/some_claim, and the fail is possibly silently, as I've been unable to locate logs with the failure.
In order to show this, I've created a docker compose based reproduction at CelsoSantos/envoy-jwt-claim-extraction, which contains a README.md detailing the steps to reproduce and showcase the issue.
If it IS expected functionality, where and why is it breaking? It's not clear from the jwt logs nor others inspected. Which log should expose the error message?
If it needs to be treated as a regex, what is the correct way to escape the string? go-format? javascript? Could an example be provided?
The text was updated successfully, but these errors were encountered:
This issue has been automatically marked as stale because it has not had activity in the last 30 days. It will be closed in the next 7 days unless it is tagged "help wanted" or "no stalebot" or other activity occurs. Thank you for your contributions.
When attempting to perform a JWT Claim to Header extraction, envoy will fail to do the extraction if the claim is a URL-like string, for instance
http://example.org/some_claim
, and the fail is possibly silently, as I've been unable to locate logs with the failure.Given a claim like
on the resulting request headers, the claim
"http://example.org/parent_token": "xyz"
will not have been extracted.Here's the
claim_to_headers
block:In order to show this, I've created a docker compose based reproduction at CelsoSantos/envoy-jwt-claim-extraction, which contains a README.md detailing the steps to reproduce and showcase the issue.
Now, there are some open questions here, namely:
jwt
logs nor others inspected. Which log should expose the error message?The text was updated successfully, but these errors were encountered: