API Authz token policy does not compile #49
Comments
|
@samdyzon Can you link to the example you are running ?
Here is a link to the Rego Language Reference. |
|
Hey mate, I'm just running the api_authz example from the OPA contrib repo. I'm running I appreciate any assistance you can offer :) |
|
Have you tried the HTTP API Authorization tutorial from the OPA website ? This is more up-to-date. |
|
Yes, I have - the syntax in that tutorial is slightly different, but the result is the same - unsafe variables in the token decoding call. |
|
I assume your docker compose file looks like below: version: '2'
services:
opa:
image: openpolicyagent/opa:0.10.5
ports:
- 8181:8181
# WARNING: OPA is NOT running with an authorization policy configured. This
# means that clients can read and write policies in OPA. If you are
# deploying OPA in an insecure environment, be sure to configure
# authentication and authorization on the daemon. See the Security page for
# details: https://www.openpolicyagent.org/docs/security.html.
command:
- "run"
- "--server"
- "--log-level=debug"
api_server:
image: openpolicyagent/demo-restful-api:0.2
ports:
- 5000:5000
environment:
- OPA_ADDR=http://opa:8181
- POLICY_PATH=/v1/data/httpapi/authz |
|
Nope, my docker-compose files were using an older version. I submitted a pull-request to fix this for others who might experience the same. Thanks for your help @ashutosh-narkar! |
Hi, I've attempted to run the example policy in the api_authz example, but I get the following errors when launching the docker container:
Line 7 indicates this is an issue with the results from the
io.jwt.decodecall. I cannot find any documentation regarding unsafe variables and how to avoid this issue. Is there any further information I could use to solve this issue?The text was updated successfully, but these errors were encountered: