-
Notifications
You must be signed in to change notification settings - Fork 149
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
API Authz token policy does not compile #49
Comments
@samdyzon Can you link to the example you are running ?
Here is a link to the Rego Language Reference. |
Hey mate, I'm just running the api_authz example from the OPA contrib repo. I'm running I appreciate any assistance you can offer :) |
Have you tried the HTTP API Authorization tutorial from the OPA website ? This is more up-to-date. |
Yes, I have - the syntax in that tutorial is slightly different, but the result is the same - unsafe variables in the token decoding call. |
I assume your docker compose file looks like below: version: '2'
services:
opa:
image: openpolicyagent/opa:0.10.5
ports:
- 8181:8181
# WARNING: OPA is NOT running with an authorization policy configured. This
# means that clients can read and write policies in OPA. If you are
# deploying OPA in an insecure environment, be sure to configure
# authentication and authorization on the daemon. See the Security page for
# details: https://www.openpolicyagent.org/docs/security.html.
command:
- "run"
- "--server"
- "--log-level=debug"
api_server:
image: openpolicyagent/demo-restful-api:0.2
ports:
- 5000:5000
environment:
- OPA_ADDR=http://opa:8181
- POLICY_PATH=/v1/data/httpapi/authz |
Nope, my docker-compose files were using an older version. I submitted a pull-request to fix this for others who might experience the same. Thanks for your help @ashutosh-narkar! |
Hi, I've attempted to run the example policy in the api_authz example, but I get the following errors when launching the docker container:
Line 7 indicates this is an issue with the results from the
io.jwt.decode
call. I cannot find any documentation regarding unsafe variables and how to avoid this issue. Is there any further information I could use to solve this issue?The text was updated successfully, but these errors were encountered: