JWT认证配置失败 #1492
Unanswered
bianshuangwei
asked this question in
Q&A
JWT认证配置失败
#1492
Replies: 0 comments
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
按照官网JWT认证配置和网上的案例,配置了全局JWT认证如下:
consumers:
jwks: |
{
"keys": [
{
"kty": "RSA",
"n": "eyJraWQiOiJraWQiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqaWFuZ2hhbyIsImF1ZCI6ImF1ZGllbmNlIiwiZXhwIjoxNzMxNjM3MDQ0LCJqdGkiOiI2OFBleU15WmJBU0lnbWs4aXkzSmp3IiwiaWF0IjoxNzMxMDMyMjQ0LCJuYmYiOjE3MzEwMzIxMjQsInN1YiI6InN1YmplY3QiLCJ1c2VyTmFtZSI6ImppYW5naGFvIiwicGFzc1dvcmQiOiJsaXFpbnNoZTEyM0AifQ.ZaPg07u9gW2sUGMfsLZLjm8WVheP2s_8_mCE665bDPV-pcjJvgykO55vpc6YDeYNLXUDiw3e7faonQ2f5cOaGegG2-eRTSigz84xZYI5h7zeuKYE-scQZTgRtcBxUOymkP4SqZvX-f49Iai_BW6WB6PO7RopydCK0EA2EQYBuRL63Hmy9gvbGLd4ZKDaSbo_0STun10G9sz8P8KuNJKd-SH35CSvBUuzPAIT6iIHnZx7-1374Ecj-FlHHC16-n2bke0-fbw5trrBNn2zmFKfrjGk_idenODxRfDhAmHyOdHujqVC-fu37Qq1gfGuFezKoJ4xxs3X9WBJZPiPYjvQ1g",
"e": "AQAB",
"kid": "kid"
}
]
}
name: "consumer1"
global_auth: true
在路由配置了允许consumer1,通过bin/log.sh gateway查看日志,有如下报错:
gateway-1 | 2024-11-08T03:05:16.056182Z info wasm fetching image plugins/jwt-auth from registry higress-registry.cn-hangzhou.cr.aliyuncs.com with tag latest
gateway-1 | 2024-11-08T03:05:30.969890Z info wasm fetching image plugins/jwt-auth from registry higress-registry.cn-hangzhou.cr.aliyuncs.com with tag latest
gateway-1 | 2024-11-08T03:05:32.863261Z warning envoy wasm external/envoy/source/extensions/common/wasm/context.cc:1390 wasm log: [extensions/jwt_auth/plugin.cc:113]::operator()() jwks is invalid, consumer:consumer1, status:Jwks RSA [n] or [e] field is missing or has a parse error, jwks:{
gateway-1 | "keys": [
gateway-1 | {
gateway-1 | "kty": "RSA",
gateway-1 | "n": "eyJraWQiOiJraWQiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqaWFuZ2hhbyIsImF1ZCI6ImF1ZGllbmNlIiwiZXhwIjoxNzMxNjM3MDQ0LCJqdGkiOiI2OFBleU15WmJBU0lnbWs4aXkzSmp3IiwiaWF0IjoxNzMxMDMyMjQ0LCJuYmYiOjE3MzEwMzIxMjQsInN1YiI6InN1YmplY3QiLCJ1c2VyTmFtZSI6ImppYW5naGFvIiwicGFzc1dvcmQiOiJsaXFpbnNoZTEyM0AifQ.ZaPg07u9gW2sUGMfsLZLjm8WVheP2s_8_mCE665bDPV-pcjJvgykO55vpc6YDeYNLXUDiw3e7faonQ2f5cOaGegG2-eRTSigz84xZYI5h7zeuKYE-scQZTgRtcBxUOymkP4SqZvX-f49Iai_BW6WB6PO7RopydCK0EA2EQYBuRL63Hmy9gvbGLd4ZKDaSbo_0STun10G9sz8P8KuNJKd-SH35CSvBUuzPAIT6iIHnZx7-1374Ecj-FlHHC16-n2bke0-fbw5trrBNn2zmFKfrjGk_idenODxRfDhAmHyOdHujqVC-fu37Qq1gfGuFezKoJ4xxs3X9WBJZPiPYjvQ1g",
gateway-1 | "e": "AQAB",
gateway-1 | "kid": "kid"
gateway-1 | }
gateway-1 | ]
gateway-1 | }
gateway-1 | thread=23
gateway-1 | 2024-11-08T03:05:32.863473Z warning envoy wasm external/envoy/source/extensions/common/wasm/context.cc:1390 wasm log: [extensions/jwt_auth/plugin.cc:287]::parsePluginConfig() failed to parse configuration for consumers. thread=23
gateway-1 | 2024-11-08T03:05:32.863277Z warning envoy wasm external/envoy/source/extensions/common/wasm/context.cc:1390 wasm log: [extensions/jwt_auth/plugin.cc:113]::operator()() jwks is invalid, consumer:consumer1, status:Jwks RSA [n] or [e] field is missing or has a parse error, jwks:{
gateway-1 | "keys": [
gateway-1 | {
gateway-1 | "kty": "RSA",
gateway-1 | "n": "eyJraWQiOiJraWQiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqaWFuZ2hhbyIsImF1ZCI6ImF1ZGllbmNlIiwiZXhwIjoxNzMxNjM3MDQ0LCJqdGkiOiI2OFBleU15WmJBU0lnbWs4aXkzSmp3IiwiaWF0IjoxNzMxMDMyMjQ0LCJuYmYiOjE3MzEwMzIxMjQsInN1YiI6InN1YmplY3QiLCJ1c2VyTmFtZSI6ImppYW5naGFvIiwicGFzc1dvcmQiOiJsaXFpbnNoZTEyM0AifQ.ZaPg07u9gW2sUGMfsLZLjm8WVheP2s_8_mCE665bDPV-pcjJvgykO55vpc6YDeYNLXUDiw3e7faonQ2f5cOaGegG2-eRTSigz84xZYI5h7zeuKYE-scQZTgRtcBxUOymkP4SqZvX-f49Iai_BW6WB6PO7RopydCK0EA2EQYBuRL63Hmy9gvbGLd4ZKDaSbo_0STun10G9sz8P8KuNJKd-SH35CSvBUuzPAIT6iIHnZx7-1374Ecj-FlHHC16-n2bke0-fbw5trrBNn2zmFKfrjGk_idenODxRfDhAmHyOdHujqVC-fu37Qq1gfGuFezKoJ4xxs3X9WBJZPiPYjvQ1g",
gateway-1 | "e": "AQAB",
gateway-1 | "kid": "kid"
gateway-1 | }
gateway-1 | ]
gateway-1 | }
gateway-1 | thread=33
gateway-1 | 2024-11-08T03:05:32.864197Z warning envoy wasm external/envoy/source/extensions/common/wasm/context.cc:1390 wasm log: [extensions/jwt_auth/plugin.cc:287]::parsePluginConfig() failed to parse configuration for consumers. thread=33
gateway-1 | 2024-11-08T03:05:32.864219Z warning envoy wasm external/envoy/source/extensions/common/wasm/context.cc:1390 wasm log: [extensions/jwt_auth/plugin.cc:113]::operator()() jwks is invalid, consumer:consumer1, status:Jwks RSA [n] or [e] field is missing or has a parse error, jwks:{
gateway-1 | "keys": [
gateway-1 | {
gateway-1 | "kty": "RSA",
gateway-1 | "n": "eyJraWQiOiJraWQiLCJhbGciOiJSUzI1NiJ9.eyJpc3MiOiJqaWFuZ2hhbyIsImF1ZCI6ImF1ZGllbmNlIiwiZXhwIjoxNzMxNjM3MDQ0LCJqdGkiOiI2OFBleU15WmJBU0lnbWs4aXkzSmp3IiwiaWF0IjoxNzMxMDMyMjQ0LCJuYmYiOjE3MzEwMzIxMjQsInN1YiI6InN1YmplY3QiLCJ1c2VyTmFtZSI6ImppYW5naGFvIiwicGFzc1dvcmQiOiJsaXFpbnNoZTEyM0AifQ.ZaPg07u9gW2sUGMfsLZLjm8WVheP2s_8_mCE665bDPV-pcjJvgykO55vpc6YDeYNLXUDiw3e7faonQ2f5cOaGegG2-eRTSigz84xZYI5h7zeuKYE-scQZTgRtcBxUOymkP4SqZvX-f49Iai_BW6WB6PO7RopydCK0EA2EQYBuRL63Hmy9gvbGLd4ZKDaSbo_0STun10G9sz8P8KuNJKd-SH35CSvBUuzPAIT6iIHnZx7-1374Ecj-FlHHC16-n2bke0-fbw5trrBNn2zmFKfrjGk_idenODxRfDhAmHyOdHujqVC-fu37Qq1gfGuFezKoJ4xxs3X9WBJZPiPYjvQ1g",
gateway-1 | "e": "AQAB",
gateway-1 | "kid": "kid"
gateway-1 | }
gateway-1 | ]
gateway-1 | }
看报错日志,提示缺少n和e的配置,但是配置的jwks中是有这两个元素的,json的格式也没有问题,请问这个配置报错的原因是什么呢?
Beta Was this translation helpful? Give feedback.
All reactions