Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AuthQueries can differ for an API session #1589

Open
andrewpmartinez opened this issue Apr 19, 2023 · 0 comments
Open

AuthQueries can differ for an API session #1589

andrewpmartinez opened this issue Apr 19, 2023 · 0 comments
Assignees
@andrewpmartinez
Labels
bug Something isn't working

Comments

@andrewpmartinez
Copy link
Member

Experienced

The authQuery property return on authentication and via GET /current-api-session will differ. The version returned during auth will have 0 auth queries, while the GET will always return EXT-JWT auth queries - even if the proper JWT was provided.

Expected
The auth query value from GET /current-api-session should not contain an EXT-JWT query if it was satisfied.

Reproduction

  1. Create an auth policy that allows ext jwt authentication and turn on secondary authentication to require a JWT on every request
  2. Authenticate via JWT, see API Session auth queries
  3. Get the current API session w/ a valid JWT, inspect the auth queries
@andrewpmartinez andrewpmartinez self-assigned this Apr 19, 2023
@andrewpmartinez andrewpmartinez added the bug Something isn't working label Apr 19, 2023
@plorenz plorenz transferred this issue from openziti/edge Dec 14, 2023
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@andrewpmartinez andrewpmartinez

Labels
bug Something isn't working
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@andrewpmartinez