Skip to content

emaincourt/kong-jwt-claim-headers

 
 

Repository files navigation

kong-jwt-claim-headers

Add unencrypted, base64-decoded claims from a JWT payload as request headers to the upstream service.

Installation

luarocks install https://github.com/wego/kong-jwt-claim-headers/releases/download/v1.0.0/kong-jwt-claim-headers-1.0-1.src.rock

How it works

When enabled, this plugin will add new headers to requests based on the claims in the JWT provided in the request. The mappings from claim keys to request headers are defined in claim_headers.lua.

For example, if the JWT payload object is

{
  "uid" : "123456",
  "sub" : "[email protected]",
  "aud" : "affiliate",
  "aid" : "323232",
  "pid" : "987654"
}

and the mappings in claim_headers.lua are

return {
  ["uid"] = "X-Consumer-Token-User-Id",
  ["sub"] = "X-Consumer-Token-User-Email",
  ["aud"] = "X-Consumer-Token-Scopes"
}

then the following headers would be added.

X-Consumer-Token-User-Id : "123456"
X-Consumer-Token-User-Email : "[email protected]"
X-Consumer-Token-Scopes : "affiliate"

Configuration

Similar to the built-in JWT Kong plugin, you can associate the jwt-claim-headers plugin with an API with the following request:

curl -X POST http://localhost:8001/apis/29414666-6b91-430a-9ff0-50d691b03a45/plugins \
  --data "name=jwt-claim-headers" \
  --data "config.uri_param_names=jwt"
form parameter required description
name required The name of the plugin to use, in this case: jwt-claim-headers
uri_param_names optional A list of querystring parameters that Kong will inspect to retrieve JWTs. Defaults to jwt.

How to release

Create the Lua rock in current directory:

luarocks pack kong-plugin-jwt-claim-headers-1.0-1.rockspec

Release the Lua rock via GitHub.

Acknowledgements

Inspired by kong-plugin-jwt-claims-headers, thanks wshirey!

About

Kong JWT claim headers

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • Lua 100.0%