Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

fix: authz_keycloak plugin giving 500 error #10763

Merged
merged 5 commits into from
Jan 9, 2024
Merged

fix: authz_keycloak plugin giving 500 error #10763

merged 5 commits into from
Jan 9, 2024

Conversation

lakshya8066
Copy link
Contributor

Description

In the authz_keycloack plugin, when we set lazy_load_paths as true and do not provide resource_registration_endpoint either in the plugin config or in the discovery doc we get a 500 error code.
This error code comes from here

apisix/apisix/plugins/authz-keycloak.lua

Line 580 in ab67b09

if #permission == 0 and conf.policy_enforcement_mode == "ENFORCING" then
when we try to get the length of permission because an integer value, 503, is passed to it from here

apisix/apisix/plugins/authz-keycloak.lua

Line 506 in ab67b09

return 503, err

This PR changes the return value of permission to nil. This will now return error 503 when this check runs:

apisix/apisix/plugins/authz-keycloak.lua

Line 569 in ab67b09

if permission == nil then

Fixes #10708

Checklist

  • I have explained the need for this PR and the problem it solves
  • I have explained the changes or the new features added to this PR
  • I have added tests corresponding to this change
  • I have updated the documentation to reflect this change
  • I have verified that this change is backward compatible (If not, please discuss on the APISIX mailing list first)

@monkeyDluffy6017
Copy link
Contributor

monkeyDluffy6017 commented Jan 8, 2024
edited
Loading

please make the ci pass

@monkeyDluffy6017 monkeyDluffy6017 added the wait for update wait for the author's response in this issue/PR label Jan 8, 2024
@lakshya8066
Copy link
Contributor Author

I think the ci is failing because of the extra line I added. I'll remove it and check

@monkeyDluffy6017 monkeyDluffy6017 added approved and removed wait for update wait for the author's response in this issue/PR user responded labels Jan 9, 2024
@moonming moonming merged commit 580c1b9 into apache:master Jan 9, 2024
44 checks passed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@monkeyDluffy6017 monkeyDluffy6017 monkeyDluffy6017 approved these changes

@Vacant2333 Vacant2333 Vacant2333 approved these changes

@moonming moonming moonming approved these changes

Assignees
No one assigned
Labels
approved
Projects
None yet
Milestone
No milestone
4 participants
@lakshya8066 @monkeyDluffy6017 @Vacant2333 @moonming