Hi
I’m using Kong Gateway in Kubernetes. I’ve installed Kong through Terraform & Helm.
I want to install a custom JWT Validator plugin. The plugin is mounted to “/usr/local/share/lua/5.1/kong/plugins/jwt-validator”. It seems to be picked up correctly because it prints my custom logs in the “init_worker” phase.
My problem is that the plugin is not called in any other request phase like “access”.
Relevant values.yaml properties:
env:
log_level: debug
plugins: bundled,jwt-validator
extraConfigMaps:
- name: ${kubernetes_config_map.kong_jwt_validator_plugin_config.metadata.0.name}
mountPath: /usr/local/share/lua/5.1/kong/plugins/jwt-validator
From the start up logs:
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:203: loader_fn(): Loading custom plugin entity: 'acme.acme_storage'
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: grpc-gateway
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: grpc-web
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: pre-function
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: post-function
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: azure-functions
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: zipkin
**2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: jwt-validator**
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: jwt
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:203: loader_fn(): Loading custom plugin entity: 'jwt.jwt_secrets'
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: acl
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:203: loader_fn(): Loading custom plugin entity: 'acl.acls'
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: correlation-id
2024/06/22 10:30:12 [debug] 1#0: [lua] plugins.lua:245: load_plugin(): Loading plugin: cors
You can see that the ‘jwt-validator’ plugin is loaded.
local JwtValidator = {
VERSION = "1.0.0",
PRIORITY = 10,
}
function JwtValidator:init_worker()
-- Implement logic for the init_worker phase here (http/stream)
kong.log.debug("init_worker")
end
function JwtValidator:preread(config)
-- Implement logic for the preread phase here (stream)
kong.log.debug("preread")
end
function JwtValidator:certificate(config)
-- Implement logic for the certificate phase here (http/stream)
kong.log.debug("certificate")
end
function JwtValidator:rewrite(config)
-- Implement logic for the rewrite phase here (http)
kong.log.debug("rewrite")
end
function JwtValidator:access(config)
-- Implement logic for the rewrite phase here (http)
kong.log.debug("access")
end
function JwtValidator:header_filter(config)
-- Implement logic for the header_filter phase here (http)
kong.log.debug("header_filter")
end
function JwtValidator:body_filter(config)
-- Implement logic for the body_filter phase here (http)
kong.log.debug("body_filter")
end
function JwtValidator:log(config)
-- Implement logic for the log phase here (http/stream)
kong.log.debug("log")
end
-- return the created table, so that Kong can execute it
return JwtValidator
local typedefs = require "kong.db.schema.typedefs"
local PLUGIN_NAME = "jwt-validator"
return {
name = PLUGIN_NAME,
fields = {
{
-- this plugin will only be applied to Services or Routes
consumer = typedefs.no_consumer
},
{
-- this plugin will only run within Nginx HTTP module
protocols = typedefs.protocols_http
},
{
config = {
type = "record",
fields = {
}
},
},
},
}