How to set Kong "Authenticated Consumer" context during OAuth2 Bearer token generation?


#1

Something I have been wanting to achieve is around logging when an OAuth Client Credentials consumer has generated their bearer token against a token endpoint. Currently Kong logging does not capture that info.

We keep a global /auth/oauth2/token endpoint of sorts where the global http log plugin will execute, but no capturing of the users who used their client_id / client_secret to make a token gets logged(username is what I care most to capture).

There is currently a Kong value meant for this such as:

ngx.ctx.authenticated_consumer
ngx.ctx.authenticated_consumer.username

In pdk you have it abstracted as .get_consumer()

This value above is not set during the act of generating an OAuth token from client credential pairs, I personally believe it to be a scenario where setting the authenticated_consumer is appropriate. Maybe somewhere within this function:

Something like:

ngx.ctx.authenticated_consumer.id= ?????
ngx.ctx.authenticated_consumer.username= ????

Not sure if the actual consumers id and username are even available within this function or best way to implement the enhancement hence my posting here :smile: .

-Jeremy


#2

Edit - I figured it out and did a PR.