Plugin configuration is not loaded

armeldemarsac92 · July 22, 2025, 7:21am

Hey there,

I am currently porting the now archived open source revomatico/oidc plugin to the latest kong specs. I managed to update the plugin’s code, seems functionnal, my only problem is that the plugin configuration is just not loaded ! No matter what I do, the config is “nil”, even for values that have a default value in the schema.lua. The plugin has some dependencies so I choosed to build a custom kong gateway docker image containing the plugin. Here is my plugin yaml configuration:

apiVersion: configuration.konghq.com/v1
kind: KongPlugin
metadata:
  name: oidc
  namespace: monitoring
  annotations:
    konghq.com/ingress.class: kong
  labels:
    global: "false"
config:
  # Required fields
  client_id: kong-gateway
  client_secret: your-super-secret-client-secret
  realm: example-realm
  discovery: http://redacted/.well-known/openid-configuration
  scope: openid
  response_type: code
  introspection_cache_ignore: "no"
  bearer_only: "no"
  validate_scope: "no"
  ssl_verify: "no"
  use_jwks: "no"
  token_endpoint_auth_method: client_secret_post
  bearer_jwt_auth_signing_algs:
    - RS256
  header_names: []
  header_claims: []
  
  # Optional fields 
  redirect_uri: https://otterstack.local/grafana/_oauth
  redirect_after_logout_uri: https://otterstack.local
  unauth_action: "auth"
  recovery_page_path: "https://google.com"
  logout_path: "/logout"
  redirect_after_logout_with_id_token_hint: "no"
  userinfo_header_name: "X-USERINFO"
  id_token_header_name: "X-ID-Token"
  access_token_header_name: "X-Access-Token"
  access_token_as_bearer: "no"
  disable_userinfo_header: "no"
  disable_id_token_header: "no"
  disable_access_token_header: "no"
  revoke_tokens_on_logout: "no"
  groups_claim: "groups"
  skip_already_auth_requests: "no"
  bearer_jwt_auth_enable: "no"
disabled: false
plugin: oidc

Here is how the plugin is referenced by the httproute:

apiVersion: gateway.networking.k8s.io/v1
kind: HTTPRoute
metadata:
  name: http-grafana
  namespace: monitoring
  annotations:
    konghq.com/plugins: oidc
spec:
  parentRefs:
  - name: kong
    kind: Gateway
    namespace: default
    sectionName: global-https
  rules:
  - matches:
    - path:
        type: PathPrefix
        value: /grafana
    filters:
    - type: URLRewrite
      urlRewrite:
        path:
          type: ReplacePrefixMatch
          replacePrefixMatch: /
    backendRefs:
    - name: my-grafana
      kind: Service
      port: 80
      namespace: monitoring

Any help would be greatly appreciated, I want to open source this new port in order to make kong oidc free again !

armeldemarsac92 · July 23, 2025, 11:08am

Solved !! There was a lua error in the plugin that prevented the correct loading of the code

Topic		Replies	Views
Free Kong OIDC plugin now live again! Announcements kubernetes , plugins , kong-gateway	2	399	August 22, 2025
Kong Community Custom Plugin not loaded Questions kubernetes	1	1013	December 4, 2019
Kong bypassing kong-oidc plugin Questions	3	1845	December 11, 2019
Kong fails to register plugins (1.3.0rc1) Questions kubernetes	1	1137	August 7, 2019
Kong custom image w baked in plugin refused by kong gateway operator Questions	7	118	July 23, 2025

Plugin configuration is not loaded

Related topics