API Priority in tyk-gateway 5.3.2

dana4056 · October 9, 2024, 8:50am

Hello!
First of all, thank you for your service.
I am writing this topic for inquiry.

In version 5.3.2 of tyk-gateway, API applied based on domain and listen path is not what I expected. It seems there are some unknown criteria which prioritizing through APIs.

I understand that it is working by the code I attach below.

// tyk-5.3.2/gateway/api_loader.go/(gw *Gateway) loadApps

	// sort by listen path from longer to shorter, so that /foo
	// doesn't break /foo-bar
	sort.Slice(specs, func(i, j int) bool {

		if specs[i].Domain != specs[j].Domain {
			return len(specs[i].Domain) > len(specs[j].Domain)
		}
		return len(specs[i].Proxy.ListenPath) > len(specs[j].Proxy.ListenPath)
	})

It seems the code of if-condition doesn’t work properly.
I think there is an issue for different domain with same length, it doesn’t follow the rule of listen path.

[Expected sorting conditions]

If a length of the domain set in API definition is longer, the priority is higher
If there are same domains, the priority is higher for the length of listen path

[Issue]

Different domain names, but same length, are not sorted in listen path length order

[Example]

[test-a.json API Definition]
domain: test-domain-a.com
listesn path: /test/listen/path

[test-b.json API Definition]
domain: test-domain-b.com
listesn path: /test/listen/path

[test-c.json API Definition]
domain: test-domain-a.com
listesn path: /test/listen/path/a

By the sets I wrote above, a priority is randomly determined according to the API loading order because the length of the domain, (e.g. which are 17 characters,) is the only parameter passed to pdqsort_func(), also listen paths length.

Therefore, if I call https://test-domain-a.com/test/listen/path/a, depends on the case, the rule would not follow test-c.json’s settings, but rather test-a.json’s.

Please share any idea to solve this issue.

Best regards,

Olu · October 11, 2024, 3:24pm

@dana4056 Hello and welcome to the community

Thanks for the inquiry, we will check this and get back to you.

Olu · October 23, 2024, 4:56pm

@dana4056 I can replicate the issue.

I will investigate more and take this internally and come back with an update

dana4056 · October 24, 2024, 8:13am

@Olu
Thank you for taking a look at the content.
Please let me know when you have a solution or a schedule for a new version

Olu · November 27, 2024, 8:32am

@dana4056 This has been identified as an issue.

As mentioned privately, the issue has 2 layers - domain preference and patch matching

The bug fix is currently at the testing stage, so a v5.7.0/v5.3.9 release is very close.

I’ll update this topic once I have more.

dana4056 · December 11, 2024, 4:53am

Hello Olu.
I saw that the tyk-gateway v5.7.0 has been released.
Is this issue resolved in v5.7.0?

Olu · December 11, 2024, 9:49am

Yes, the issue has been fixed in v5.7.0. The change log in the fixed section states:

Resolved API Routing Issue with Trailing Slashes and Overlapping Listen Paths

Fixed a routing issue that caused incorrect API matching when dealing with APIs that 
lacked a trailing slash, used custom domains, or had similar listen path patterns. 
Previously, the router prioritized APIs with longer subdomains and shorter listen paths, 
leading to incorrect matches when listen paths shared prefixes. This fix ensures 
accurate API matching, even when subdomains and listen paths overlap.