Hey Tyk community! I’m developing a Go native plugin that should perform authentication. I’m struggling to understand why it won’t load. I built the plugin with the Tyk compiler (v5.2.2, same as the gateway).
Here is my API config:
{
"name": "usr-mgmt",
"api_id": "usr-mgmt",
"use_openid": false,
"org_id": "default",
"openid_options": null,
"use_keyless": false,
"use_go_plugin_auth": true,
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"use_extended_paths": true,
"extended_paths": {
"ignored": [{
"path": "/usr-mgmt/health/status"
}],
"transform_response_headers": [
{
"add_headers": {
"x-frame-options": "SAMEORIGIN",
"x-content-security-policy": "default-src 'self';"
},
"path": "(.*)",
"method": "GET"
}
]
}
}
}
},
"proxy": {
"listen_path": "/usr-mgmt",
"target_url": "${TYK_GW_HUB_USERMNGT_SERVICE_URL}",
"strip_listen_path": true,
"transport": {
"ssl_insecure_skip_verify": false
}
},
"disable_rate_limit": false,
"disable_quota": false,
"custom_middleware": {
"pre": [],
"auth_check": [
{
"name": "AuthenticateDevice",
"path": "${TYK_GW_MIDDLEWAREPATH}/edge-authorization/mw_edge_authentication.so"
}
],
"post": [
{
"name": "EnhanceWithJwt",
"path": "${TYK_GW_MIDDLEWAREPATH}/edge-authorization/mw_edge_authorization.so"
}
],
"post_key_auth": [],
"response": [],
"driver": "goplugin"
},
"CORS": {
"enable": false,
"options_passthrough": true
}
}
and some logs:
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg="Initializing API" api_id=usr-mgmt api_name=usr-mgmt org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg="Loading custom POST-PROCESSOR middleware: EnhanceWithJwt" prefix=main
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=VersionCheck org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=RateCheckMW org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=info msg="Checking security policy: Token" api_id=usr-mgmt api_name=usr-mgmt org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=AuthKey org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=KeyExpired org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=AccessRightsCheck org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=GranularAccessMiddleware org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=RateLimitAndQuotaCheck org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw="GoPluginMiddleware: /opt/tyk-gateway/middleware/edge-authorization/mw_edge_authorization_v5.2.2_linux_amd64.so:EnhanceWithJwt" org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=VersionCheck org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=KeyExpired org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=AccessRightsCheck org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg="Rate limit endpoint is: /usr-mgmt/tyk/rate-limits" api_id=usr-mgmt api_name=usr-mgmt org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=debug msg="Setting Listen Path: /usr-mgmt" api_id=usr-mgmt api_name=usr-mgmt org_id=default
2024-06-19 10:29:57 time="Jun 19 07:29:57" level=info msg="API Loaded" api_id=usr-mgmt api_name=usr-mgmt org_id=default prefix=gateway server_name=-- user_id=-- user_ip=--
I tried attaching the AuthenticateDevice
mw to the pre- hook too, just to make sure i built it correctly, and I’m seeing this in the logs:
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg="Initializing API" api_id=usr-mgmt api_name=usr-mgmt org_id=default
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg="Loading custom PRE-PROCESSOR middleware: AuthenticateDevice" prefix=main**
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg="Loading custom POST-PROCESSOR middleware: EnhanceWithJwt" prefix=main**
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=VersionCheck org_id=default**
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=warning msg="plugin file /opt/tyk-gateway/middleware/edge-authorization/mw_edge_authentication_v5.2.2_linux_amd64.so doesn't exist"**
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=warning msg="plugin file /opt/tyk-gateway/middleware/edge-authorization/mw_edge_authentication_5.2.2_linux_amd64.so doesn't exist"**
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=warning msg="plugin file /opt/tyk-gateway/middleware/edge-authorization/mw_edge_authentication.so doesn't exist"**
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=error msg="plugin file not found" error="plugin file not found" mwPath=/opt/tyk-gateway/middleware/edge-authorization/mw_edge_authentication.so mwSymbolName=AuthenticateDevice**
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw="GoPluginMiddleware: /opt/tyk-gateway/middleware/edge-authorization/mw_edge_authentication.so:AuthenticateDevice" org_id=default**
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=RateCheckMW org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=info msg="Checking security policy: Token" api_id=usr-mgmt api_name=usr-mgmt org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=AuthKey org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=KeyExpired org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=AccessRightsCheck org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=GranularAccessMiddleware org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=RateLimitAndQuotaCheck org_id=default
**2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw="GoPluginMiddleware: /opt/tyk-gateway/middleware/edge-authorization/mw_edge_authorization_v5.2.2_linux_amd64.so:EnhanceWithJwt" org_id=default**
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=VersionCheck org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=KeyExpired org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg=Init api_id=usr-mgmt api_name=usr-mgmt mw=AccessRightsCheck org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg="Rate limit endpoint is: /usr-mgmt/tyk/rate-limits" api_id=usr-mgmt api_name=usr-mgmt org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=debug msg="Setting Listen Path: /usr-mgmt" api_id=usr-mgmt api_name=usr-mgmt org_id=default
2024-06-19 10:13:40 time="Jun 19 07:13:40" level=info msg="API Loaded" api_id=usr-mgmt api_name=usr-mgmt org_id=default prefix=gateway server_name=-- user_id=-- user_ip=--
Note: both plugins were built in the same way. I struggle to understand why one of them loads properly and the other one doesn’t.
All in all, I guess the most important question is why doesn’t my authentication plugin load if i hook it to auth_check
. I’d appreciate your help with this.