Previously, I was able to create an API using a POST to /tyk/apis/oas with a custom plugin configured in the “x-tyk-api-gateway” section of the configuration. Now that I have upgraded to 5.7 from 5.5, this no longer works. I can still create the API if I am using a POST to /tyk/apis and the non-OAS config format. The error message I get is:
{
'status': 'error',
'message': "x-tyk-api-gateway: Additional property use_go_plugin_auth is not allowed
x-tyk-api-gateway: Additional property custom_middleware is not allowed
x-tyk-api-gateway: Additional property use_keyless is not allowed
x-tyk-api-gateway: Additional property auth is not allowed"
}
My config that does not work is:
{
"openapi": "3.0.0",
"info":
{
"title": "httpbin",
"version": "0.1.0"
},
"components": { "schemas": { } },
"paths": { },
"x-tyk-api-gateway": {
"info": {
"name": "httpbin",
"state": {
"active": true
}
},
"server": {
"listenPath": {
"strip": true,
"value": "/httpbin/"
}
},
"upstream": {
"url": "http://httpbin.org"
},
"use_keyless": false,
"use_go_plugin_auth": true,
"auth": {
"auth_header_name": "Authorization",
"use_custom_auth": true,
"use_cookie": true,
"cookie_name": "session"
},
"custom_middleware": {
"pre": null,
"post": null,
"post_key_auth": [
{
"disabled": false,
"name": "InjectMetadata",
"path": "/opt/tyk-gateway/middleware/dr_auth_plugin.so",
"require_session": false,
"raw_body_only": false
}
],
"auth_check": {
"disabled": false,
"name": "AuthCheck",
"path": "/opt/tyk-gateway/middleware/dr_auth_plugin.so",
"require_session": false,
"raw_body_only": false
},
"response": null,
"driver": "goplugin",
"id_extractor": {
"disabled": false,
"extract_from": "",
"extract_with": "",
"extractor_config": null
}
}
}
}
And the config that does work is:
{
"name": "httpbin",
"slug": "httpbin",
"api_id": "httpbin",
"use_keyless": false,
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"use_extended_paths": true
}
}
},
"global_rate_limit": {
"rate": 0,
"per": 0
},
"proxy": {
"listen_path": "/httpbin",
"target_url": "https://httpbin.org",
"strip_listen_path": true
},
"active": true,
"auth": {
"auth_header_name": "Authorization",
"use_custom_auth": true,
"use_cookie": true,
"cookie_name": "session"
},
"use_go_plugin_auth": true,
"custom_middleware": {
"pre": null,
"post": null,
"post_key_auth": [
{
"disabled": false,
"name": "InjectMetadata",
"path": "/opt/tyk-gateway/middleware/dr_auth_plugin.so",
"require_session": false,
"raw_body_only": false
}
],
"auth_check": {
"disabled": false,
"name": "AuthCheck",
"path": "/opt/tyk-gateway/middleware/dr_auth_plugin.so",
"require_session": false,
"raw_body_only": false
},
"response": null,
"driver": "goplugin",
"id_extractor": {
"disabled": false,
"extract_from": "",
"extract_with": "",
"extractor_config": null
}
}
}
These are effectively the same config from what I can tell, and I am unable to apply the first one and get a working API. If I drop the keys indicated in the error message, then I am able to create the API, but without my middleware running.
Was this an intentional change or do I need to be doing something different?