I have Enabled Context Vars in the API Definition File. I have also tested other tyk_context variables that exist, but token and jwt_claims_* dont.
“do_not_track”: false,
“enable_context_vars”: true
}
Url_Rewrite:
“url_rewrites”: [{
“path”: “example/test”,
“method”: “GET”,
“match_pattern”: “(.)/(.)”,
“rewrite_to”: “?sub=$tyk_context.jwt_claims_pol”
}]
Response, when testing from that example endpoint:
Hello Test! $tyk_context.jwt_claims_pol
Any help would be appreciated.
Thanks, Kartik
Have yu restarted the Tyk process?
can you share your JWT (raw JSON)?
Are you using OIDC or JWT as the auth method?
Also what version are you running?
Thank you for the quick response. Yes I am on docker and have restarted many times. Yes I will share the raw json, I’ll be back by my laptop in an hour or so. I am using jwt as auth method. Version is 2.3.1 or 2, I’ll double check when I get back to the laptop, I am running the latest image of tyk from docker.
Hi,
If you can share your api definition too that would be great - then we can replicate easier 
M.
On further investigation this looks like a more serious bug, I’ve raised an issue in our backlog to track it:
Great, Here is the API definition and raw JWT JSON:
{
“iss”: “Trunomi”,
“aud”: [
“Trunomi”,
“enterprise-mock”,
“bobby_1”
],
“jti”: “d33bc950-e4f5-11e6-9119-9d4cc2e96baa”,
“pol”: policyid",
“sub”: “enterprise-mock::bobby_1”,
“iat”: 1485565514,
“exp”: 1485567314
}
API Definition for a simple test API:
{
“name”: “Trunomi Example API”,
“api_id”: “14db15b6-e4c7-11e6-bf01-fe55135034f3”,
“org_id”: “Trunomi-Dev”,
“definition”: {
“location”: “header”,
“key”: “x-trunomi-version”
},
“use_keyless”: false,
“enable_jwt”: true,
“jwt_source”: “Public KEY – I can give it to u privately if needed”,
“jwt_identity_base_field”: “sub”,
“jwt_policy_field_name”: “pol”,
“jwt_signing_method”: “rsa”,
“auth”: {
“auth_header_name”: “authorization”
},
“version_data”: {
“not_versioned”: false,
“versions”: {
“2016-02-28”: {
“name”: “2016-02-28”,
“expires”: “3000-01-02 15:04”,
“use_extended_paths”: true,
“extended_paths”: {
“ignored”: [],
“url_rewrites”: [{
“path”: “example/test”,
“method”: “GET”,
“match_pattern”: “(.)/(.)”,
“rewrite_to”: “?sub=$tyk_context.$jwt_claims_pol”
}]
}
}
}
},
“proxy”: {
“listen_path”: “/example/test”,
“target_url”: “http://dev.local.net:3050/test”,
“strip_listen_path”: true
},
“do_not_track”: false,
“enable_context_vars”: true
}
So then I assume, i am hitting this because I am testing with the same JWT, I could just generate multiple for my tests and it would just work? Or is it for the same Public Key for verification?
Thanks, Kartik
Sorry for the delays in responses, had to run a few errands.
Thanks and appreciate the quick responses, great tech though!
In real use though this would be a major issue for sessions.
Looking at the JWT Middleware code; it looks like it could be pretty straightforward. A couple options:
Thoughts?
I have submitted a pul request with this fix.
@Martin I am going to fork the Docker project so I can get the fix I pushed until official Docker image is updated to the release containing the fix.
Thanks.
The docker projects should all be updated with the latest release now