Branch/Environment/Version
- Branch/Version: 3.1.1
- Environment: Self Hosted
Describe the bug
Multiple authentication of OpenId and authToken is not working properly. tyk-gateway expect to get JWT on each call, even if an authToken is provided.
Reproduction steps
Steps to reproduce the behaviour:
-
Add api with the following configuration:
“use_openid”: true,
“use_standard_auth”: true,
“base_identity_provided_by”: “auth_token”,
“openid_options”: { … some valid openid options … } ,
“auth_configs”: { “authtoken”: { “auth_header_name”: “token_auth” }, { “oidc”: { “auth_header_name”: “openid_auth” } -
try to perform a request to the API with valid openid token on “openid_auth” header variable => everything is working fine.
-
try to perform a request to the API with valid authentication token on “token_auth” header.
Actual behaviour
gots a “Key not authorised” error.
In the logs there is a “JWT Invalid” warning and also an “Authorzation field missing”, error. even though it provided.
when I set “use_openid” to false, the auth token is working properly but the openid token won’t.
Expected behaviour
tyk will use the auth token and not try to use openid token.
Screenshots/Video
none.
Logs (debug mode or log file):
unfortunately I’m running tyk-gateway on a closed network so I can’t provide logs.
Configuration (tyk config file):
default tyk configuraton.