Hi @Olu,
Thanks for your support as always. You guys rock at Tyk Community.
See below manifests for API Definition, Policy and two example keys.
Results are below on this message. Tyk GW (helm chart) was re-deployed with loglevel=debug.
Let me know if something else is needed from my side.
extraEnvs:
- name: TYK_GW_LOGLEVEL
value: "debug"
API Definition:
{
"name": "demoapimultiauth",
"slug": "demoapimultiauth",
"use_keyless": false,
"use_basic_auth": true,
"use_standard_auth": true,
"api_id": "demoapimultiauth",
"org_id": "1",
"auth_configs": {
"authToken": {
"use_param": false,
"param_name": "",
"use_cookie": false,
"auth_header_name": "AuthToken",
"use_certificate": false,
"signature": {
"algorithm": "",
"header": "",
"secret": "",
"allowed_clock_skew": 0,
"error_code": 0,
"error_message": ""
}
},
"basic": {
"use_param": false,
"param_name": "",
"use_cookie": false,
"auth_header_name": "Authorization",
"use_certificate": false,
"signature": {
"algorithm": "",
"header": "",
"secret": "",
"allowed_clock_skew": 0,
"error_code": 0,
"error_message": ""
}
}
},
"version_data": {
"not_versioned": true,
"versions": {
"Default": {
"name": "Default",
"use_extended_paths": true
}
}
},
"proxy": {
"listen_path": "/demoapimultiauth/",
"target_url": "http://demoapi.demoapi.svc.cluster.local/",
"strip_listen_path": true,
"transport": {
"ssl_insecure_skip_verify": true
}
},
"active": true
}
{
"key": "demoapimultiauth",
"status": "ok",
"action": "added"
}
Policy Definition:
{
"id": "demoapimultiauth",
"name": "demoapimultiauth",
"org_id": "1",
"rate": 0,
"per": 1,
"quota_max": 1000,
"quota_renewal_rate": 60,
"throttle_interval": 0,
"throttle_retry_limit": 0,
"max_query_depth": 0,
"auth_type": "multiAuth",
"auth_types": [
"ba",
"authToken"
],
"access_rights": {
"demoapimultiauth": {
"api_id": "demoapimultiauth",
"api_name": "demoapimultiauth",
"allowed_urls": [
{
"url": "/demoapimultiauth/echo(.*)$",
"methods": ["GET"]
},
{
"url": "/demoapimultiauth/ping(.*)$",
"methods": ["GET"]
}
],
"versions": ["Default"]
}
},
"hmac_enabled": false,
"enable_http_signature_validation": false,
"active": false,
"is_inactive": false,
"tags": null,
"key_expires_in": 0,
"partitions": {
"quota": false,
"rate_limit": false,
"complexity": false,
"acl": false,
"per_api": false
},
"last_updated": "",
"meta_data": null,
"graphql_access_rights": null
}
{
"key": "demoapimultiauth",
"status": "ok",
"action": "added"
}
Keys Definition:
Basic Auth
{
"allowance": 1000,
"rate": 1000,
"per": 1,
"expires": -1,
"quota_max": -1,
"org_id": "1",
"quota_remaining": -1,
"quota_renewal_rate": 60,
"access_rights": {},
"meta_data": {},
"basic_auth_data": {
"password": "demoapimultiauth"
},
"apply_policies": ["demoapimultiauth"]
}
{
"key": "eyJvcmciOiIxIiwiaWQiOiJkZW1vYXBpbXVsdGlhdXRoIiwiaCI6Im11cm11cjEyOCJ9",
"status": "ok",
"action": "added"
}
Bearer Token
{
"apply_policies": ["demoapimultiauth"],
"org_id" : "1",
"expires": 0,
"allowance": 0,
"per": 0,
"quota_max": 0,
"rate": 0,
"access_rights": {}
}
{
"key": "eyJvcmciOiIxIiwiaWQiOiIwZDUzY2MyYjQ5NDg0NDE1OWM1NzZhOTRlNGVjZDQwMiIsImgiOiJtdXJtdXIxMjgifQ==",
"status": "ok",
"action": "added"
}
Results:
Basic Auth
{
"error": "Authorization field missing"
}
time="Aug 23 01:25:00" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=VersionCheck org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel ts=1692753900448081370
time="Aug 23 01:25:00" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=200 mw=VersionCheck ns=40286 org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:00" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=RateCheckMW org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel ts=1692753900448135484
time="Aug 23 01:25:00" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=200 mw=RateCheckMW ns=12280 org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:00" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel ts=1692753900448157655
time="Aug 23 01:25:00" level=warning msg="Attempted access with malformed header, no auth header found." api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:00" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=401 error="Authorization field missing" mw=BasicAuthKeyIsValid ns=49516 org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=VersionCheck org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel ts=1692753903225879913
time="Aug 23 01:25:03" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=200 mw=VersionCheck ns=36992 org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=RateCheckMW org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel ts=1692753903225937433
time="Aug 23 01:25:03" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=200 mw=RateCheckMW ns=17189 org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel ts=1692753903225970360
time="Aug 23 01:25:03" level=debug msg="Querying local cache" api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg="Querying keystore" api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg="Got key" api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg="cache enabled: hit: success" api_id=demoapimultiauth api_name=demoapimultiauth key="****auth" mw=BasicAuthKeyIsValid org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=200 mw=BasicAuthKeyIsValid ns=352436 org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth key="****OCJ9" mw=AuthKey org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel ts=1692753903226349720
time="Aug 23 01:25:03" level=info msg="Attempted access with malformed header, no auth header found." api_id=demoapimultiauth api_name=demoapimultiauth key="****OCJ9" mw=AuthKey org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:25:03" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=401 error="Authorization field missing" key="****OCJ9" mw=AuthKey ns=47418 org_id=1 origin=11.240.21.130 path=/demoapimultiauth/echo/daniel
Bearer Token
{
"error": "Attempted access with malformed header, values not in basic auth format"
}
time="Aug 23 01:26:42" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=VersionCheck org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel ts=1692754002991719317
time="Aug 23 01:26:42" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=200 mw=VersionCheck ns=43568 org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:26:42" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=RateCheckMW org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel ts=1692754002991776013
time="Aug 23 01:26:42" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=200 mw=RateCheckMW ns=17880 org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:26:42" level=debug msg=Started api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel ts=1692754002991828017
time="Aug 23 01:26:42" level=info msg="Attempted access with malformed header, values not in basic auth format." api_id=demoapimultiauth api_name=demoapimultiauth key="****fQ==" mw=BasicAuthKeyIsValid org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:26:42" level=warning msg="Attempted access with malformed header, no auth header found." api_id=demoapimultiauth api_name=demoapimultiauth mw=BasicAuthKeyIsValid org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel
time="Aug 23 01:26:42" level=debug msg=Finished api_id=demoapimultiauth api_name=demoapimultiauth code=400 error="Attempted access with malformed header, values not in basic auth format" mw=BasicAuthKeyIsValid ns=68218 org_id=1 origin=29.240.8.6 path=/demoapimultiauth/echo/daniel
Thanks,
Daniel