diff --git a/CHANGELOG.md b/CHANGELOG.md index 3d01b8407686..955933496440 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -61,6 +61,9 @@ - Prevent an upstream or legitimate internal error in the load balancing code from throwing a Lua-land error as well. [#2327](https://github.com/Mashape/kong/pull/2327) +- Ensure consumer based plugins run if the consumer was set without a + credential. + [#2424](https://github.com/Mashape/kong/pull/2424) - Plugins: - hmac: Better handling of invalid base64-encoded signatures. Previously Kong would return an HTTP 500 error. We now properly return HTTP 403 Forbidden. diff --git a/kong/core/plugins_iterator.lua b/kong/core/plugins_iterator.lua index 9d81f3f4b7cd..5c10df0002d9 100644 --- a/kong/core/plugins_iterator.lua +++ b/kong/core/plugins_iterator.lua @@ -73,7 +73,7 @@ local function iter_plugins_for_req(loaded_plugins, access_or_cert_ctx) local plugin_configuration -- Search API and Consumer specific, or consumer specific - local consumer_id = (ctx.authenticated_credential or empty).consumer_id + local consumer_id = (ctx.authenticated_consumer or empty).id if consumer_id and plugin.schema and not plugin.schema.no_consumer then plugin_configuration = load_plugin_configuration(ctx.api.id, consumer_id, plugin.name) if not plugin_configuration then diff --git a/spec/02-integration/05-proxy/03-plugins_triggering_spec.lua b/spec/02-integration/05-proxy/03-plugins_triggering_spec.lua index 44c509ceb20c..a729c2f7df35 100644 --- a/spec/02-integration/05-proxy/03-plugins_triggering_spec.lua +++ b/spec/02-integration/05-proxy/03-plugins_triggering_spec.lua @@ -17,6 +17,9 @@ describe("Plugins triggering", function() key = "secret2", consumer_id = consumer2.id }) + local consumer3 = assert(helpers.dao.consumers:insert { + username = "anonymous" + }) -- Global configuration assert(helpers.dao.apis:insert { @@ -73,6 +76,28 @@ describe("Plugins triggering", function() } }) + -- API with anonymous configuration + local api3 = assert(helpers.dao.apis:insert { + name = "api3", + hosts = { "api3.com" }, + upstream_url = "http://mockbin.com" + }) + assert(helpers.dao.plugins:insert { + name = "key-auth", + config = { + anonymous = consumer3.id, + }, + api_id = api3.id, + }) + assert(helpers.dao.plugins:insert { + name = "rate-limiting", + consumer_id = consumer3.id, + api_id = api3.id, + config = { + hour = 5, + } + }) + assert(helpers.start_kong()) client = helpers.proxy_client() end) @@ -126,4 +151,13 @@ describe("Plugins triggering", function() assert.res_status(200, res) assert.equal("4", res.headers["x-ratelimit-limit-hour"]) end) + it("checks anonymous consumer specific configuration", function() + local res = assert(client:send { + method = "GET", + path = "/status/200", + headers = { Host = "api3.com" } + }) + assert.res_status(200, res) + assert.equal("5", res.headers["x-ratelimit-limit-hour"]) + end) end)