apache/apisix

request help: the format of response body that returned by plugin should match Content-Type

Open

#8 511 ouverte le 13 déc. 2022

Voir sur GitHub
 (10 commentaires) (1 réaction) (1 assigné)Lua (2 860 forks)batch import
good first issue

Métriques du dépôt

Stars
 (16 597 stars)
Métriques de merge PR
 (Merge moyen 6j 8h) (109 PRs mergées en 30 j)

Description

Step 1 Create a route with consumer restriction

curl --location --request PUT ".../apisix/admin/routes/content-type" \
--header "X-API-KEY: edd1c9f034335f136f87ad84b625c8f1" \
--header "Content-Type: application/json" \
--data-raw "{
    \"methods\": [
        \"GET\"
    ],
    \"plugins\": {
        \"consumer-restriction\": {
            \"whitelist\": [
                \"nobody\"
            ]
        }
    },
    \"uri\": \"/content-type/get\"
}"

Step 2 Try to consume the route without being identified to raise an error I said i want application/json response :

curl --location --request GET ".../content-type/get" \
--header "Accept: application/json"

Response is :

# http code
401
# body 
{"message":"Missing authentication or identity verification."}
# In headers : 
Content-Type:  text/plain; charset=utf-8

The Content-Type header should be : application/json as it is in fact a Json in response.

This issue is not on "consumer-restriction"plugin only, it also happen for the key-auth plugin when you provide a wrong key, and i guess it is a .general plugin error behavior. I think it should exist a general common way to respond error from plugin to allow manage right content-type depending the response format. For example in case of a request like :

curl --location --request GET "..../content-type/get" \
--header "Accept: application/xml"

i expect a response like

# body 
<message>Missing authentication or identity verification.</message>
# In headers : 
Content-Type:  application/xml; charset=utf-8

In case of unknow accept or not managed, here we go for text/plain :

--header "Accept: */*"

Response should be something like :

# body 
Missing authentication or identity verification.
# In headers : 
Content-Type:  text/plain; charset=utf-8

Originally posted by @MekelCon in https://github.com/apache/apisix/discussions/8504#discussioncomment-4386548

Guide contributeur