help request: set Authorization header from cookie

[poostwoud]

Description

Hi,

Is there a way to read a token from a cookie and set this as the Authorization header using the default plugins?

We are using the openid-connect plugin to verify access tokens. This works using the Authorization header. However there doesn't seems to be an option for reading from a cookie.

We've also looked at the proxy-rewrite plugin. This allows to set, add and remove headers. But there doesn't seem to be a way to read from a cookie.

Any thoughts?

Cheers!

Environment

• APISIX version (run apisix version): 3.8.0
• Operating system (run uname -a): Linux apisix-gateway-86d6dffb7d-sh9jv 6.1.0-17-amd64 change: added doc of how to load plugin. #1 SMP PREEMPT_DYNAMIC Debian 6.1.69-1 (2023-12-30) x86_64 GNU/Linux
• OpenResty / Nginx version (run openresty -V or nginx -V): openresty/1.21.4.2
• etcd version, if relevant (run curl http://127.0.0.1:9090/v1/server_info): 3.5.0
• APISIX Dashboard version, if relevant: ?
• Plugin runner version, for issues related to plugin runners: ?
• LuaRocks version, for installation issues (run luarocks --version): ?

[shreemaan-abhishek]

you can access cookies like so: ngx.var.cookie_NAME openresty/lua-nginx-module#19 (comment)

To set a cookie value to a header you can use the serverless plugin to set headers like so:

curl "http://127.0.0.1:9180/apisix/admin/routes/1" -X PUT \
  -H "X-API-KEY: ${ADMIN_API_KEY}" \
  -d '{
    "plugins": {
      "serverless-post-function": {
        "functions": [
          "return function (conf, ctx) local core = require(\"apisix.core\"); core.request.set_header(ctx, \"abc\", \"def\"); end"
        ]
      }
    },
    "upstream": {
      "nodes": {
        "httpbin.org:80": 1
      },
      "type": "roundrobin"
    },
    "uri": "/*"
  }'

[poostwoud]

@shreemaan-abhishek thank you!

I'm using the serverless-pre-function-plugin. It has priority 10000 and will be executed before the openid-connect-plugin, which has priority 2599.

The following function reads the token-cookie and sets the Authorization-header with the cookie value using the Bearer-scheme:

{
	"functions": [
		"return function (conf, ctx) local core = require(\"apisix.core\"); core.request.set_header(ctx, \"Authorization\", \"Bearer \" .. ngx.var.cookie_token); end"
	]
}