Google Git
Sign in
apache / apisix / refs/tags/2.13.1^! / .
commita22336785ce98edd19c5b7f1d2beee990d614123[log] [tgz]
authorZeping Bai <bzp2010@apache.org>Fri Apr 15 18:09:01 2022 +0800
committerGitHub <noreply@github.com>Fri Apr 15 18:09:01 2022 +0800
tree3bd790fcde3f90d6c949c0a9e98aa1ede8f92cd5
parent76b44cc066f1bcd222b9446ad5f6c889b957e252 [diff]
chore(jwt-auth): adjust error log level to warn (#6860)


diff --git a/CHANGELOG.md b/CHANGELOG.md
index 81da0e7..73f2f62 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md

@@ -61,6 +61,7 @@
 
 - fix: jwt-auth error may leak secret [#6846](https://github.com/apache/apisix/pull/6846)
 - chore: upgrade lua-resty-jwt to a new version [#6847](https://github.com/apache/apisix/pull/6847)
+- chore(jwt-auth): adjust error log level to warn [#6858](https://github.com/apache/apisix/pull/6858)
 
 ## 2.13.0
 

diff --git a/apisix/plugins/jwt-auth.lua b/apisix/plugins/jwt-auth.lua
index d1a9c01..cf3350b 100644
--- a/apisix/plugins/jwt-auth.lua
+++ b/apisix/plugins/jwt-auth.lua

@@ -361,7 +361,7 @@
     local jwt_obj = jwt:load_jwt(jwt_token)
     core.log.info("jwt object: ", core.json.delay_encode(jwt_obj))
     if not jwt_obj.valid then
-        core.log.error("JWT token invalid: ", jwt_obj.reason)
+        core.log.warn("JWT token invalid: ", jwt_obj.reason)
         return 401, {message = "JWT token invalid"}
     end
 
@@ -393,8 +393,8 @@
     core.log.info("jwt object: ", core.json.delay_encode(jwt_obj))
 
     if not jwt_obj.verified then
-        core.log.error("JWT token verify failed: ", jwt_obj.reason)
-        return 401, {message = "JWT token verify failed"}
+        core.log.warn("failed to verify jwt: ", jwt_obj.reason)
+        return 401, {message = "failed to verify jwt"}
     end
 
     consumer_mod.attach_consumer(ctx, consumer, consumer_conf)

diff --git a/docs/zh/latest/CHANGELOG.md b/docs/zh/latest/CHANGELOG.md
index 9aa9600..e9ee37e 100644
--- a/docs/zh/latest/CHANGELOG.md
+++ b/docs/zh/latest/CHANGELOG.md

@@ -61,6 +61,7 @@
 
 - 修复 jwt-auth 返回结果里可能暴露 secret 的问题 [#6846](https://github.com/apache/apisix/pull/6846)
 - 升级 lua-resty-jwt 到一个新版本 [#6847](https://github.com/apache/apisix/pull/6847)
+- 修改 jwt-auth 在响应码为503时 仍使用 error 错误等级 [#6858](https://github.com/apache/apisix/pull/6858)
 
 ## 2.13.0
 

diff --git a/t/plugin/jwt-auth.t b/t/plugin/jwt-auth.t
index 9c2f74c..197a425 100644
--- a/t/plugin/jwt-auth.t
+++ b/t/plugin/jwt-auth.t

@@ -217,6 +217,8 @@
 {"message":"JWT token invalid"}
 --- error_log
 JWT token invalid: invalid header: invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
+--- no_error_log
+[error]
 
 
 
@@ -225,9 +227,11 @@
 GET /hello?jwt=eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTU2Mzg3MDUwMX0.pPNVvh-TQsdDzorRwa-uuiLYiEBODscp9wv0cwD6c68
 --- error_code: 401
 --- response_body
-{"message":"JWT token verify failed"}
+{"message":"failed to verify jwt"}
 --- error_log
-JWT token verify failed: 'exp' claim expired at Tue, 23 Jul 2019 08:28:21 GMT
+failed to verify jwt: 'exp' claim expired at Tue, 23 Jul 2019 08:28:21 GMT
+--- no_error_log
+[error]
 
 
 
@@ -281,6 +285,8 @@
 {"message":"JWT token invalid"}
 --- error_log
 JWT token invalid: invalid header: invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
+--- no_error_log
+[error]
 
 
 
@@ -434,6 +440,8 @@
 {"message":"JWT token invalid"}
 --- error_log
 JWT token invalid: invalid header: invalid-eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9
+--- no_error_log
+[error]
 
 
 
@@ -444,9 +452,11 @@
 Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJrZXkiOiJ1c2VyLWtleSIsImV4cCI6MTg3OTMxODU0MX0.fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs
 --- error_code: 401
 --- response_body
-{"message":"JWT token verify failed"}
+{"message":"failed to verify jwt"}
 --- error_log
-JWT token verify failed: signature mismatch: fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs
+failed to verify jwt: signature mismatch: fNtFJnNmJgzbiYmGB0Yjvm-l6A6M4jRV1l4mnVFSYjs
+--- no_error_log
+[error]