https://www.ory.sh/ logo
Join Slack
Powered by
There is a query , by choosing authentication type...
# talk-oathkeeper
o
There is a query , by choosing authentication type jwt , can we pass a customise string in header to upstream server? The string contain the payload of the jwt. What will be the mutator rule should be written ?
b
I have done this using mutators:
Copy code
mutators:
  header:
    enabled: true
    config:
      headers:
        client_id: "{{ index .Extra `<https://example.com/client_id>` }}"
        iss: "{{ print .Extra.iss }}"
        scope: "{{ print .Extra.scope }}"
o
{ "aud": [ "isutest" ], "exp": 1692396164, "iat": 1692352964, "iss": "xyz", "jti": "2279301638856258", "nbf": 1692352964, "sub": "226349492037774058", "urnzitadeliamusermetadata": { "adminName": "aXNlcnZldQ", "authorities": "W1JFVEFJTEVSX1JPTEVd", "bankCode": "SVBQQg", "mobileNumber": "OTA5MDg1NjQ4NA", "privileges ": "NDUsNTYsNzg", "userName": "aXN1dGVzdA" } } Hello sanket , My Jwt payload is like this , what should I write in mutator to set bankCode , adminName in header .
You can see it is a json inside a json
b
Hi @orange-telephone-40607, For nested payload, you can use something like this:
Copy code
{{ index (index . `urn:zitadel:iam:user:metadata`) `bankCode` }}
To test it out and play around you can use https://gotemplate.io/ PS: I am also pretty new to Golang and text templates.
o
Thanks , I will try and let you know
getting internal server error , here is the response time=2023-08-22T072722Z level=warning msg=Access request denied audience=application error=map[message:error executing headers template "{{ index (index . 
urn:zitadel:iam:user:metadata
) 
userName
}}" in rule "allow-anonymous-with-header-mutator": template: allow-anonymous-with-header-mutatorapiusername110 executing "allow-anonymous-with-header-mutator:apiusername" at <index . `urnzitadeliamusermetadata`>: error calling index: can't index item of type authn.AuthenticationSession] granted=false http_host=localhost:4455 http_method=POST http_url=http://localhost:4455/xyz/abc http_user_agent=PostmanRuntime/7.32.3 service_name=ORY Oathkeeper service_version=v0.40.3
You can see the values are in base64 encoded format , is there anything that decode it
> Subscribe now: http://eepurl.com/di390P <<
time=2023-08-22T104536Z level=fatal msg=Failed to initialize configuration audience=application error=map[messageyaml invalid map key: map[string]interface {}{"index (index . 
urn:zitadel:iam:user:metadata
) `userName`":interface {}(nil)}] service_name=ORY Oathkeeper service_version=v0.40.3
b
Hi @orange-telephone-40607, You can try below solution.
Copy code
{{ index (index .Extra `urn:zitadel:iam:user:metadata`) `bankCode` }}
I had the same use case and this is the working solution that I’m using in oathkeeper.
o
but the value of the key 'bankCode' is in base64 encoded format , is there anything , where we can set decoded format of it .
b
From what I understand, You need 
"encoding/base64"
package to decode base64 data. In the text template, there is no option to import packages in the text template handler.
Open in Slack
PreviousNext
Powered by