diff --git a/apisix/plugins/forward-auth.lua b/apisix/plugins/forward-auth.lua index 39e690038890..6d4454a581e8 100644 --- a/apisix/plugins/forward-auth.lua +++ b/apisix/plugins/forward-auth.lua @@ -88,6 +88,9 @@ function _M.access(conf, ctx) ["X-Forwarded-Host"] = core.request.get_host(ctx), ["X-Forwarded-Uri"] = ctx.var.request_uri, ["X-Forwarded-For"] = core.request.get_remote_client_ip(ctx), + ["Expect"] = core.request.header(ctx, "expect"), + ["Content-Length"] = core.request.header(ctx, "content-length"), + ["Transfer-Encoding"] = core.request.header(ctx, "transfer-encoding") } -- append headers that need to be get from the client request header @@ -106,8 +109,17 @@ function _M.access(conf, ctx) method = conf.request_method } + local httpc = http.new() + httpc:set_timeout(conf.timeout) if params.method == "POST" then - params.body = core.request.get_body() + local client_body_reader, err = httpc:get_client_body_reader() + if client_body_reader then + params.body = client_body_reader + else + core.log.warn("failed to get client_body_reader. err: ", err, + " using core.request.get_body() instead") + params.body = core.request.get_body() + end end if conf.keepalive then @@ -115,9 +127,6 @@ function _M.access(conf, ctx) params.keepalive_pool = conf.keepalive_pool end - local httpc = http.new() - httpc:set_timeout(conf.timeout) - local res, err = httpc:request_uri(conf.uri, params) if not res and conf.allow_degradation then return diff --git a/t/plugin/forward-auth.t b/t/plugin/forward-auth.t index 7896d4f84b74..356860e2adfd 100644 --- a/t/plugin/forward-auth.t +++ b/t/plugin/forward-auth.t @@ -130,6 +130,14 @@ property "request_method" validation failed: matches none of the enum values end end end + end]], + [[ + -- test large body + return function(conf, ctx) + local core = require("apisix.core") + if core.request.get_method() == "POST" and core.request.header(ctx, "Authorization") == "large-body" then + core.response.exit(200) + end end]] } } @@ -254,6 +262,25 @@ property "request_method" validation failed: matches none of the enum values "type": "roundrobin" } }]], + }, + { + url = "/apisix/admin/routes/7", + data = [[{ + "plugins": { + "forward-auth": { + "uri": "http://127.0.0.1:1984/auth", + "request_headers": ["Authorization"], + "request_method": "POST" + } + }, + "upstream": { + "nodes": { + "127.0.0.1:1980": 1 + }, + "type": "roundrobin" + }, + "uri": "/large-body" + }]], } } @@ -266,7 +293,7 @@ property "request_method" validation failed: matches none of the enum values } } --- response_body eval -"201passed\n" x 9 +"201passed\n" x 10 @@ -374,3 +401,41 @@ GET /hello --- more_headers Authorization: 111 --- error_code: 200 + + + +=== TEST 13: test large body +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin") + local http = require("resty.http") + local httpc = http.new() + + local tempFileName = os.tmpname() + local file = io.open(tempFileName, "wb") + + local fileSizeInBytes = 11 * 1024 * 1024 -- 11MB + for i = 1, fileSizeInBytes do + file:write(string.char(0)) + end + file:close() + + local large_body = t.read_file(tempFileName) + local uri = "http://127.0.0.1:" .. ngx.var.server_port + .. "/large-body" + local res, err = httpc:request_uri(uri, + { + method = "POST", + body = large_body, + headers = { + ["Authorization"] = "large-body", + ["Content-Type"] = "application/x-www-form-urlencoded" + } + } + ) + + ngx.say(res.body) + } + } +--- error_code: 200