Yes, that is what I mean to say. On Fri, 26 Nov 2021 at 03:59, ZhengSong Tu <tzssanggl...@gmail.com> wrote:
> 1. Did you mean to put the consumer_name to the ctx in open-connect plugin? > 2. Then we can limit by consumer_name in limit-* plugins. > > *ZhengSong Tu* > My GitHub: https://github.com/tzssangglass > Apache APISIX: https://github.com/apache/apisix > > Joga, singh <s.joga-...@hyundai-autoever.eu> 于2021年11月26日周五 上午12:26写道: > > > > Hi Guys, > > I was advised on the discussions group to post my query here to see if > somebody has already similar in mind. > > > > I have my consumers already defined in Keycloak. Consumers get the token > using Client Credentials flow i.e. using ClientId and ClientSecret. Using > ‘openid-connect’ plugin I am able successfully authenticate/authorize the > consumers. However, I would like to implement rate limiting based on > consumer name, because due to some reason I cannot do it based on consumer > ip address. > > Therefore, I need a way to identify the consumer from the token. I know > that APISIX does not support this now. But I think with a small change in > the ‘openid-connect’ plugin, it should be possible to do, because the > response from ‘introspection_endpoint’ already contains the attributes > (e.g. username, clientId etc.) needed to identify the consumer. > > > > I think ‘ladp_auth’ plugin already does this. > > > > What do you think? Is it possible to do? Are there any challenges in it? > > If yes, I would like to try my hands on this. Therefore, would need > getting started tips/hints for building, compiling and other related > processes. > > > > Best Regards, > > > > Joga > > > > > > Hyundai AutoEver Europe GmbH > > Kaiserleistr. 8A, 63067 Offenbach a.M., Deutschland > > Geschäftsführer/CEO: Jong-Il Yun Registergericht/registration court: > Amtsgericht Offenbach Registernummer/registration number: HRB 42684 > USt-IdNr./tax ID-no.: DE252841722 >
