From May 1st to May 15th, 35 contributors submitted 77 commits for Apache APISIX. Thank you all for your contributions to Apache APISIX!
Introduction
Apache APISIX has grown as a community from the first day of open source and has quickly become the most active open source API gateway project in the world. These achievements cannot be achieved without the joint efforts of our community partners.
"If you want to go fast, go alone.If you want to go far, go together." The Apache APISIX Community Weekly Report hopes to help community members better understand the weekly progress of the Apache APISIX community and and facilitate everyone to participate in the Apache APISIX community.
We have also compiled some issues suitable for newcomers to the community to participate in! If you are interested, don't miss it!
Contributor Statistics
Good first issue
Issue #7052
Link: https://github.com/apache/apisix/issues/7052
Description: As a User, I want to use oAuth2 with PKCE support, so that I can configure an oAuth2 connection without using client/secret.
I am using an IDP, which has implemented the Authorization Code Flow.
From the docs of the IdP: The IdP implements the Authorization Code Flow, preferably with PKCE. The PKCE flow is the recommended and most universal authorization flow that supports mobile apps, single page applications and traditional server-rendered applications and doesn't require the exchange of a shared secret.
The Flow:
- User opens a web app (in my case an
APISIXROUTE, usingopenidplugin) - Code challenge using SHA256 is created by the
openidplugin - Redirect to the idp authorization endpoint
- Login of the user
- Redirect to the
redirect_urlwithauthcodeas URL Queryparameter openidplugin uses theauthcodeto receive a JWT from the idp token endpoint
Could implement this OAuth flow with PKCE support? Please add a section to the documentation as well, introduce configuration of the PKEC and the redirect_url.
Issue #6939
Link: https://github.com/apache/apisix/issues/6939
Description: See apisix/apisix/stream/router/ip_port.lua Line 82 in dbe7eee
-- TODO: check the subordinate relationship in the Admin API
We need to check the subordinate relationship in the Admin API, including:
- Validate if the stream route with superior id exists and its protocol matches the subordinate;
- When deleting a stream route, check if it is referenced by another stream route
Highlights of Recent Features
xRPC support timeout(Contributor: spacewander)
stream port syslog plugin(Contributor: tzssangglass)
redis support pipeline(Contributor: spacewander)
just change uri args or headers when hiding credentials(Contributor: jwrookie)
add option to normalize uri like servlet(Contributor: spacewander)
ops handle real_ip_from CIDR format(Contributor: kwanhur)
xRPC support log filter(Contributor: tzssangglass)
add pubsub framework(Contributor: bzp2010)
redis support pubsub(added test)(Contributor: spacewander)
real-ip support search recursive(Contributor: crazyMonkey1995)
support hook response body for ext-plugin(Contributor: soulbird)
The Apache APISIX project website and the Github issue have accumulated a wealth of documentation and experience, so if you encounter problems, you can read the documentation, search the issue with keywords, or participate in the discussion on the issue to put forward your own ideas and practical experience.