When the JWT Claim Check Policy is configured to check a specific client claim, the configuration looks similar to the following:
"operations": [ { "value_type": "plain", "jwt_claim_type": "liquid", "jwt_claim": "{% if resource_access.f2453f0b.roles contains \"somerole\" %}true{% else %}false{% endif %}", "value": "true", "op": "==" } ]
This works. However, if the application ID begins with a digit, it fails with the following error:
[error] 21#21: *387 template_string.lua:99: create_template(): Invalid Liquid: {% if resource_access.7819ca16.roles contains "CR1" %}true{% else %}false{% endif %} It will be evaluated to empty string. Error: /usr/local/share/lua/5.1/liquid.lua:263: Error parsing input; Stop position is at: line 1 cols: 26.
This is probably happening because when the liquid variables are translated into lua variables, the name is not allowed to begin with a digit.
- is related to
-
THREESCALE-7678 Liquid contains does not work as expected when parsing an array
-
- Closed
-