我正在使用Google ESP,并且在端点上我具有Auth0的授权,如下所示:
securityDefinitions:
auth0_jwk:
authorizationUrl: "AUTH_URL"
flow: "implicit"
type: "oauth2"
x-google-issuer: "AUTHO_URL"
x-google-jwks_uri: "AUTH0_JWKS_URL"
x-google-audiences: "AUTH0_AUDIENCE"
paths:
/pluginviewservice/v1:
post:
summary: Submits a page to be analysed with auth.
operationId: pluginviewservicev1
x-google-backend:
address: APP_ENGINE_URL
path_translation: CONSTANT_ADDRESS
responses:
'200':
description: A successful response
schema:
type: string
x-security:
- {}
- auth0_jwk:
audiences:
- "AUTH0_AUDIENCE"
但是我想要的是,当auth0访问令牌可用时,它将填充“ X-Endpoint-API-UserInfo”,而当它不存在时,它将使其完全通过。端点被设计为授权和未授权用户均可访问。我已经尝试过添加一个空白的“ x-security”,如上所述,但这似乎不起作用。