feat(plugin): implement golang version of plugin jwt-auth

[Ink-33]

Ⅰ. Describe what this PR did

This merge request contains the jwt-auth plugin implemented in golang.

Ⅱ. Does this pull request fix one issue?

#232 , #591

Ⅲ. Why don't you add test cases (unit test/integration test)?

Test cases are still in progress due to the complexity.

Ⅳ. Describe how to verify it

As #589, all behaviors of this plugin should be same with the currently cpp verison of jwt-auth. Maybe we need to use plently of tese cases to verify it.

Ⅴ. Special notes for reviews

Same with IV. Since I am not particularly familiar with cpp, I hope that reviewers will understand some errors and I will correct them in time🙏

[codecov-commenter]

Codecov Report

All modified and coverable lines are covered by tests ✅

Comparison is base (89c7277) 38.27% compared to head (bbacf81) 38.24%.

Additional details and impacted files

@@            Coverage Diff             @@
##             main     #743      +/-   ##
==========================================
- Coverage   38.27%   38.24%   -0.04%     
==========================================
  Files          60       60              
  Lines        9979     9979              
==========================================
- Hits         3819     3816       -3     
- Misses       5869     5871       +2     
- Partials      291      292       +1     

see 1 file with indirect coverage changes

[johnlanni]

@Ink-33 Is this draft PR ready for review, or is there still unfinished work?

[Ink-33]

@Ink-33 Is this draft PR ready for review, or is there still unfinished work?

Yes it's ready for review and I will update the branch later today.

[johnlanni]

@Ink-33 Please add an e2e test for it.

[johnlanni]

@Ink-33 Please add e2e test cases, refer to: https://github.com/alibaba/higress/pull/759/files#diff-00090f4cf6417f2566ebc91e56b6b5d0e12a834a184f4b814d51bc89581d796b

[Ink-33]

@Ink-33 Please add e2e test cases, refer to: https://github.com/alibaba/higress/pull/759/files#diff-00090f4cf6417f2566ebc91e56b6b5d0e12a834a184f4b814d51bc89581d796b

got it. I would like to add three parts of test cases including normal, rejected, and normal with all features one by one.

btw, how to run e2e test case on my local dev environments?

[johnlanni]

@Ink-33 Please add e2e test cases, refer to: https://github.com/alibaba/higress/pull/759/files#diff-00090f4cf6417f2566ebc91e56b6b5d0e12a834a184f4b814d51bc89581d796b

got it. I would like to add three parts of test cases including normal, rejected, and normal with all features one by one.

btw, how to run e2e test case on my local dev environments?

Please refer this guide: https://github.com/alibaba/higress/tree/main/test

PLUGIN_NAME=jwt-auth make higress-wasmplugin-test

[Ink-33]

@johnlanni allow 里面配置多个 consumer 且全部验证失败应该返回哪个错误码给请求，或者直接用 verify failed 兜底呢？

[johnlanni]

@johnlanni allow 里面配置多个 consumer 且全部验证失败应该返回哪个错误码给请求，或者直接用 verify failed 兜底呢？

返回 403 即可，错误原因可以用 not allowed，跟jwt本身凭证不合法区分下

[johnlanni]

貌似没看到解析生成 config.GlobalAuth的代码？

类似：https://github.com/alibaba/higress/blob/e09edff827b94fa5bcc149bbeadc905361100c2a/plugins/wasm-go/extensions/basic-auth/main.go#L149-L153v

[Ink-33]

我用那个GlobalAuthCheck去做了一下判断但是好像没覆盖全部情况，我看下怎么改