Skip to main content

Biweekly Report (May 1 - May 15)

· 3 min read

From May 1st to May 15th, 35 contributors submitted 77 commits for Apache APISIX. Thank you all for your contributions to Apache APISIX!


Apache APISIX has grown as a community from the first day of open source and has quickly become the most active open source API gateway project in the world. These achievements cannot be achieved without the joint efforts of our community partners.

"If you want to go fast, go alone.If you want to go far, go together." The Apache APISIX Community Weekly Report hopes to help community members better understand the weekly progress of the Apache APISIX community and and facilitate everyone to participate in the Apache APISIX community.

We have also compiled some issues suitable for newcomers to the community to participate in! If you are interested, don't miss it!

Contributor Statistics

Contributors List
Click to Preview

New Contributors
Click to Preview

Good first issue

Issue #7052


Description: As a User, I want to use oAuth2 with PKCE support, so that I can configure an oAuth2 connection without using client/secret.

I am using an IDP, which has implemented the Authorization Code Flow.

From the docs of the IdP: The IdP implements the Authorization Code Flow, preferably with PKCE. The PKCE flow is the recommended and most universal authorization flow that supports mobile apps, single page applications and traditional server-rendered applications and doesn't require the exchange of a shared secret.

The Flow:

  • User opens a web app (in my case an APISIXROUTE, using openid plugin)
  • Code challenge using SHA256 is created by the openid plugin
  • Redirect to the idp authorization endpoint
  • Login of the user
  • Redirect to the redirect_url with authcode as URL Queryparameter
  • openid plugin uses the authcode to receive a JWT from the idp token endpoint

Could implement this OAuth flow with PKCE support? Please add a section to the documentation as well, introduce configuration of the PKEC and the redirect_url.

Issue #6939


Description: See apisix/apisix/stream/router/ip_port.lua Line 82 in dbe7eee

   -- TODO: check the subordinate relationship in the Admin API

We need to check the subordinate relationship in the Admin API, including:

  • Validate if the stream route with superior id exists and its protocol matches the subordinate;
  • When deleting a stream route, check if it is referenced by another stream route

Highlights of Recent Features

The Apache APISIX project website and the Github issue have accumulated a wealth of documentation and experience, so if you encounter problems, you can read the documentation, search the issue with keywords, or participate in the discussion on the issue to put forward your own ideas and practical experience.