| #/* |
| # * Copyright (c) 2012 Adobe Systems Incorporated. All rights reserved. |
| # * |
| # * Permission is hereby granted, free of charge, to any person obtaining a |
| # * copy of this software and associated documentation files (the "Software"), |
| # * to deal in the Software without restriction, including without limitation |
| # * the rights to use, copy, modify, merge, publish, distribute, sublicense, |
| # * and/or sell copies of the Software, and to permit persons to whom the |
| # * Software is furnished to do so, subject to the following conditions: |
| # * |
| # * The above copyright notice and this permission notice shall be included in |
| # * all copies or substantial portions of the Software. |
| # * |
| # * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR |
| # * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, |
| # * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE |
| # * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER |
| # * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING |
| # * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER |
| # * DEALINGS IN THE SOFTWARE. |
| # * |
| # */ |
| # This is a sample file containing a basic API for Managing API-KEYs with Redis |
| |
| # sample query: curl -i http://localhost/cache/redis_query?KEYS%20*cachedkey* |
| # Sample query to list all keys; |
| # curl http://localhost/cache/redis_query?KEYS%20*cachedkey* | grep cachedkey | awk -F ":" '{printf "%+ 32s %+ 20s \n",$2,$3}' | sort |
| location /cache/redis_query { |
| allow 127.0.0.1; |
| deny all; |
| set_unescape_uri $query $query_string; |
| redis2_raw_query '$query\r\n'; |
| redis2_pass api-gateway-redis; |
| } |
| |
| location ~ /cache/api_key/set { |
| internal; |
| |
| limit_except POST OPTIONS { |
| deny all; |
| } |
| |
| set $key $arg_key; |
| set $key_secret $arg_secret; |
| set $realm $arg_realm; |
| set $service_id $arg_service_id; |
| set $service_name $arg_service_name; |
| set $consumer_org_name $arg_consumer_org_name; |
| set $app_name $arg_app_name; |
| set $plan_name $arg_plan_name; |
| |
| set_if_empty $key_secret '-'; |
| set_if_empty $realm sandbox; |
| set_if_empty $service_id _undefined_; |
| set_if_empty $service_name _undefined_; |
| set_if_empty $consumer_org_name _undefined_; |
| set_if_empty $app_name _undefined_; |
| set_if_empty $plan_name _undefined_; |
| |
| # this should be backward compatible with the initial api |
| set $metadata '{ |
| "key":"$key", |
| "key_secret":"$key_secret", |
| "realm":"$realm", |
| "service_id":"$service_id", |
| "service_name":"$service_name", |
| "consumer_org_name":"$consumer_org_name", |
| "app_name":"$app_name", |
| "plan_name":"$plan_name" |
| }'; |
| |
| default_type application/json; |
| |
| content_by_lua ' |
| local BaseValidator = require "api-gateway.validation.validator" |
| local validator = BaseValidator:new() |
| validator:setKeyInRedis("cachedkey:" .. ngx.var.key .. ":" .. ngx.var.service_id, "metadata", nil, ngx.var.metadata) |
| ngx.say(ngx.var.metadata) |
| '; |
| } |
| |
| location ~ /cache/api_key/del { |
| internal; |
| |
| limit_except DELETE { |
| deny all; |
| } |
| |
| set $key $arg_key; |
| set $service_id $arg_service_id; |
| |
| set $redis_cmd "DEL cachedkey:$key:$service_id"; |
| |
| # limit_except OPTIONS |
| proxy_pass http://127.0.0.1:9191/cache/redis_query?$redis_cmd; |
| } |
| |
| location ~ /cache/api_key/get { |
| internal; |
| |
| limit_except GET OPTIONS { |
| deny all; |
| } |
| |
| set $api_key $arg_key; |
| set $service_id $arg_service_id; |
| |
| content_by_lua 'ngx.apiGateway.validation.validateApiKey()'; |
| } |
| |
| # pure REST API URI where POST goes to /set, GET to /get, DELETE to /del through internal redirect |
| location = /cache/api_key { |
| uninitialized_variable_warn off; |
| # allow 127.0.0.1; |
| # deny all; |
| |
| if ($request_method = POST) { |
| rewrite ^/cache/api_key(.*)$ /cache/api_key/set$1 last; |
| } |
| |
| if ($request_method = DELETE) { |
| rewrite ^/cache/api_key(.*)$ /cache/api_key/del$1 last; |
| } |
| |
| if ($request_method ~* ^(GET|OPTIONS)$ ) { |
| rewrite ^/cache/api_key(.*)$ /cache/api_key/get$1 last; |
| } |
| } |