Google Git
Sign in
apache / openwhisk-apigateway / 3064f7174eb44280b230dfee3f6e55c212059cd0 / . / api-gateway-config / conf.d / includes / api_key_service.conf
blob: 83ac73661b910f8a43b816b700ba02dfaca4b855 [file] [log] [blame]
#/*
# * Copyright (c) 2012 Adobe Systems Incorporated. All rights reserved.
# *
# * Permission is hereby granted, free of charge, to any person obtaining a
# * copy of this software and associated documentation files (the "Software"),
# * to deal in the Software without restriction, including without limitation
# * the rights to use, copy, modify, merge, publish, distribute, sublicense,
# * and/or sell copies of the Software, and to permit persons to whom the
# * Software is furnished to do so, subject to the following conditions:
# *
# * The above copyright notice and this permission notice shall be included in
# * all copies or substantial portions of the Software.
# *
# * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
# * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
# * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
# * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
# * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING
# * FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER
# * DEALINGS IN THE SOFTWARE.
# *
# */
# This is a sample file containing a basic API for Managing API-KEYs with Redis
# sample query: curl -i http://localhost/cache/redis_query?KEYS%20*cachedkey*
# Sample query to list all keys;
# curl http://localhost/cache/redis_query?KEYS%20*cachedkey* | grep cachedkey | awk -F ":" '{printf "%+ 32s %+ 20s \n",$2,$3}' | sort
location /cache/redis_query {
allow 127.0.0.1;
deny all;
set_unescape_uri $query $query_string;
redis2_raw_query '$query\r\n';
redis2_pass api-gateway-redis;
}
location ~ /cache/api_key/set {
internal;
limit_except POST OPTIONS {
deny all;
}
set $key $arg_key;
set $key_secret $arg_secret;
set $realm $arg_realm;
set $service_id $arg_service_id;
set $service_name $arg_service_name;
set $consumer_org_name $arg_consumer_org_name;
set $app_name $arg_app_name;
set $plan_name $arg_plan_name;
set_if_empty $key_secret '-';
set_if_empty $realm sandbox;
set_if_empty $service_id _undefined_;
set_if_empty $service_name _undefined_;
set_if_empty $consumer_org_name _undefined_;
set_if_empty $app_name _undefined_;
set_if_empty $plan_name _undefined_;
# this should be backward compatible with the initial api
set $metadata '{
"key":"$key",
"key_secret":"$key_secret",
"realm":"$realm",
"service_id":"$service_id",
"service_name":"$service_name",
"consumer_org_name":"$consumer_org_name",
"app_name":"$app_name",
"plan_name":"$plan_name"
}';
default_type application/json;
content_by_lua '
local BaseValidator = require "api-gateway.validation.validator"
local validator = BaseValidator:new()
validator:setKeyInRedis("cachedkey:" .. ngx.var.key .. ":" .. ngx.var.service_id, "metadata", nil, ngx.var.metadata)
ngx.say(ngx.var.metadata)
';
}
location ~ /cache/api_key/del {
internal;
limit_except DELETE {
deny all;
}
set $key $arg_key;
set $service_id $arg_service_id;
set $redis_cmd "DEL cachedkey:$key:$service_id";
# limit_except OPTIONS
proxy_pass http://127.0.0.1:9191/cache/redis_query?$redis_cmd;
}
location ~ /cache/api_key/get {
internal;
limit_except GET OPTIONS {
deny all;
}
set $api_key $arg_key;
set $service_id $arg_service_id;
content_by_lua 'ngx.apiGateway.validation.validateApiKey()';
}
# pure REST API URI where POST goes to /set, GET to /get, DELETE to /del through internal redirect
location = /cache/api_key {
uninitialized_variable_warn off;
# allow 127.0.0.1;
# deny all;
if ($request_method = POST) {
rewrite ^/cache/api_key(.*)$ /cache/api_key/set$1 last;
}
if ($request_method = DELETE) {
rewrite ^/cache/api_key(.*)$ /cache/api_key/del$1 last;
}
if ($request_method ~* ^(GET|OPTIONS)$ ) {
rewrite ^/cache/api_key(.*)$ /cache/api_key/get$1 last;
}
}