Merge pull request #44 from srinandan/master

readme; updates to oauth
diff --git a/accesscontrol/README.md b/accesscontrol/README.md
new file mode 100644
index 0000000..44d9f00
--- /dev/null
+++ b/accesscontrol/README.md
@@ -0,0 +1,27 @@
+#Sample Plugin - AccessControl
+
+##Overview
+This plugin provides IP filtering to Edge Microgateway. With this plugin, users can whitelist and/or blacklist IP Addresses.
+
+##Enable the plugin
+Include the plugin the in plugin sequence of {org}-{env}-config.yaml file:
+```
+  plugins:
+    sequence:
+      - oauth
+      - accesscontrol
+```
+
+##Configure the plugin
+The plugin configuration has three parts:
+* (instance) Defining the microgateway instance. This registers microgateway with Eureka
+* (eureka) Provide the endpoint details to where Eureka is hosted
+* (lookup) See below for details
+```
+accesscontrol:
+	allow:
+	    - 10.10.10.10
+	    - 11.*.11.*
+	deny:
+	    - 12.12.12.*
+```
diff --git a/accesscontrol/package.json b/accesscontrol/package.json
index 696da2b..cdcf333 100644
--- a/accesscontrol/package.json
+++ b/accesscontrol/package.json
@@ -1,5 +1,5 @@
 {
-  "name": "edgemicro-access-control",
+  "name": "edgemicro-accesscontrol",
   "version": "1.0.0",
   "description": "This provides ip based whitelisting or blacklisting",
   "main": "index.js",
diff --git a/eurekaclient/README.md b/eurekaclient/README.md
new file mode 100644
index 0000000..21769e0
--- /dev/null
+++ b/eurekaclient/README.md
@@ -0,0 +1,48 @@
+#Sample Plugin - Eureka
+
+##Overview
+This plugin integrates with [NetFlix's Eureka](https://github.com/Netflix/eureka). Eureka is a REST (Representational State Transfer) based service that is primarily used in the AWS cloud for locating services for the purpose of load balancing and failover of middle-tier servers.
+
+
+##Enable the plugin
+Include the plugin the in plugin sequence of {org}-{env}-config.yaml file:
+```
+  plugins:
+    sequence:
+      - oauth
+      - eurekaclient
+```
+
+##Configure the plugin
+The plugin configuration has three parts:
+* (instance) Defining the microgateway instance. This registers microgateway with Eureka
+* (eureka) Provide the endpoint details to where Eureka is hosted
+* (lookup) See below for details
+```
+eurekaclient:
+	instance:
+	    app: microgateway
+	    vipAddress: microgateway
+	    dataCenterInfo: 
+	    	name: MyOwn
+	eureka:
+	    host: localhost
+	    port: 8761
+	    servicePath: /eureka/apps/
+	lookup:
+		-
+		    uri: /book
+		    app: BOOK
+		    secure: false
+		-
+		    uri: /httpbin
+		    app: BOOK
+		    secure: false	
+```
+
+###Lookup Configuration
+Eureka registers apps (BOOK in the example above). There needs to be a mapping to map the API Proxy basePath to an app registered on Eureka. In the example above, the basePath /httpbin and /book maps to the BOOK app.
+
+NOTE: If a mapping is not found, then the plugins forwards the API traffic as configured in the proxy.
+
+
diff --git a/eurekaclient/index.js b/eurekaclient/index.js
index b582390..f1ba578 100644
--- a/eurekaclient/index.js
+++ b/eurekaclient/index.js
@@ -8,7 +8,7 @@
 var util = require('util');
 var os = require('os');
 
-const port = 8000;
+const port = process.env.PORT || 8000;
 const Eureka = require('eureka-js-client').Eureka;
 
 module.exports.init = function (config, logger, stats) {
diff --git a/eurekaclient/package.json b/eurekaclient/package.json
index c3443bd..1bc7b68 100644
--- a/eurekaclient/package.json
+++ b/eurekaclient/package.json
@@ -1,14 +1,22 @@
 {
-  "name": "eurekaclient",
+  "name": "edgemicro-eurekaclient",
   "version": "1.0.0",
-  "description": "",
+  "description": "This microgateway plugin integrates for NetFlix's Eureka",
   "main": "index.js",
   "scripts": {
     "test": "echo \"Error: no test specified\" && exit 1"
   },
-  "author": "",
-  "license": "ISC",
+  "author": "srinandans@google.com",
+  "license": "Apache 2.0",
   "dependencies": {
     "eureka-js-client": "^4.3.0"
-  }
+  },
+  "repository": {
+    "type": "git",
+    "url": "git+https://github.com/apigee/microgateway-plugins.git"
+  },
+  "bugs": {
+    "url": "https://github.com/apigee/microgateway-plugins/issues"
+  },
+  "homepage": "https://github.com/apigee/microgateway-plugins#readme"
 }
diff --git a/eurekaclient/eureka-client.json b/eurekaclient/test/eureka-client.json
similarity index 100%
rename from eurekaclient/eureka-client.json
rename to eurekaclient/test/eureka-client.json
diff --git a/eurekaclient/servicelookup.json b/eurekaclient/test/servicelookup.json
similarity index 100%
rename from eurekaclient/servicelookup.json
rename to eurekaclient/test/servicelookup.json
diff --git a/oauth/index.js b/oauth/index.js
index 9521cee..0449e4a 100644
--- a/oauth/index.js
+++ b/oauth/index.js
@@ -42,13 +42,14 @@
       }
     }
     else if (apikey_only) {
-      if (req.headers[authHeaderName]) {
-        debug('Invalid Authorization Type');
-        return sendError(req, res, next, logger, stats, 'invalid_auth', 'Invalid Authorization type');        
-      }
+      if (!req.headers[apiKeyHeaderName]) {
+        debug('missing api key');
+        return sendError(req, res, next, logger, stats, 'invalid_auth', 'Missing API Key header');        
+      } 
     }
+
     //leaving rest of the code same to ensure backward compatibility
-    if (!req.headers[authHeaderName]) {
+    if (!req.headers[authHeaderName]  || config.allowAPIKeyOnly) {
       if (apiKey = req.headers[apiKeyHeaderName]) {
         exchangeApiKeyForToken(req, res, next, config, logger, stats, middleware, apiKey);
       } else if (req.reqUrl && req.reqUrl.query && (apiKey = req.reqUrl.query[apiKeyHeaderName])) {
@@ -61,17 +62,21 @@
       }
     } else {
       var header = authHeaderRegex.exec(req.headers[authHeaderName]);
-      if (!header || header.length < 2) {
-        debug('Invalid Authorization Header');
-        return sendError(req, res, next, logger, stats, 'invalid_request', 'Invalid Authorization header');
+      if (!config.allowInvalidAuthorization) {
+        if (!header || header.length < 2) {
+          debug('Invalid Authorization Header');
+          return sendError(req, res, next, logger, stats, 'invalid_request', 'Invalid Authorization header');
+        }        
       }
 
-      var token = header[1];
-
       if (!keepAuthHeader) {
         delete (req.headers[authHeaderName]); // don't pass this header to target
       }
 
+      var token = '';
+      if (header) {
+        token = header[1];        
+      }
       verify(token, config, logger, stats, middleware, req, res, next);
     }
   }