Merge branch 'master' of https://github.com/srinandan/microgateway-plugins
diff --git a/accesscontrol/README.md b/accesscontrol/README.md new file mode 100644 index 0000000..44d9f00 --- /dev/null +++ b/accesscontrol/README.md
@@ -0,0 +1,27 @@ +#Sample Plugin - AccessControl + +##Overview +This plugin provides IP filtering to Edge Microgateway. With this plugin, users can whitelist and/or blacklist IP Addresses. + +##Enable the plugin +Include the plugin the in plugin sequence of {org}-{env}-config.yaml file: +``` + plugins: + sequence: + - oauth + - accesscontrol +``` + +##Configure the plugin +The plugin configuration has three parts: +* (instance) Defining the microgateway instance. This registers microgateway with Eureka +* (eureka) Provide the endpoint details to where Eureka is hosted +* (lookup) See below for details +``` +accesscontrol: + allow: + - 10.10.10.10 + - 11.*.11.* + deny: + - 12.12.12.* +```
diff --git a/accesscontrol/README.md~ b/accesscontrol/README.md~ new file mode 100644 index 0000000..a8e8c5c --- /dev/null +++ b/accesscontrol/README.md~
@@ -0,0 +1,34 @@ +#Sample Plugin - AccessControl + +##Overview +This plugin provides IP filtering to Edge Microgateway. With this plugin, users can whitelist and/or blacklist IP Addresses. + +##Enable the plugin +Include the plugin the in plugin sequence of {org}-{env}-config.yaml file: +``` + plugins: + sequence: + - oauth + - accesscontrol +``` + +##Configure the plugin +The plugin configuration has three parts: +* (instance) Defining the microgateway instance. This registers microgateway with Eureka +* (eureka) Provide the endpoint details to where Eureka is hosted +* (lookup) See below for details +``` +accesscontrol: + allow: + - 10.10.10.10 + - 11.*.11.* + deny: + - 12.12.12.* +``` + +###Lookup Configuration +Eureka registers apps (BOOK in the example above). There needs to be a mapping to map the API Proxy basePath to an app registered on Eureka. In the example above, the basePath /httpbin and /book maps to the BOOK app. + +NOTE: If a mapping is not found, then the plugins forwards the API traffic as configured in the proxy. + +
diff --git a/accesscontrol/package.json b/accesscontrol/package.json index 696da2b..cdcf333 100644 --- a/accesscontrol/package.json +++ b/accesscontrol/package.json
@@ -1,5 +1,5 @@ { - "name": "edgemicro-access-control", + "name": "edgemicro-accesscontrol", "version": "1.0.0", "description": "This provides ip based whitelisting or blacklisting", "main": "index.js",
diff --git a/accesscontrol/package.json~ b/accesscontrol/package.json~ new file mode 100644 index 0000000..696da2b --- /dev/null +++ b/accesscontrol/package.json~
@@ -0,0 +1,22 @@ +{ + "name": "edgemicro-access-control", + "version": "1.0.0", + "description": "This provides ip based whitelisting or blacklisting", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "srinandan", + "license": "Apache 2.0", + "dependencies": { + "debug": "^2.2.0" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/apigee/microgateway-plugins.git" + }, + "bugs": { + "url": "https://github.com/apigee/microgateway-plugins/issues" + }, + "homepage": "https://github.com/apigee/microgateway-plugins#readme" +}
diff --git a/eurekaclient/README.md b/eurekaclient/README.md new file mode 100644 index 0000000..21769e0 --- /dev/null +++ b/eurekaclient/README.md
@@ -0,0 +1,48 @@ +#Sample Plugin - Eureka + +##Overview +This plugin integrates with [NetFlix's Eureka](https://github.com/Netflix/eureka). Eureka is a REST (Representational State Transfer) based service that is primarily used in the AWS cloud for locating services for the purpose of load balancing and failover of middle-tier servers. + + +##Enable the plugin +Include the plugin the in plugin sequence of {org}-{env}-config.yaml file: +``` + plugins: + sequence: + - oauth + - eurekaclient +``` + +##Configure the plugin +The plugin configuration has three parts: +* (instance) Defining the microgateway instance. This registers microgateway with Eureka +* (eureka) Provide the endpoint details to where Eureka is hosted +* (lookup) See below for details +``` +eurekaclient: + instance: + app: microgateway + vipAddress: microgateway + dataCenterInfo: + name: MyOwn + eureka: + host: localhost + port: 8761 + servicePath: /eureka/apps/ + lookup: + - + uri: /book + app: BOOK + secure: false + - + uri: /httpbin + app: BOOK + secure: false +``` + +###Lookup Configuration +Eureka registers apps (BOOK in the example above). There needs to be a mapping to map the API Proxy basePath to an app registered on Eureka. In the example above, the basePath /httpbin and /book maps to the BOOK app. + +NOTE: If a mapping is not found, then the plugins forwards the API traffic as configured in the proxy. + +
diff --git a/eurekaclient/README.md~ b/eurekaclient/README.md~ new file mode 100644 index 0000000..e69de29 --- /dev/null +++ b/eurekaclient/README.md~
diff --git a/eurekaclient/index.js b/eurekaclient/index.js index b582390..f1ba578 100644 --- a/eurekaclient/index.js +++ b/eurekaclient/index.js
@@ -8,7 +8,7 @@ var util = require('util'); var os = require('os'); -const port = 8000; +const port = process.env.PORT || 8000; const Eureka = require('eureka-js-client').Eureka; module.exports.init = function (config, logger, stats) {
diff --git a/eurekaclient/index.js~ b/eurekaclient/index.js~ new file mode 100644 index 0000000..b582390 --- /dev/null +++ b/eurekaclient/index.js~
@@ -0,0 +1,95 @@ +'use strict'; +/** + * This plugin integrate with Eureka and gets the target + * endpoint dynamically. + */ + +var debug = require('debug')('plugin:eurekeclient'); +var util = require('util'); +var os = require('os'); + +const port = 8000; +const Eureka = require('eureka-js-client').Eureka; + +module.exports.init = function (config, logger, stats) { + + const lookup = config.servicemap; + + config.instance.hostName = os.hostname(); + debug('local hostName: ' + config.instance.hostName); + config.instance.ipAddr = getIPAddr(); + config.instance.port = {}; + config.instance.port["$"] = port; + config.instance.port["@enabled"] = true; + config.instance.dataCenterInfo["@class"] = "com.netflix.appinfo.InstanceInfo$DefaultDataCenterInfo"; + + const client = new Eureka(config); + + try { + client.start(); + } catch (err) { + console.error(err); + client.stop(); + } + + function getIPAddr() { + var interfaces = os.networkInterfaces(); + var addresses = []; + for (var k in interfaces) { + for (var k2 in interfaces[k]) { + var address = interfaces[k][k2]; + if (address.family === 'IPv4' && !address.internal) { + addresses.push(address.address); + } + } + } + debug ('localhost ip: ' + addresses[0]); + return addresses[0]; + } + + function getAppName(url) { + for (var index in lookup) { + if (url.includes(lookup[index].uri) || url == lookup[index].uri) { + return { + app: lookup[index].app, + secure: lookup[index].secure + }; + } + } + return ""; + } + + function getTarget(app, secure) { + var instances = client.getInstancesByAppId(app); + + for (var index in instances) { + if (instances[index].status == "UP") { + return (secure == true) ? {"hostName": instances[index].hostName, "port": instances[index].securePort["$"]} : {"hostName": instances[index].hostName, "port":instances[index].port["$"]}; + } + } + return ""; + } + + return { + onrequest: function(req, res, next) { + var appInfo = getAppName(req.url); + var endpoint = getTarget(appInfo.app, appInfo.secure); + + if (endpoint.hostName) { + debug("target hostname: " + endpoint.hostName); + req.targetHostname = endpoint.hostName; + debug("target port: " + endpoint.port); + req.targetPort = endpoint.port; + req.targetPath = req.url; + if (appInfo.secure) { + req.targetSecure = true; + } else { + req.targetSecure = false; + } + } else { + console.warn("Target enpoint from Eureka not found"); + } + next(); + } + }; +}
diff --git a/eurekaclient/package.json b/eurekaclient/package.json index c3443bd..1bc7b68 100644 --- a/eurekaclient/package.json +++ b/eurekaclient/package.json
@@ -1,14 +1,22 @@ { - "name": "eurekaclient", + "name": "edgemicro-eurekaclient", "version": "1.0.0", - "description": "", + "description": "This microgateway plugin integrates for NetFlix's Eureka", "main": "index.js", "scripts": { "test": "echo \"Error: no test specified\" && exit 1" }, - "author": "", - "license": "ISC", + "author": "srinandans@google.com", + "license": "Apache 2.0", "dependencies": { "eureka-js-client": "^4.3.0" - } + }, + "repository": { + "type": "git", + "url": "git+https://github.com/apigee/microgateway-plugins.git" + }, + "bugs": { + "url": "https://github.com/apigee/microgateway-plugins/issues" + }, + "homepage": "https://github.com/apigee/microgateway-plugins#readme" }
diff --git a/eurekaclient/package.json~ b/eurekaclient/package.json~ new file mode 100644 index 0000000..02ff0ae --- /dev/null +++ b/eurekaclient/package.json~
@@ -0,0 +1,22 @@ +{ + "name": "edgemicro-eurekaclient", + "version": "1.0.0", + "description": "This microgateway plugin integrates for NetFlix's Eureka", + "main": "index.js", + "scripts": { + "test": "echo \"Error: no test specified\" && exit 1" + }, + "author": "srinandans@google.com", + "license": "ISC", + "dependencies": { + "eureka-js-client": "^4.3.0" + }, + "repository": { + "type": "git", + "url": "git+https://github.com/apigee/microgateway-plugins.git" + }, + "bugs": { + "url": "https://github.com/apigee/microgateway-plugins/issues" + }, + "homepage": "https://github.com/apigee/microgateway-plugins#readme" +}
diff --git a/eurekaclient/eureka-client.json b/eurekaclient/test/eureka-client.json similarity index 100% rename from eurekaclient/eureka-client.json rename to eurekaclient/test/eureka-client.json
diff --git a/eurekaclient/servicelookup.json b/eurekaclient/test/servicelookup.json similarity index 100% rename from eurekaclient/servicelookup.json rename to eurekaclient/test/servicelookup.json
diff --git a/oauth/index.js b/oauth/index.js index 9521cee..22826e6 100644 --- a/oauth/index.js +++ b/oauth/index.js
@@ -42,9 +42,14 @@ } } else if (apikey_only) { - if (req.headers[authHeaderName]) { - debug('Invalid Authorization Type'); - return sendError(req, res, next, logger, stats, 'invalid_auth', 'Invalid Authorization type'); + if (!req.headers[apiKeyHeaderName]) { + debug('missing api key'); + return sendError(req, res, next, logger, stats, 'invalid_auth', 'Missing API Key header'); + } else { + if (!req.headers[apiKeyHeaderName]) { + debug('missing api key'); + return sendError(req, res, next, logger, stats, 'invalid_auth', 'Missing API Key header'); + } } } //leaving rest of the code same to ensure backward compatibility @@ -61,12 +66,17 @@ } } else { var header = authHeaderRegex.exec(req.headers[authHeaderName]); - if (!header || header.length < 2) { - debug('Invalid Authorization Header'); - return sendError(req, res, next, logger, stats, 'invalid_request', 'Invalid Authorization header'); + if (!config.allowInvalidAuthorization) { + if (!header || header.length < 2) { + debug('Invalid Authorization Header'); + return sendError(req, res, next, logger, stats, 'invalid_request', 'Invalid Authorization header'); + } } - var token = header[1]; + var token = ''; + if (header) { + token = header[1]; + } if (!keepAuthHeader) { delete (req.headers[authHeaderName]); // don't pass this header to target