kong api gateway 插件之acl
来源:互联网 发布:剑灵力士捏脸数据大全 编辑:程序博客网 时间:2024/06/07 18:12
文章来源:http://blog.csdn.net/qq_26656329/article/details/78432565
- 添加一个API
curl -i -X POST \ --url http://localhost:8001/apis/ \ --data 'name=example-api' \ --data 'uris=/user' \ --data 'upstream_url=http://test.my'
- 返回值
{ "created_at":1509616750000, "strip_uri":true, "id":"ced08536-36d8-4e0f-bc94-5e650b29375b", "name":"example-api", "http_if_terminated":false, "preserve_host":false, "upstream_url":"http://test.my", "uris":[ "/user" ], "upstream_connect_timeout":60000, "upstream_send_timeout":60000, "upstream_read_timeout":60000, "retries":5, "https_only":false}
- API关联oauth
curl -X POST http://localhost:8001/apis/example-api/plugins \ --data "name=oauth2" \ --data "config.enable_authorization_code=true" \ --data "config.scopes=email,phone,address" \ --data "config.mandatory_scope=true"
- 返回值
{ "created_at":1509616928000, "config":{ "token_expiration":7200, "mandatory_scope":true, "hide_credentials":false, "enable_authorization_code":true, "enable_implicit_grant":false, "global_credentials":false, "scopes":[ "email", "phone", "address" ], "enable_password_grant":false, "accept_http_if_already_terminated":false, "anonymous":"", "enable_client_credentials":false, "provision_key":"function" }, "id":"c8cfea25-1523-44fc-a3cd-1f2b7fcb2cea", "name":"oauth2", "api_id":"ced08536-36d8-4e0f-bc94-5e650b29375b", "enabled":true}
- 添加消费者
curl -X POST http://localhost:8001/consumers/ \ --data "username=user123"
- 返回值
{ "created_at":1509617000000, "username":"user123", "id":"e5b491d8-46db-4371-a279-57e2a2ab30d7"}
- 创建应用
curl -X POST http://localhost:8001/consumers/e5b491d8-46db-4371-a279-57e2a2ab30d7/oauth2 \ --data "name=test-app" \ --data "redirect_uri=http://test.my"
- 返回值
{ "client_id":"IL9mQYMtIAWw9cTWGrvC0OCyA3sNCmrO", "created_at":1509617348000, "id":"a4723382-db36-4bfc-8a0e-ecfb4dcd24d5", "redirect_uri":[ "http://test.my" ], "name":"test-app", "client_secret":"Pat9mbOTd4ynpAZZHSknSo9LGC92vToU", "consumer_id":"e5b491d8-46db-4371-a279-57e2a2ab30d7"}
- 消费者分组
curl -X POST http://localhost:8001/consumers/user123/acls \ --data "group=group1"
- 返回值
{ "group":"group1", "created_at":1509617164000, "id":"bdcab065-0eaf-415a-9ce8-d3121bb3dd59", "consumer_id":"e5b491d8-46db-4371-a279-57e2a2ab30d7"}
- 测试API访问
# 生成codecurl -X POST https://localhost:8443/user/oauth2/authorize \ --data "client_id=IL9mQYMtIAWw9cTWGrvC0OCyA3sNCmrO" \ --data "response_type=code" \ --data "provision_key=function" \ --data "authenticated_userid=0" \ --data "scope=email"# 获取tokencurl -X POST https://localhost:8443/user/oauth2/token \ --data client_id=IL9mQYMtIAWw9cTWGrvC0OCyA3sNCmrO \ --data client_secret=Pat9mbOTd4ynpAZZHSknSo9LGC92vToU \ --data provision_key=function \ --data code=Bj8sRhSiUO3lUaD6G8mR0LDYokc7td1T \ --data grant_type=authorization_code# 访问APIcurl https://localhost:8443/user?access_token=Iv6l21VPo3ctgLRv1QicWcGBhJS0Rmku
- 返回值
# code返回值{ "redirect_uri": "http://test.my?code=Bj8sRhSiUO3lUaD6G8mR0LDYokc7td1T"}# token返回值{ "refresh_token": "sKKFXWGkqsrWliDKLHaelU3XtIqL1duD", "token_type": "bearer", "access_token": "Iv6l21VPo3ctgLRv1QicWcGBhJS0Rmku", "expires_in": 7200}# 访问API返回值array ( 'access_token' => 'Iv6l21VPo3ctgLRv1QicWcGBhJS0Rmku',)
- api关联acl插件并把group1加入黑名单
curl -X POST http://localhost:8001/apis/example-api/plugins \ --data "name=acl" \ --data "config.blacklist=group1, group2"
- 返回值
{ "created_at":1509617953000, "config":{ "whitelist":[ "group1", "group2" ] }, "id":"03890256-0f28-445c-ab1b-435eab73362a", "name":"acl", "api_id":"ced08536-36d8-4e0f-bc94-5e650b29375b", "enabled":true}
- 再次请求API
curl https://localhost:8443/user?access_token=Iv6l21VPo3ctgLRv1QicWcGBhJS0Rmku
- 返回值
{ "message": "You cannot consume this service"}
阅读全文
0 0
- kong api gateway 插件之acl
- kong API gateway(四):插件
- 【kong系列七】之ACL策略插件
- kong API gateway(一):安装
- kong API gateway(三):consumers
- API GateWay ---Kong 安装注意事项
- kong API gateway(二):添加API
- kong API gateway(五):upstreams&targets
- Kong API Gateway部署手册----安装
- kong插件之httplog
- kong插件之Rate Limiting
- kong插件之Request Transformer
- 【kong系列一】之 API网关 & kong 概述
- 【kong系列四】之插件篇
- 云框架发布KONG API Gateway主题,开源求助攻~
- 【kong系列五】之 基本认证Basic Authentication插件
- 【kong系列六】之关键字认证key_auth插件
- 【kong系列八】之HMAC认证hmac-auth插件
- python容器之元组、集合使用
- 卡常神器 手写堆
- Leetcode 第206题:Reverse Linked List
- 编译CEF3:VS2015+CEF3.3202
- The Zen of Python(python之禅)
- kong api gateway 插件之acl
- VideoCapture类
- javascript闭包总结
- [填坑系列]Android Studio 3.0配置更改
- 求大佬帮我解决一个bug!
- 新手SEO如何去做好一个网站 简析新手做网站的经验
- 方差递推公式
- range--Demo
- day5