tk/Ocelot
1
0
Fork 0
mirror of https://github.com/nsnail/Ocelot.git synced 2025-04-22 06:22:50 +08:00
Code Issues Packages Projects Releases Wiki Activity

change to catch not modified response and get config working correctly

Browse Source
This commit is contained in:
TomPallister 2017-02-25 17:47:24 +00:00
parent be24f9a9ca
commit a983af35a1
5 changed files with 52 additions and 37 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

13
README.md
View File

@ -114,7 +114,8 @@ Currently this is the only way to get configuration into Ocelot.
} }
} }
Then in your Program.cs you will want to have the following.. Then in your Program.cs you will want to have the following. This can be changed if you
don't wan't to use the default url e.g. UseUrls(someUrls) and should work as long as you keep the WebHostBuilder registration.
IWebHostBuilder builder = new WebHostBuilder(); IWebHostBuilder builder = new WebHostBuilder();
@ -390,7 +391,7 @@ In this example ttl seconds is set to 15 which means the cache will expire after
## Administration ## Administration
Ocelot supports changing configuration during runtime via an authenticated HTTP API. The API is authenticated Ocelot supports changing configuration during runtime via an authenticated HTTP API. The API is authenticated
using bearer tokens that you request from iteself. This support is provided by the amazing IdentityServer using bearer tokens that you request from iteself. This is provided by the amazing [IdentityServer](https://github.com/IdentityServer/IdentityServer4)
project that I have been using for a few years now. Check them out. project that I have been using for a few years now. Check them out.
In order to enable the administration section you need to do a few things. First of all add this to your In order to enable the administration section you need to do a few things. First of all add this to your
@ -413,13 +414,13 @@ These need to be the admin username you want to use with Ocelot and the hash and
use given hashing algorythm. When requesting bearer tokens for use with the administration api you will need to use given hashing algorythm. When requesting bearer tokens for use with the administration api you will need to
supply username and password. supply username and password.
In order to create a hash and salt of your password please check out HashCreationTests.should_create_hash_and_salt() this technique is based on MS doc I found online TODO find and link... In order to create a hash and salt of your password please check out HashCreationTests.should_create_hash_and_salt()
this technique is based on [this](https://docs.microsoft.com/en-us/aspnet/core/security/data-protection/consumer-apis/password-hashing)
using SHA256 rather than SHA1.
OK next thing is to get this config into Ocelot... Now if you went with the configuration options above and want to access the API you can make the following requests.
At the moment Ocelot supports really limited options in terms of users and authentication for the admin API. At
least your stuff needs to be hashed!

6
src/Ocelot/Configuration/Creator/FileOcelotConfigurationCreator.cs
View File

@ -86,13 +86,13 @@ namespace Ocelot.Configuration.Creator
var reRoutes = new List<ReRoute>(); var reRoutes = new List<ReRoute>();
foreach (var reRoute in _options.Value.ReRoutes) foreach (var reRoute in fileConfiguration.ReRoutes)
{ {
var ocelotReRoute = await SetUpReRoute(reRoute, _options.Value.GlobalConfiguration); var ocelotReRoute = await SetUpReRoute(reRoute, fileConfiguration.GlobalConfiguration);
reRoutes.Add(ocelotReRoute); reRoutes.Add(ocelotReRoute);
} }
return new OcelotConfiguration(reRoutes, _options.Value.GlobalConfiguration.AdministrationPath); return new OcelotConfiguration(reRoutes, fileConfiguration.GlobalConfiguration.AdministrationPath);
} }
private async Task<ReRoute> SetUpReRoute(FileReRoute fileReRoute, FileGlobalConfiguration globalConfiguration) private async Task<ReRoute> SetUpReRoute(FileReRoute fileReRoute, FileGlobalConfiguration globalConfiguration)

35
src/Ocelot/Configuration/Creator/IdentityServerConfigurationCreator.cs Normal file
View File

@ -0,0 +1,35 @@
using System;
using System.Collections.Generic;
using IdentityServer4.AccessTokenValidation;
using IdentityServer4.Models;
using Ocelot.Configuration.Provider;
namespace Ocelot.Configuration.Creator
{
public static class IdentityServerConfigurationCreator
{
public static IdentityServerConfiguration GetIdentityServerConfiguration()
{
var username = Environment.GetEnvironmentVariable("OCELOT_USERNAME");
var hash = Environment.GetEnvironmentVariable("OCELOT_HASH");
var salt = Environment.GetEnvironmentVariable("OCELOT_SALT");
return new IdentityServerConfiguration(
"admin",
false,
SupportedTokens.Both,
"secret",
new List<string> { "admin", "openid", "offline_access" },
"Ocelot Administration",
true,
GrantTypes.ResourceOwnerPassword,
AccessTokenType.Jwt,
false,
new List<User>
{
new User("admin", username, hash, salt)
}
);
}
}
}

27
src/Ocelot/DependencyInjection/ServiceCollectionExtensions.cs
View File

@ -3,7 +3,6 @@ using System.Collections.Generic;
using System.Linq; using System.Linq;
using System.Net.Http; using System.Net.Http;
using CacheManager.Core; using CacheManager.Core;
using IdentityServer4.AccessTokenValidation;
using IdentityServer4.Models; using IdentityServer4.Models;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
using Microsoft.Extensions.Configuration; using Microsoft.Extensions.Configuration;
@ -61,7 +60,7 @@ namespace Ocelot.DependencyInjection
services.AddSingleton<IConfigurationValidator, FileConfigurationValidator>(); services.AddSingleton<IConfigurationValidator, FileConfigurationValidator>();
services.AddSingleton<IBaseUrlFinder, BaseUrlFinder>(); services.AddSingleton<IBaseUrlFinder, BaseUrlFinder>();
var identityServerConfiguration = GetIdentityServerConfiguration(); var identityServerConfiguration = IdentityServerConfigurationCreator.GetIdentityServerConfiguration();
if(identityServerConfiguration != null) if(identityServerConfiguration != null)
{ {
@ -142,29 +141,5 @@ namespace Ocelot.DependencyInjection
return services; return services;
} }
private static IdentityServerConfiguration GetIdentityServerConfiguration()
{
var username = Environment.GetEnvironmentVariable("OCELOT_USERNAME");
var hash = Environment.GetEnvironmentVariable("OCELOT_HASH");
var salt = Environment.GetEnvironmentVariable("OCELOT_SALT");
return new IdentityServerConfiguration(
"admin",
false,
SupportedTokens.Both,
"secret",
new List<string> {"admin", "openid", "offline_access"},
"Ocelot Administration",
true,
GrantTypes.ResourceOwnerPassword,
AccessTokenType.Jwt,
false,
new List<User>
{
new User("admin", username, hash, salt)
}
);
}
} }
} }

6
src/Ocelot/Responder/HttpContextResponder.cs
View File

@ -1,5 +1,6 @@
using System.IO; using System.IO;
using System.Linq; using System.Linq;
using System.Net;
using System.Net.Http; using System.Net.Http;
using System.Threading.Tasks; using System.Threading.Tasks;
using Microsoft.AspNetCore.Http; using Microsoft.AspNetCore.Http;
@ -54,7 +55,10 @@ namespace Ocelot.Responder
using (Stream stream = new MemoryStream(content)) using (Stream stream = new MemoryStream(content))
{ {
await stream.CopyToAsync(context.Response.Body); if (response.StatusCode != HttpStatusCode.NotModified)
{
await stream.CopyToAsync(context.Response.Body);
}
} }
} }