mirror of
https://github.com/nsnail/Ocelot.git
synced 2025-04-22 06:42:50 +08:00
WrathZA
Tom Pallister
parent
d186f0e1b6
commit
fa6dc5901a
@ -62,7 +62,7 @@ will need to be changed if you are running Ocelot on a different url to http://l
|
|||||||
The scripts show you how to request a bearer token from ocelot and then use it to GET the existing configuration and POST
|
The scripts show you how to request a bearer token from ocelot and then use it to GET the existing configuration and POST
|
||||||
a configuration.
|
a configuration.
|
||||||
|
|
||||||
If you are running multiple Ocelot's in a cluster then you need to use a certificate to sign the bearer tokens used to access the administration API.
|
If you are running multiple Ocelot instances in a cluster then you need to use a certificate to sign the bearer tokens used to access the administration API.
|
||||||
|
|
||||||
In order to do this you need to add two more environmental variables for each Ocelot in the cluster.
|
In order to do this you need to add two more environmental variables for each Ocelot in the cluster.
|
||||||
|
|
||||||
@ -71,7 +71,7 @@ In order to do this you need to add two more environmental variables for each Oc
|
|||||||
``OCELOT_CERTIFICATE_PASSWORD``
|
``OCELOT_CERTIFICATE_PASSWORD``
|
||||||
The password for the certificate.
|
The password for the certificate.
|
||||||
|
|
||||||
Normally Ocelot just uses temporary signing credentials but if you set these environmental variables then it will use the certificate. If all the other Ocelots in the cluster have the same certificate then you are good!
|
Normally Ocelot just uses temporary signing credentials but if you set these environmental variables then it will use the certificate. If all the other Ocelot instances in the cluster have the same certificate then you are good!
|
||||||
|
|
||||||
|
|
||||||
Administration API
|
Administration API
|
||||||
|
|||||||
@ -7,13 +7,13 @@ parameters and other claims. This is only available once a user has been authent
|
|||||||
After the user is authenticated we run the claims to claims transformation middleware.
|
After the user is authenticated we run the claims to claims transformation middleware.
|
||||||
This allows the user to transform claims before the authorisation middleware is called.
|
This allows the user to transform claims before the authorisation middleware is called.
|
||||||
After the user is authorised first we call the claims to headers middleware and Finally
|
After the user is authorised first we call the claims to headers middleware and Finally
|
||||||
the claims to query strig parameters middleware.
|
the claims to query string parameters middleware.
|
||||||
|
|
||||||
The syntax for performing the transforms is the same for each proces. In the ReRoute
|
The syntax for performing the transforms is the same for each process. In the ReRoute
|
||||||
configuration a json dictionary is added with a specific name either AddClaimsToRequest,
|
configuration a json dictionary is added with a specific name either AddClaimsToRequest,
|
||||||
AddHeadersToRequest, AddQueriesToRequest.
|
AddHeadersToRequest, AddQueriesToRequest.
|
||||||
|
|
||||||
Note I'm not a hotshot programmer so have no idea if this syntax is good..
|
Note: I'm not a hotshot programmer so have no idea if this syntax is good...
|
||||||
|
|
||||||
Within this dictionary the entries specify how Ocelot should transform things!
|
Within this dictionary the entries specify how Ocelot should transform things!
|
||||||
The key to the dictionary is going to become the key of either a claim, header
|
The key to the dictionary is going to become the key of either a claim, header
|
||||||
@ -23,12 +23,12 @@ The value of the entry is parsed to logic that will perform the transform. First
|
|||||||
all a dictionary accessor is specified e.g. Claims[CustomerId]. This means we want
|
all a dictionary accessor is specified e.g. Claims[CustomerId]. This means we want
|
||||||
to access the claims and get the CustomerId claim type. Next is a greater than (>)
|
to access the claims and get the CustomerId claim type. Next is a greater than (>)
|
||||||
symbol which is just used to split the string. The next entry is either value or value with
|
symbol which is just used to split the string. The next entry is either value or value with
|
||||||
and indexer. If value is specifed Ocelot will just take the value and add it to the
|
and indexer. If value is specified Ocelot will just take the value and add it to the
|
||||||
transform. If the value has an indexer Ocelot will look for a delimiter which is provided
|
transform. If the value has an indexer Ocelot will look for a delimiter which is provided
|
||||||
after another greater than symbol. Ocelot will then split the value on the delimiter
|
after another greater than symbol. Ocelot will then split the value on the delimiter
|
||||||
and add whatever was at the index requested to the transform.
|
and add whatever was at the index requested to the transform.
|
||||||
|
|
||||||
Claims to Claims Tranformation
|
Claims to Claims Transformation
|
||||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||||
|
|
||||||
Below is an example configuration that will transforms claims to claims
|
Below is an example configuration that will transforms claims to claims
|
||||||
@ -54,10 +54,10 @@ Below is an example configuration that will transforms claims to headers
|
|||||||
"CustomerId": "Claims[sub] > value[1] > |"
|
"CustomerId": "Claims[sub] > value[1] > |"
|
||||||
}
|
}
|
||||||
|
|
||||||
This shows a transform where Ocelot looks at the users sub claim and trasnforms it into a
|
This shows a transform where Ocelot looks at the users sub claim and transforms it into a
|
||||||
CustomerId header. Assuming the sub looks like this "usertypevalue|useridvalue".
|
CustomerId header. Assuming the sub looks like this "usertypevalue|useridvalue".
|
||||||
|
|
||||||
Claims to Query String Parameters Tranformation
|
Claims to Query String Parameters Transformation
|
||||||
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|
||||||
|
|
||||||
Below is an example configuration that will transforms claims to query string parameters
|
Below is an example configuration that will transforms claims to query string parameters
|
||||||
@ -68,5 +68,5 @@ Below is an example configuration that will transforms claims to query string pa
|
|||||||
"LocationId": "Claims[LocationId] > value",
|
"LocationId": "Claims[LocationId] > value",
|
||||||
}
|
}
|
||||||
|
|
||||||
This shows a transform where Ocelot looks at the users LocationId claim and add its as
|
This shows a transform where Ocelot looks at the users LocationId claim and add it as
|
||||||
a query string parameter to be forwarded onto the downstream service.
|
a query string parameter to be forwarded onto the downstream service.
|
||||||
@ -4,8 +4,8 @@ Middleware Injection and Overrides
|
|||||||
Warning use with caution. If you are seeing any exceptions or strange behavior in your middleware
|
Warning use with caution. If you are seeing any exceptions or strange behavior in your middleware
|
||||||
pipeline and you are using any of the following. Remove them and try again!
|
pipeline and you are using any of the following. Remove them and try again!
|
||||||
|
|
||||||
When setting up Ocelot in your Startup.cs you can provide some additonal middleware
|
When setting up Ocelot in your Startup.cs you can provide some additional middleware
|
||||||
and override middleware. This is done as follos.
|
and override middleware. This is done as follows.
|
||||||
|
|
||||||
.. code-block:: csharp
|
.. code-block:: csharp
|
||||||
|
|
||||||
@ -20,7 +20,7 @@ and override middleware. This is done as follos.
|
|||||||
app.UseOcelot(configuration);
|
app.UseOcelot(configuration);
|
||||||
|
|
||||||
In the example above the provided function will run before the first piece of Ocelot middleware.
|
In the example above the provided function will run before the first piece of Ocelot middleware.
|
||||||
This allows a user to supply any behaviours they want before and after the Ocelot pipeline has run.
|
This allows a user to supply any behaviors they want before and after the Ocelot pipeline has run.
|
||||||
This means you can break everything so use at your own pleasure!
|
This means you can break everything so use at your own pleasure!
|
||||||
|
|
||||||
The user can set functions against the following.
|
The user can set functions against the following.
|
||||||
@ -35,7 +35,7 @@ The user can set functions against the following.
|
|||||||
|
|
||||||
* AuthorisationMiddleware - This overrides Ocelots authorisation middleware.
|
* AuthorisationMiddleware - This overrides Ocelots authorisation middleware.
|
||||||
|
|
||||||
* PreQueryStringBuilderMiddleware - This alows the user to manipulate the query string on the http request before it is passed to Ocelots request creator.
|
* PreQueryStringBuilderMiddleware - This allows the user to manipulate the query string on the http request before it is passed to Ocelots request creator.
|
||||||
|
|
||||||
Obviously you can just add middleware as normal before the call to app.UseOcelot() It cannot be added
|
Obviously you can just add middleware as normal before the call to app.UseOcelot() It cannot be added
|
||||||
after as Ocelot does not call the next middleware.
|
after as Ocelot does not call the next middleware.
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user