如何解决为什么我的 kong gateway api 没有授权 web 服务访问微服务?
我在 Docker 容器中设置了一个 kong 实例,我在其中配置了 4 个具有多个路由的服务,应用了 key-auth 和 jwt 插件。如果我请求传递与消费者关联的密钥以访问微服务,我会收到来自 Postman 的 200 个响应和一个用 Python 编写的测试脚本,但是来自 Web 服务器(真正的消费者)它告诉我我没有被授权( 401)。如果消费者是网络服务器,GATEWAY API 有什么特殊配置吗?
GATEWAY API 的配置由 Python 脚本自动完成。
import requests
import json
def elements_register(setting_data):
for service in setting_data['services']:
service_id = service.copy()
del service_id['plugins']
requests.post('http://kong:8001/services',data = service_id)
url_route = 'http://kong:8001/services/' + service.get('name').strip() + '/routes'
if service.get('name') == 'example1-server':
routes_data = {'hosts': 'myservice:55000/api','paths': ['/' + service.get('name').strip(),'/' + service.get('name').strip() + '/auth/singin','/' + service.get('name').strip() + '/auth/singup']}
elif service.get('name') == 'example2-server':
routes_data = {'hosts': 'https://myservice:44000/api','/' + service.get('name').strip() + '/room']}
elif service.get('name') == 'example3-server':
routes_data = {'hosts': 'https://myservice:3005/api','paths': ['/' + service.get('name').strip()]}
elif service.get('name') == 'example4-server':
routes_data = {'hosts': 'https://myservice:8888/api','/' + service.get('name').strip() + '/files/','/' + service.get('name').strip() + '/file/']}
requests.post(url_route,data = routes_data)
url_plugins_services = 'http://kong:8001/services/' + service.get('name').strip() + '/plugins'
json_route = requests.get(url_route)
json_route = json_route.json()
json_route = json_route['data'][0]
id_route = json_route['id']
url_plugins_routes = 'http://kong:8001/routes/' + id_route + '/plugins'
if service.get('plugins') == 'key-auth':
plugins_json = {'name':'key-auth','config.key_names':"apikey",'config.key_in_body':'true'}
elif service.get('plugins') == 'jwt':
plugins_json = {'name':'jwt'}
requests.post(url_plugins_services,data = plugins_json)
requests.post(url_plugins_routes,data = plugins_json)
headers = {'Content-Type': 'application/x-www-form-urlencoded',}
secret_server_auth = {'secret': 'mysecret',}
for consumer in setting_data['consumers']:
requests.post('http://kong:8001/consumers',data = consumer)
url_consumer_key_auth = 'http://kong:8001/consumers/' + consumer.get('username').strip() + '/key-auth'
url_consumer_jwt = 'http://kong:8001/consumers/' + consumer.get('username').strip() + '/jwt'
requests.post(url_consumer_key_auth)
requests.post(url_consumer_jwt,headers= headers,data = secret_server_auth)
def main():
with open('settings.json') as json_file:
setting_data = json.load(json_file)
consumers = requests.get('http://kong:8001/consumers').json()['data']
deleted_consumers = []
for consumer in consumers:
consumer_name = consumer['username']
registered_consumers_names = map(lambda x: x['username'],setting_data['consumers'])
list_registered_consumers_names = list(registered_consumers_names).copy()
if consumer_name in list_registered_consumers_names and not (consumer_name in deleted_consumers):
idx = list_registered_consumers_names.index(consumer_name)
deleted_consumers.append(setting_data['consumers'].pop(idx))
elements_register(setting_data)
if __name__ == '__main__':
main()
服务和消费者的信息以json格式传递。
{
"services": [
{
"name": "example1-server","url": "http://myservice:55000/api","plugins" : "key-auth"
},{
"name": "example2-server","url": "https://myservice:8888/api","plugins": "jwt"
},{
"name": "example3-server","url": "https://myservice.io:44000/api",{
"name": "example4-server","url": "https://myservice:3005/api","plugins": "jwt"
}
],"consumers": [
{
"username": "front1"
},{ "username": "front2"
}
]
}
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。