diff options
Diffstat (limited to 'msb-core/openresty-ext')
16 files changed, 246 insertions, 20 deletions
diff --git a/msb-core/openresty-ext/pom.xml b/msb-core/openresty-ext/pom.xml index 09b6bca..8685fb2 100644 --- a/msb-core/openresty-ext/pom.xml +++ b/msb-core/openresty-ext/pom.xml @@ -1,7 +1,7 @@ <?xml version="1.0" encoding="UTF-8"?> <!-- - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/customrouter.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/customrouter.lua index d6b67f3..46d0b8a 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/customrouter.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/customrouter.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/execute_auth.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/execute_auth.lua index c8ea047..946f561 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/execute_auth.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/execute_auth.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/msbconf.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/msbconf.lua index de8a402..48b04c7 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/msbconf.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/msbconf.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoadminrouter.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoadminrouter.lua index d2f0895..938a017 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoadminrouter.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoadminrouter.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapijsonrouter.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapijsonrouter.lua index 1a061f0..9255a65 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapijsonrouter.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapijsonrouter.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapirouter.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapirouter.lua index 9dec2a9..717bd1a 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapirouter.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openoapirouter.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openouirouter.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openouirouter.lua index 736aacd..c36057e 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openouirouter.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/openouirouter.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/auth.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/auth.lua index 546f1dc..0bec85c 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/auth.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/auth.lua @@ -17,10 +17,149 @@ ]] local _M = {} _M._VERSION = '1.0.0' +local auth_url = '/openoapi/auth/v1'; +local auth_token_url = auth_url..'/tokens'; +local auth_token_key = "X-Auth-Token"; +local redirect_url = "/openoui/auth/v1/login/html/login.html" -function _M.access() - --add your own code here - ngx.log(ngx.INFO, "running auth plugin") +local white_list= { + auth_token_url, + redirect_url, + '/openoui/auth/v1/login/' +}; + +local function verify_value(value) + if (nil == value or 0 == #value) + then + return false; + else + return true; + end +end + +--[[checks str2 starts with str1]]-- +local function starts_with(str1, str2) + return string.sub(str2, 1, string.len(str1)) == str1; end +-- Check and ignore the request if it is from auth module.-- +local function is_white_list(url) + for i, value in ipairs(white_list) + do + if (starts_with(value, url)) + then + return true; + end + end + return false; +end + +local function set_header(tokens) + for key,value in pairs(tokens) + do + ngx.log (ngx.ERR, "Headers: ", key, value); + ngx.req.set_header(key, value); + end + +end +--[[ validates the token with auth ]]-- +local function validate_token(tokens) + -- auth expects the token in header. + set_header(tokens); + -- call auth token check url to validate. + local res = ngx.location.capture(auth_token_url, { method = ngx.HTTP_HEAD}); + ngx.log (ngx.ERR, "Auth Result:", res.status); + if (nil == res) + then + return false; + end + return (ngx.HTTP_OK == res.status); +end + +--[[ get auth token from cookies ]]-- +local function get_cookies() + local cookie_name = "cookie_"..auth_token_key; + local auth_token = ngx.var[cookie_name]; + local tokens = {}; + -- verify whether its empty or null. + if (verify_value(auth_token)) + then + ngx.log(ngx.ERR, "token : ", auth_token ); + tokens[auth_token_key] = auth_token; + end + return tokens; +end + +local function get_service_url() + -- get host. + local host = ngx.var.host; + --get port + local port = ":"..ngx.var.server_port; + local proto = ""; + --get protocol + if (ngx.var.https == "on") + then + proto = "https://"; + else + proto = "http://"; + end + --get url + local uri = ngx.var.rui; + --form complete service url. + --local complete_url = proto..host..port..url + local complete_url = uri; + local service = "?service=" + --add arguments if any. + if ngx.var.args ~= nil + then + complete_url = complete_url.."?"..ngx.var.args; + end + ngx.log(ngx.ERR, "service url : ", complete_url); + return service..ngx.escape_uri(complete_url); +end + +local function redirect(url) + local service = get_service_url(); + ngx.log(ngx.ERR, "redirect: ", url..service); + ngx.redirect(url..service); +end + +function _M.access() + + ngx.log(ngx.ERR, "==============start check token===============: "); + local url = ngx.var.uri; + ngx.log(ngx.ERR, "Url : ", url); + + -- ignore token validation if auth request. + if (is_white_list(url)) + then + return; + end + + + + -- get auth token from cookies. + local auth_tokens = get_cookies(); + + -- check if auth token is empty, + -- redirect it to login page in that case. + if (nil == next(auth_tokens)) + then + ngx.log(ngx.ERR, "Token Invalidate, redirect to ", redirect_url); + redirect(redirect_url); + return; + end + + -- validate the token with auth module. + -- continue if success, else redirect to login page. + if(validate_token(auth_tokens)) + then + ngx.log(ngx.ERR, "Token Validate."); + return; + else + redirect(redirect_url); + end + ngx.log(ngx.INFO, "running auth plugin") + end + return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/driver_manager.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/driver_manager.lua index d337a25..4caa9e2 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/driver_manager.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/plugins/driver_manager.lua @@ -17,11 +17,98 @@ ]] local _M = {} _M._VERSION = '1.0.0' +local _HEADER = "X-Driver-Parameter" + +--extract driver header if present in request +local function get_driver_header() + local header = "" + local driver_header = ngx.req.get_headers()[_HEADER] + if (driver_header ~= nil) + then + header = driver_header + end + return header +end + +-- generate query url +local function get_query_url(x_driver_header) + local drivermgr_uri = '/openoapi/drivermgr/v1/drivers' + local url = drivermgr_uri.."?".._HEADER.."="..tostring(ngx.escape_uri(x_driver_header)).."&service_url="..ngx.var.uri + return url +end + +-- generate driver url +local function get_driver_url(driver_header) + local cjson = require "cjson" + local query_url = get_query_url(driver_header) + local res = ngx.location.capture(query_url, { method = ngx.HTTP_GET}) + ngx.log (ngx.ERR, "Driver manager resp url : ", tostring(res.body)) + if (res.status == 200 and res.body ~= nil and res.body ~= '') + then + return tostring(cjson.new().decode(res.body).url) + else + return '' + end +end + +-- get headers +local function get_headers() + local headers = {} + local h = ngx.req.get_headers() + for k, value in pairs(h) + do + headers[k] = value + end + return headers +end + +local function get_body_params() + ngx.req.read_body() + local actual_body = "" + local body_param = ngx.req.get_body_data() + if(body_param ~= nil) + then + actual_body = tostring(body_param) + end + return actual_body +end function _M.access() - ngx.log(ngx.INFO, "running driver_manager plugin") - --add your own code here - --choose the right backend server,and then tell nginx, e.g. ngx.var.backend = XX.XX.XX.XX:8888 + ngx.log(ngx.ERR, "DRIVER MANAGER LUA", "***********************") + + -- extract X-Driver-Parameter header param + local driver_header = get_driver_header() + ngx.log(ngx.ERR, "X-Driver-Parameter: ", driver_header) + + + -- ignore driver redirection if not driver manager request. + if (driver_header ~= "") + then + + local driver_url = get_driver_url(driver_header) + ngx.log (ngx.ERR, "Driver manager URl:: ", driver_url) + + local http = require "resty.http" + local actual_headers = get_headers() + local actual_body = get_body_params() + + ngx.log(ngx.ERR, "HTTP request to driver... ", " Request to driver manager") + local res, err = http.new():request_uri(driver_url, { + method = ngx.req.get_method(), + body = actual_body, + headers = actual_headers + }) + + if not res then + ngx.say("Request to driver failed : ", err) + return + end + ngx.log(ngx.ERR, "Response from driver : ", tostring(res.body)) + ngx.say(res.body) + + else + ngx.log(ngx.ERR, "X-Driver-Parameter not present", " Redirect to same url") + end end return _M
\ No newline at end of file diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/setnocacheflag.lua b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/setnocacheflag.lua index e8c75cd..8b57660 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/setnocacheflag.lua +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/nginx/luaext/setnocacheflag.lua @@ -1,6 +1,6 @@ --[[ - Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. + Copyright 2016 ZTE Corporation. Licensed under the Apache License, Version 2.0 (the "License"); you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/reload.sh b/msb-core/openresty-ext/src/assembly/resources/openresty/reload.sh index 644f057..63e6854 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/reload.sh +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/reload.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. +# Copyright 2016 ZTE Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/run.bat b/msb-core/openresty-ext/src/assembly/resources/openresty/run.bat index 17302ce..0efc55a 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/run.bat +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/run.bat @@ -1,5 +1,5 @@ @REM -@REM Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. +@REM Copyright 2016 ZTE Corporation. @REM @REM Licensed under the Apache License, Version 2.0 (the "License"); @REM you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/run.sh b/msb-core/openresty-ext/src/assembly/resources/openresty/run.sh index 5c7dbc8..cdf2d92 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/run.sh +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/run.sh @@ -1,6 +1,6 @@ #!/bin/sh # -# Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. +# Copyright 2016 ZTE Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/stop.bat b/msb-core/openresty-ext/src/assembly/resources/openresty/stop.bat index 9fa6522..3609162 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/stop.bat +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/stop.bat @@ -1,5 +1,5 @@ @REM -@REM Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. +@REM Copyright 2016 ZTE Corporation. @REM @REM Licensed under the Apache License, Version 2.0 (the "License"); @REM you may not use this file except in compliance with the License. diff --git a/msb-core/openresty-ext/src/assembly/resources/openresty/stop.sh b/msb-core/openresty-ext/src/assembly/resources/openresty/stop.sh index c5d0f19..6057d48 100644 --- a/msb-core/openresty-ext/src/assembly/resources/openresty/stop.sh +++ b/msb-core/openresty-ext/src/assembly/resources/openresty/stop.sh @@ -1,6 +1,6 @@ #!/bin/bash # -# Copyright 2016 2015-2016 ZTE, Inc. and others. All rights reserved. +# Copyright 2016 ZTE Corporation. # # Licensed under the Apache License, Version 2.0 (the "License"); # you may not use this file except in compliance with the License. |