summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
-rw-r--r--package.json2
-rw-r--r--server/nginx.template56
2 files changed, 1 insertions, 57 deletions
diff --git a/package.json b/package.json
index e8d7439..cbd5fd0 100644
--- a/package.json
+++ b/package.json
@@ -2,7 +2,7 @@
"name": "frontend",
"version": "0.0.0",
"scripts": {
- "openapi": "openapi-generator-cli generate --generator-key v3.0",
+ "openapi": "npx openapi-generator-cli generate --generator-key v3.0",
"ng": "./node-modules/.bin/ng",
"prestart": "npm run openapi",
"start": "ng serve -- --proxy-config staging.proxy.config.json --host 0.0.0.0 --port 80 --disable-host-check",
diff --git a/server/nginx.template b/server/nginx.template
index 2b8edd0..e3dd750 100644
--- a/server/nginx.template
+++ b/server/nginx.template
@@ -1,17 +1,6 @@
-# Log format for onap logging
-log_format onap_logging '"$request_body"';
-
-lua_package_path '/usr/local/openresty/lualib/?.lua;;';
-# cache for discovery metadata documents
-lua_shared_dict discovery 1m;
-# cache for JWKs
-lua_shared_dict jwks 1m;
-
# if run in local docker container add this resolver for the DNS to connect to Keycloak
resolver ${CLUSTER_NAMESERVER_IP};
-error_log logs/error.log error;
-
server {
listen ${NGINX_PORT};
@@ -50,51 +39,6 @@ server {
proxy_set_header X-Forwarded-Port $server_port;
proxy_set_header X-Forwarded-Proto $scheme;
}
-
- location = /onap_logging {
- access_by_lua '
- local openidc = require("resty.openidc");
- -- uncomment for logging next line
- -- openidc.set_logging(nil, { DEBUG = ngx.DEBUG });
- local opts = {
- discovery = "${KEYCLOAK_INTERNAL_URL}/auth/realms/${KEYCLOAK_REALM}/.well-known/openid-configuration",
-
- -- the signature algorithm that you expect has been used;
- -- can be a single string or a table.
- -- You should set this for security reasons in order to
- -- avoid accepting a token claiming to be signed by HMAC
- -- using a public RSA key.
- -- token_signing_alg_values_expected = { "HS256" },
-
- -- if you want to accept unsigned tokens (using the
- -- "none" signature algorithm) then set this to true.
- accept_none_alg = false,
-
- -- if you want to reject tokens signed using an algorithm
- -- not supported by lua-resty-jwt set this to false. If
- -- you leave it unset, the token signature will not be
- -- verified at all.
- accept_unsupported_alg = false
- }
- -- call introspect for OAuth 2.0 Bearer Access Token validation
- local res, err = require("resty.openidc").bearer_jwt_verify(opts)
-
- if err then
- ngx.status = 403
- ngx.say(err)
- ngx.exit(ngx.HTTP_FORBIDDEN)
- end
-
- ';
- access_log /dev/stdout onap_logging;
- proxy_pass http://portal-ui/onap_logging_proxy;
- proxy_http_version 1.1;
- }
-
- location = /onap_logging_proxy {
- access_log off;
- return 200 'Message logged';
- }
}
##