A Kong plugin that enables an extra HTTP POST requests before proxying the original.
based on https://github.com/pantsel/kong-middleman-plugin and https://github.com/mdemou/kong-middleman
In some cases, you may need to validate a request to a separate server or service using custom logic before Kong proxies it to your API. Middleman enables you to do that by allowing you to make an extra HTTP requests before calling an API endpoint.
list of change :
- Update for kong v2
- move json.lua to https://github.com/rxi/json.lua
- Update schema for v2
- add config for include certificate (default false)
- add config for include credential (default false)
- add config for include route (default false)
- add config for include consumer (default false)
- change payload :
- add certificate (resty_kong_tls.get_full_client_certificate_chain())
- add credential (kong.client.get_credential())
- add route (kong.router.get_route() and kong.router.get_service())
- add consumer (kong.client.get_consumer())
- rename uri_args to params
- rename body data to body
- no json.encode if headers["content-type"] == 'application/json'
- move body, headers and params in request field
payload :
local payload = {
['certificate'] = certificate,
['consumer'] = consumer,
['credential'] = credential,
['kong_routing'] = kong_routing,
['request'] = {
['headers'] = headers,
['params'] = params,
['body'] = json_body,
}
}WIP
You can add the plugin on top of an API by executing the following request on your Kong server:
$ http POST :8001/services/{api}/plugins name=middleman-advanced config:='{ "services": [{"url": "http://myserver.io/validate", "response": "table", "timeout": 10000, "keepalive": 60000}]}'| form parameter | default | description |
|---|---|---|
name |
The name of the plugin to use, in this case: middleman |
|
config.servicesrequired |
The list of services witch the plugin make a JSON POST |
| form parameter | default | description |
|---|---|---|
urlrequired |
The URL to which the plugin will make a JSON POST request before proxying the original request. |
|
responserequired |
table | The type of response the middleman service is going to respond with |
timeout |
10000 | Timeout (miliseconds) for the request to the URL specified above. Default value is 10000. |
keepalive |
60000 | Keepalive time (miliseconds) for the request to the URL specified above. Default value is 60000. |
include_cert |
false | Include the original certificate in JSON POST |
include_credential |
false | Include the credential in JSON POST |
include_consumer |
false | Include the consumer in JSON POST |
include_route |
false | Include the route in JSON POST |
Middleman will execute a JSON POST request to the specified url with the following body:
JSON POST
| Attribute | Description |
|---|---|
certificate |
The certificate of the original request if include_credential see resty_kong_tls.get_full_client_certificate_chain() |
consumer |
The consumer of the original request see kong.client.get_consumer() |
credential |
The consumer of the original request see kong.client.get_credential() |
kong_routing |
The kong_routing of the original request see kong.router.get_route() and kong.router.get_service() |
request |
The request of the original request see the next table : request |
Request
| Attribute | Description |
|---|---|
body |
The body of the original request |
params |
The url arguments of the original request |
headers |
The headers of the original request |
In the scope of your own endpoint, you may validate any of these attributes and accept or reject the request according to your needs. If an HTTP response code of 299 or less is returned, the request is accepted. Any response code above 299 will cause the request to be rejected.
David TOUZET
The MIT License (MIT) ===================== Copyright (c) 2020 David TOUZET THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE SOFTWARE.