zoukankan      html  css  js  c++  java

  • orange---openresty.---authorization,-129.0.1.227,jwt


    需要有一个类似于API网关的中间件来做API的管理工作,也就是API的实现方面更多的考虑业务逻辑,安全、性能、监控可以交由网关来做(如下图所示,下图根据Kong官方文档修改)

    通过MySQL存储来简单支持集群部署

    支持多种条件匹配和变量提取

    支持通过自定义插件方式扩展功能

    默认内置六个插件

    全局状态统计

    自定义监控

    URL重写

    URI重定向

    简单防火墙

    代理、ABTesting、分流

    1.227: ----orange install


    docker pull mysql:5.7
    docker pull syhily/orange


    docker run --name orange-database -d -e MYSQL_ROOT_PASSWORD=your_root_pwd -p 3306:3306 mysql:5.7
    docker exec -it orange-database /bin/bash

    mysql -u root -p

    CREATE DATABASE orange;
    CREATE USER 'orange'@'%' IDENTIFIED BY 'orange';
    GRANT ALL PRIVILEGES ON orange.* TO 'orange'@'%';

    docker run -d --name orange
    --link orange-database:orange-database
    -p 7777:7777
    -p 8888:8888
    -p 9999:9999
    --security-opt seccomp:unconfined
    -e ORANGE_DATABASE=orange
    -e ORANGE_HOST=orange-database
    -e ORANGE_PORT=3306
    -e ORANGE_USER=orange
    -e ORANGE_PWD=orange
    syhily/orange

    https://github.com/sumory/orange/issues?utf8=%E2%9C%93&q=auth

    测试
    后台管理
    http://localhost:9999
    Api service
    http://localhost:7777/
    实际使用转发Url
    http://localhost:8888

    https://github.com/sumory/orange

    basic-author
    wget --http-username=llq --http-password=1234 http://129.0.1.227:8888/api/test
    curl -u llq:1234 http://129.0.1.227:8888/api/test
    Authorization: Basic bGxxOjEyMzQ=
    wget --header 'Authorization: Basic bGxxOjEyMzQ=' http://129.0.1.227:8888/api/test

    md5;
    https://github.com/sumory/orange/issues/72

    You can use the hmac module in python to key-hash a message. More info here.

    Here's a sample program:

    import hmac
    import md5

    hash_key = 'secret hashing key'
    hash = hmac.new(hash_key, 'this is the text to be hashed', md5)
    value = hash.digest()
    print hash.hexdigest()


    I found a way to use a secret key authentication called HMAC (Hashed Message Authentication Code) and it
    echo -n 'value' | openssl dgst -md5 -hmac 'key'
    echo -n 'value' | openssl dgst -md5 -hmac 'key'

    http://129.0.1.227:8888/httpmd5?uuid=akdflja1299330aa&pjcid=11111&sig= md5(uuid+pjcid+secret key)
    akdflja1299330aa11111111111

    akdflja1299330aa11111111111

    echo -n 'akdflja1299330aa11111111111' | openssl dgst -md5 -hmac '111111'

    http://129.0.1.227:8888/httpmd5?uuid=akdflja1299330aa&pjcid=11111&sig=1b04d8da6b7fb39c285b1463842fcd12


    对应的请求是

    http://domain.com/xxxxx?uuid=akdflja1299330aa&pjcod=11111&sig= md5(uuid+pjcod+secret key)

     http://orange.sumory.com/docs/

    http://www.pangxieke.com/share/install-orange-api-gateway-by-docker.html


    jwt:
    https://segmentfault.com/a/1190000015677681
  • 相关阅读:
    L378 Scientifically, this is the best age for you to lead
    L376 Unleashing Your True Potential
    L375 爱情和事业平衡
    L374 企鹅
    2019-05-12 L373 英国要被淹
    2019-05-10 Business Meeting-Meeting Notice
    子类能不能继承父类的成员变量
    Java 重写(Override)与重载(Overload)
    java 类访问权限
    IS-A 和 HAS-A
  • 原文地址:https://www.cnblogs.com/SZLLQ2000/p/10715194.html
Copyright © 2011-2022 走看看