orange---openresty.---authorization,-129.0.1.227,jwt


需要有一个类似于API网关的中间件来做API的管理工作,也就是API的实现方面更多的考虑业务逻辑,安全、性能、监控可以交由网关来做(如下图所示,下图根据Kong官方文档修改)

通过MySQL存储来简单支持集群部署

支持多种条件匹配和变量提取

支持通过自定义插件方式扩展功能

默认内置六个插件

全局状态统计

自定义监控

URL重写

URI重定向

简单防火墙

代理、ABTesting、分流

1.227: ----orange install


docker pull mysql:5.7
docker pull syhily/orange


docker run --name orange-database -d -e MYSQL_ROOT_PASSWORD=your_root_pwd -p 3306:3306 mysql:5.7
docker exec -it orange-database /bin/bash

mysql -u root -p

CREATE DATABASE orange;
CREATE USER 'orange'@'%' IDENTIFIED BY 'orange';
GRANT ALL PRIVILEGES ON orange.* TO 'orange'@'%';

docker run -d --name orange
--link orange-database:orange-database
-p 7777:7777
-p 8888:8888
-p 9999:9999
--security-opt seccomp:unconfined
-e ORANGE_DATABASE=orange
-e ORANGE_HOST=orange-database
-e ORANGE_PORT=3306
-e ORANGE_USER=orange
-e ORANGE_PWD=orange
syhily/orange

https://github.com/sumory/orange/issues?utf8=%E2%9C%93&q=auth

测试
后台管理
http://localhost:9999
Api service
http://localhost:7777/
实际使用转发Url
http://localhost:8888

https://github.com/sumory/orange

basic-author
wget --http-username=llq --http-password=1234 http://129.0.1.227:8888/api/test
curl -u llq:1234 http://129.0.1.227:8888/api/test
Authorization: Basic bGxxOjEyMzQ=
wget --header 'Authorization: Basic bGxxOjEyMzQ=' http://129.0.1.227:8888/api/test

md5;
https://github.com/sumory/orange/issues/72

You can use the hmac module in python to key-hash a message. More info here.

Here's a sample program:

import hmac
import md5

hash_key = 'secret hashing key'
hash = hmac.new(hash_key, 'this is the text to be hashed', md5)
value = hash.digest()
print hash.hexdigest()


I found a way to use a secret key authentication called HMAC (Hashed Message Authentication Code) and it
echo -n 'value' | openssl dgst -md5 -hmac 'key'
echo -n 'value' | openssl dgst -md5 -hmac 'key'

http://129.0.1.227:8888/httpmd5?uuid=akdflja1299330aa&pjcid=11111&sig= md5(uuid+pjcid+secret key)
akdflja1299330aa11111111111

akdflja1299330aa11111111111

echo -n 'akdflja1299330aa11111111111' | openssl dgst -md5 -hmac '111111'

http://129.0.1.227:8888/httpmd5?uuid=akdflja1299330aa&pjcid=11111&sig=1b04d8da6b7fb39c285b1463842fcd12


对应的请求是

http://domain.com/xxxxx?uuid=akdflja1299330aa&pjcod=11111&sig= md5(uuid+pjcod+secret key)

 http://orange.sumory.com/docs/

http://www.pangxieke.com/share/install-orange-api-gateway-by-docker.html


jwt:
https://segmentfault.com/a/1190000015677681

【推广】 免费学中医,健康全家人
原文地址:https://www.cnblogs.com/SZLLQ2000/p/10715194.html