Express-Gateway:egContext 下缺少范围 - apiEndpoint.scopes
[英]Express-Gateway: missing scopes under egContext - apiEndpoint.scopes
问题描述
I want to force the add of a filed in the req.body, according to the scope of the credentials.
我想根据凭证的范围强制在 req.body 中添加一个文件。 I have 2 Apps (App1 and App2), and based on who is using my API, I want to programmatically add a field in the req.我有 2 个应用程序(App1 和 App2),根据谁在使用我的 API,我想以编程方式在 req.xml 中添加一个字段。 So credentials of App1 has scope app1 , and app2 in App2's scopes.因此 App1 的凭据在 App2 的范围内具有范围app1和app2 。
Moreover, I have 2 Environments, with different endpoints.此外,我有 2 个环境,具有不同的端点。 Both App has access to both Ends (using different credentials).两个应用程序都可以访问两端(使用不同的凭据)。 So I first choose the Env (using dev_env or my_env scope), then I verify which App is accessing (checking app1 or app2 scope).所以我首先选择 Env(使用dev_env或my_env范围),然后我验证正在访问哪个应用程序(检查app1或app2范围)。
To do that, I use expression apiEndpoint.scopes.indexOf('app1')>=0 .为此,我使用表达式apiEndpoint.scopes.indexOf('app1')>=0 。 that actually is not working, since the condition is always false .这实际上不起作用,因为条件总是false 。 So for debugging purpose, I put the content of apiEndpoint.scopes as additional field in the req.body , to see what there is in that.因此,对于调试目的,我把内容apiEndpoint.scopes作为附加字段中req.body ,看看有什么存在这样。
And I see that apiEndpoint.scopes has just ["my_env"] , not "app1".我看到apiEndpoint.scopes只有["my_env"] ,而不是 "app1"。 Why?为什么?
So I have所以我有
http:
port: ${PORT:-8080}
host: ${HOST:-localhost}
apiEndpoints:
myEndpoint:
host: "*"
scopes: ["my_env"] # I explain just this one here
devEndpoint:
host: "*"
scopes: ["dev_env"]
serviceEndpoints:
myEndpoint:
url: 'https://myserver'
policies:
- basic-auth
- cors
- expression
- key-auth
- request-transformer
- rewrite
- oauth2
- proxy
- rate-limit
pipelines:
myEndpoint:
apiEndpoints:
- myEndpoint
policies:
- request-transformer:
-
condition:
name: allOf
conditions:
- # check if scope 'app1' is present. expression not working
#name: expression
#expression: "apiEndpoint.scopes.indexOf('app1')>=0"
action:
body:
add:
available_scopes: "apiEndpoint.scopes" # debug of available scopes.
And the content of req.body is而 req.body 的内容是
{"available_scopes": ["my_env"]}
'app1' is missing! 'app1' 不见了!
==== update 1 If in req.body.available_scopes field I put "consumer", I got this: ==== 更新 1 如果在req.body.available_scopes字段中我放了“消费者”,我得到了这个:
{
"type": "application",
"isActive": true,
"id": "....",
"userId": "...",
"name": "...",
"company": "...",
"authorizedScopes": [
"my_env"
]
}
So it talks about "authorizedScopes", where are the others?所以它谈到了“authorizedScopes”,其他的呢? How could I see them?我怎么能看到他们? Thanks谢谢
1 个解决方案
解决方案1
0 2020-12-05 19:04:40
You have specified the scopes my_env and dev_env for the apiEndpoints myEndpoint and devEndpoint (respectively), and these are the only scopes Express Gateway expects you to care about, so the other scopes associated with the user/app credential are not exposed.您已经为 apiEndpoints myEndpoint 和 devEndpoint(分别)指定了范围my_env和dev_env ,并且这些是 Express Gateway 希望您关心的唯一范围,因此与用户/应用程序凭据关联的其他范围不会公开。
You could add the app1 and app2 scopes to each path in the config file and then act based on whichever scope is set for the credentials of the connecting app:您可以将 app1 和 app2 范围添加到配置文件中的每个路径,然后根据为连接应用程序的凭据设置的范围进行操作:
apiEndpoints:
myEndpoint:
host: "*"
scopes: ["my_env","app1","app2"]
devEndpoint:
host: "*"
scopes: ["dev_env","app1","app2"]
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.