Skip to content
Snippets Groups Projects
Commit 1746a763 authored by Fabian Seidl's avatar Fabian Seidl
Browse files

Resolve "Change the way user credentials for authz are provided to not be in context"

See merge request !794
parent 9c7cf3a5
No related branches found
No related tags found
1 merge request!794Resolve "Change the way user credentials for authz are provided to not be in context"
Pipeline #187029 passed
...@@ -80,7 +80,10 @@ The `goSDN` controllers core - also called `nucleus` - is a lightweight library ...@@ -80,7 +80,10 @@ The `goSDN` controllers core - also called `nucleus` - is a lightweight library
that manages principal network domains and provides southbound interface that manages principal network domains and provides southbound interface
operations for managed network elements. operations for managed network elements.
In addition, we provide a simple Northbound-API for the controller [right here](https://code.fbi.h-da.de/danet/gosdn/-/tree/master/controller/api). In addition, we provide a simple Northbound-API (gRPC) for the controller [right here](https://code.fbi.h-da.de/danet/gosdn/-/tree/master/controller/api).
The gRPC services can also be reached using HTTP requests via the gRPC-Gateway. The fitting OpenAPI definitions can be found [here](https://code.fbi.h-da.de/danet/gosdn/-/tree/master/api/openapiv2?ref_type=heads). Note, that this is experimental and tested less well. If you want to use the controller in secure mode which implies it's mandatory to login and provide the received token in other requests via the HTTP header with the key-value pair:
`"authorize: token"`.
### Principal Networking Domain (PND) ### Principal Networking Domain (PND)
......
...@@ -42,7 +42,9 @@ func run() error { ...@@ -42,7 +42,9 @@ func run() error {
// Register gRPC server endpoint // Register gRPC server endpoint
// Note: Make sure the gRPC server is running properly and accessible // Note: Make sure the gRPC server is running properly and accessible
mux := runtime.NewServeMux() mux := runtime.NewServeMux(
runtime.WithIncomingHeaderMatcher(customHeaderMatcher),
)
err := registerHttpHandler(mux) err := registerHttpHandler(mux)
...@@ -162,3 +164,14 @@ func metricsHandler(mux *runtime.ServeMux) error { ...@@ -162,3 +164,14 @@ func metricsHandler(mux *runtime.ServeMux) error {
return nil return nil
} }
// customHeaderMatcher passes custom key-value pairs within headers to be added to the outgoing context of gRPC-Gateway.
// Use "authorize: token" in header for authorization after login.
func customHeaderMatcher(key string) (string, bool) {
switch key {
case "Authorize":
return key, true
default:
return runtime.DefaultHeaderMatcher(key)
}
}
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment