- Clone
Kong/docker-kongrepo fom Github:[email protected]:Kong/docker-kong.git - Pimp up
docker-compose, as you can see below indocker-compose.yml - Run
docker-compose:cd docker-kong/composeanddocker-compose up
Here we are using ping to check the health of the core-data micro service (core-data operates on port 6543 by default).
http://192.168.10.130:6543/api/v1/ping
Kong listen on IP: 192.168.10.20, ports 8000 and 8001
$ curl -X POST --url http://192.168.10.20:8001/services/ \
-d "name=core-data" \
-d "url=http://192.168.10.130:6543"
{"host":"192.168.10.130","created_at":1542662026,"connect_timeout":60000,"id":"a17d890c-b6d6-4157-ae88-3773aee894ed","protocol":"http","name":"core-data","read_timeout":60000,"port":6543,"path":null,"updated_at":1542662026,"retries":5,"write_timeout":60000}
$ curl -X POST --url http://192.168.10.20:8001/services/core-data/routes --data "paths[]=/core-data"
{"created_at":1542662379,"strip_path":true,"hosts":null,"preserve_host":false,"regex_priority":0,"updated_at":1542662379,"paths":["\/core-data"],"service":{"id":"e7e84380-3d4b-43fb-8910-86f38511af91"},"methods":null,"protocols":["http","https"],"id":"cbc5dce5-472a-4cc5-98f0-dcc9f64d66ad"}
$ curl -i -X GET --url http://192.168.10.20:8000/core-data/api/v1/ping
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 19 Nov 2018 21:24:45 GMT
X-Kong-Upstream-Latency: 2
X-Kong-Proxy-Latency: 0
Via: kong/0.14.1
Pong $ curl-X POST --url http://192.168.10.20:8001/services/core-data/plugins -d "name=jwt"
{"created_at":1542662730000,"config":{"secret_is_base64":false,"key_claim_name":"iss","cookie_names":{},"maximum_expiration":0,"anonymous":"","run_on_preflight":true,"uri_param_names":["jwt"]},"id":"f66ac080-e532-4fe4-bcad-7ed5785f2c3e","enabled":true,"service_id":"e7e84380-3d4b-43fb-8910-86f38511af91","name":"jwt"}
$ curl -i -X GET --url http://192.168.10.20:8000/core-data/api/v1/ping
HTTP/1.1 401 Unauthorized
Date: Mon, 19 Nov 2018 21:25:36 GMT
Content-Type: application/json; charset=utf-8
Connection: keep-alive
Server: kong/0.14.1
Content-Length: 27
{"message":"Unauthorized"}
$ curl -X POST --url http://192.168.10.20:8001/consumers -d "username=felegy"
{"custom_id":null,"created_at":1542662794,"username":"felegy","id":"3ddfab05-a0b6-42f3-b91f-7065795db13d"}
$ curl -X POST --url http://192.168.10.20:8001/consumers/felegy/jwt -H "Content-Type: application/x-www-form-urlencoded"
{"created_at":1542662959000,"id":"4b2d8af5-7d6a-49dc-92ab-bbccdbb36193","algorithm":"HS256","key":"mxjwd8YcXs44xpDvUCiNUtD7FXqehsj9","secret":"wTMoShWJ2t0G7ku8suL0I4h78soWiECv","consumer_id":"3ddfab05-a0b6-42f3-b91f-7065795db13d"}jwt.io helps to create signed and encrypted token:
HEADER:
{
"alg": "HS256",
"typ": "JWT"
}
PAYLOAD:
{
"iss": "mxjwd8YcXs44xpDvUCiNUtD7FXqehsj9",
"username": "felegy"
}
VERIFY SIGNATURE:
HMACSHA256(
base64UrlEncode(header) + "." +
base64UrlEncode(payload),
wTMoShWJ2t0G7ku8suL0I4h78soWiECv
)
and as you can see (on a left side at jwt.io)
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJteGp3ZDhZY1hzNDR4cER2VUNpTlV0RDdGWHFlaHNqOSIsInVzZXJuYW1lIjoiZmVsZWd5In0.vrdQE2s7f7sQPZ20BkQn_9qQl5EW0cqMr1Kl7pU4eMw
$ curl -i -X GET --url http://192.168.10.20:8000/core-data/api/v1/ping -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJteGp3ZDhZY1hzNDR4 cER2VUNpTlV0RDdGWHFlaHNqOSIsInVzZXJuYW1lIjoiZmVsZWd5In0.vrdQE2s7f7sQPZ20BkQn_9qQl5EW0cqMr1Kl7pU4eMw"
HTTP/1.1 200 OK
Content-Type: text/plain; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 19 Nov 2018 21:35:17 GMT
X-Kong-Upstream-Latency: 3
X-Kong-Proxy-Latency: 15
Via: kong/0.14.1
Pong$ curl -i -X GET --url http://192.168.10.20:8000/core-data/api/v1/headers -H "Authorization: Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJteGp3ZDhZY1hzN DR4cER2VUNpTlV0RDdGWHFlaHNqOSIsInVzZXJuYW1lIjoiZmVsZWd5In0.vrdQE2s7f7sQPZ20BkQn_9qQl5EW0cqMr1Kl7pU4eMw"
HTTP/1.1 200 OK
Content-Type: application/json; charset=utf-8
Transfer-Encoding: chunked
Connection: keep-alive
Server: Microsoft-HTTPAPI/2.0
Date: Mon, 19 Nov 2018 21:38:17 GMT
X-Kong-Upstream-Latency: 131
X-Kong-Proxy-Latency: 1
Via: kong/0.14.1[
{
"key": "X-Forwarded-For",
"value": [ "192.168.10.130" ]
},
{
"key": "X-Forwarded-Proto",
"value": [ "http" ]
},
{
"key": "X-Forwarded-Host",
"value": [ "192.168.10.20" ]
},
{
"key": "X-Forwarded-Port",
"value": [ "8000" ]
},
{
"key": "X-Real-IP",
"value": [ "192.168.10.130" ]
},
{
"key": "X-Consumer-ID",
"value": [ "3ddfab05-a0b6-42f3-b91f-7065795db13d" ]
},
{
"key": "X-Consumer-Username",
"value": [ "felegy" ]
},
{
"key": "Connection",
"value": [ "keep-alive" ]
},
{
"key": "Accept",
"value": [ "*/*;q=1" ]
},
{
"key": "Authorization",
"value": [ "Bearer eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJteGp3ZDhZY1hzNDR4cER2VUNpTlV0RDdGWHFlaHNqOSIsInVzZXJuYW1lIjoiZmVsZWd5In0.vrdQE2s7f7sQPZ20BkQn_9qQl5EW0cqMr1Kl7pU4eMw" ]
},
{
"key": "Host",
"value": [ "192.168.10.130:6543" ]
},
{
"key": "User-Agent",
"value": [ "curl/7.55.1" ]
}
]