API KEY

功能描述

鉴权方式的一种,多用于OpenAPI,设置Apikey参数,不能通过认证的用户将无权访问接口。

OpenAPI配置鉴权及进行请求的示例

配置参数说明

参数名说明是否必填默认值值可能性
name实例名string
driver所使用的鉴权类别"apikey"
description描述string
hide_credentials是否隐藏请求中鉴权密钥的字段falsebool
user密钥列表object_array
user -> apikeyapi密钥string
user -> expire过期时间 类型是unix时间戳 范围>=0 值为0表示永久有效int
user -> labels标签,object中的键值对会被均赋值到通过该密钥鉴权后的请求的上下文中,可被插件使用,例如access-log。object

返回参数说明

参数名类型是否必含说明
idstring实例id
namestring实例名
driverstring驱动名
descriptionstring描述
professionstring模块名
createstring创建时间
updatestring更新时间
hide_credentialsbool是否隐藏请求中鉴权密钥的字段
userobject_array密钥列表

备注:返回体内的user参考请求配置参数,在此不再赘述。

请求中鉴权参数填写位置说明

参数名说明必填值可能性参数位置
Authorization-Type鉴权方式apikey、apikeyauth、apikey-auth、apikey_authHeader
AuthorizationApikey值Header
ApikeyApikey值Body
ApikeyApikey值Query

注意:Apikey在Header、Body、Query三处任意一处添加即可。

全局配置

在使用apikey鉴权插件之前,需要在全局插件配置中将鉴权插件状态设置为enable,具体配置点此跳转

curl -X POST  'http://127.0.0.1:9400/api/setting/plugin' -H 'Content-Type:application/json' -d '{
   "plugins":[{
      "id":"eolinker.com:apinto:auth",
      "name":"myAuth",
      "status":"enable"
   }]
}'

创建鉴权

curl -X POST  \
  'http://127.0.0.1:9400/api/auth' \
  -H 'Content-Type:application/json' \
  -d '{
	"name": "demo_apikey",
	"driver": "apikey",
	"description": "apikey鉴权",
	"user": [{
		"apikey": "apinto",
		"expire": 0
	}, {
		"apikey": "eolinker",
		"expire": 1659776375
	}]
}'
返回结果示例
{
	"create": "2022-06-13 17:46:26",
	"description": "apikey鉴权",
	"driver": "apikey",
	"hide_credentials": false,
	"id": "demo_apikey@auth",
	"name": "demo_apikey",
	"profession": "auth",
	"update": "2022-06-13 17:46:26",
	"user": [{
		"apikey": "apinto",
		"expire": 0,
		"labels": null
	}, {
		"apikey": "eolinker",
		"expire": 1659776375,
		"labels": null
	}]
}
返回的鉴权ID为demo_apikey@auth

创建服务

鉴权id绑定服务:将上一步生成的鉴权id添加至服务plugins配置中的auth数组

备注:匿名服务配置的是apinto官方示例接口,将返回请求的相关信息。

curl -X POST  \
  'http://127.0.0.1:9400/api/service' \
  -H 'Content-Type:application/json' \
  -d '{
	"name": "apikey_service",
	"driver": "http",
	"description": "使用apikey鉴权的服务",
	"timeout": 10000,
	"retry": 3,
	"scheme": "https",
	"nodes": ["demo-apinto.eolink.com:8280"],
	"balance": "round-robin",
	"plugins": {
	  "myAuth": {
		"disable": false,
		  "config": {
			"auth": ["demo_apikey@auth"]
		  }
		}
	  }
    }'
返回的serviceID为apikey_service@service

创建路由

服务id绑定路由:上一步生成的服务id绑定至路由路由的target字段

curl -X POST  \
  'http://127.0.0.1:9400/api/router' \
  -H 'Content-Type:application/json' \
  -d '{
	"name": "apikey_router",
	"driver": "http",
	"description": "该路由的目标服务使用了apikey鉴权",
	"listen": 8099,
	"rules": [{
		"location": "/demo/apikey"
	}],
	"target": "apikey_service@service"
}'

请求示例

curl -X GET  \
  'http://127.0.0.1:8099/demo/apikey' \
  -H 'Content-Type:application/x-www-form-urlencoded' \
  -H 'Authorization-Type:apikey' \
  -H 'Authorization:apinto'

请求返回示例

{
  "body": "",
  "header": {
    "Accept": ["*/*"],
    "Authorization": ["apinto"],
    "Authorization-Type": ["apikey"],
    "Content-Type": ["application/x-www-form-urlencoded"],
    "User-Agent": ["curl/7.68.0"],
    "X-Forwarded-For": ["127.0.0.1,127.0.0.1"]
  },
  "host": "127.0.0.1:8099",
  "method": "GET",
  "path": "/demo/apikey",
  "query": {},
  "remote_addr": "127.0.0.1:1089",
  "url": "/demo/apikey"
}