Shulou(Shulou.com)05/31 Report--

This article will explain in detail how to use Kong serverless plug-in. The quality of the article is high, so Xiaobian shares it with you as a reference. I hope you have a certain understanding of relevant knowledge after reading this article.

overview

Kong's serverless plug-in can execute lua code dynamically during the life cycle of a request.

Example 1

Here's an example of removing jsessionid from a request url.

The request now has the following url causing the backend service to report an error: pc/courses/jcqzf9dc;jsessionid=94DB14C127698FCAFEA6599AEE93C252/last-chapter. The jsessionid appears in urls because tomcat urls are rewritten when browsers do not support cookies. In fact, even if there is a url; jsessionid=xxxxx, in tomcat, spring boot architecture is no problem, but the back-end framework uses spring security, spring security has some security requirements, by default is not allowed to url with sessionid to maintain the session, the error message is: The request was rejected because the URL contained a potentially malicious String ";". Since the backend service is stateless and uses jwt for authentication, cookies and sessions are not required at all, this sessionid may be caused by older authentication services.

Unable to find the cause temporarily. The service in error is proxied by gateway. As a gateway, rewriting request is a very common function. Usually existing plug-ins only provide simple functions such as adding, deleting and modifying query parameters, header, body, etc., but they are powerless in the above cases. Dynamically execute your own code through serverless plug-ins, using the following code during the access phase:

local url = ngx.var.upstream_uri; local sessionLength = 32; local start, last = string.find(url, ";jsessionid="); if start ~= nil then local newUrl = string.sub(url, 0, start - 1) .. string.sub(url, last + 1 + sessionLength); kong.log.err("delete url jsessionid, original url: ", url, "modified: ", newUrl); ngx.var.upstream_uri = newUrl; end

Delete jsessionid wherever it appears in url and modify upstream_uri. In the access phase, after matching the route, before forwarding to the upstream service, the prefix of the matching route has been deleted. To modify the url forwarded to the upstream service, modify the value of the variable ngx.var.upstream_uri. Although lua code does not require a semicolon ending, it must be semicolon to execute as a piece of code in serverless. Paste the above code in the access phase of the pre-function plug-in to solve the above problem quickly, effectively and without updates.

Example 2

No back-end timing service.

Suppose that the gateway needs to provide an interface to get the current timestamp. The access stage is after matching to the route, before forwarding to the upstream service for processing. Using the serverless plug-in, fill in the following code during the access phase:

return kong.response.exit(200,{timestamp=os.time()})

Configure a service, this service address can be written freely, because the request will not be forwarded to this address at all, and the response will be returned during the access phase. Then configure the routing address to/time to return the current timestamp.

About Kong serverless plug-in how to use it to share here, I hope the above content can be of some help to everyone, you can learn more knowledge. If you think the article is good, you can share it so that more people can see it.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.