在 wso2 APIM 中以编程方式添加范围
adding scopes programmatically in wso2 APIM
我可以在 WSO2 APIM 中以编程方式创建作用域吗?
我有一个要求,用户可以通过 UI 创建新角色并将一些权限与新角色相关联。用户将不会使用 WSO2 网络界面;相反,他将使用内部网络应用程序
为此,我必须以编程方式创建范围并将 API 与其相关联。还手动将范围映射到角色。
如何通过 WSO2 APIM 以编程方式创建作用域?
以编程方式对作用域进行哪些可能的操作?
如果不可能,我如何通过 WSO2 处理此类要求?
您可以使用 Publisher REST APIs 来实现。
首先,您需要获取 API.
的 swagger 定义
curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8"
https://127.0.0.1:9443/api/am/publisher/v0.10/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/swagger
你得到的招摇会是这样的。
{
"swagger":"2.0",
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
现在您可以添加新范围并将其附加到 API 的资源,方法是更新您获得的 swagger 文件。
像这样添加了一个新的作用域。
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
}
它可以像这样附加到现有资源。
"x-scope":"new_scope"
那么完整的swagger就是这个样子
{
"swagger":"2.0",
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
},
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"x-scope":"new_scope",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
如果您在名为 'swagger.json' 的文件中有这个 swagger,您可以像这样更新 API 的 swagger。
curl -k -H "Authorization: Bearer b7108a70-3537-34f1-acbb-1c53b99d64dc"
-F "apiDefinition=@swagger.json;filename=swagger.json" -X PUT https://127.0.0.1:9443/api/am/publisher/v0.10/apis/2c5f05b2-0277-42b2-92c5-862750563661/swagger
这将使用新范围更新您的 API。
我可以在 WSO2 APIM 中以编程方式创建作用域吗? 我有一个要求,用户可以通过 UI 创建新角色并将一些权限与新角色相关联。用户将不会使用 WSO2 网络界面;相反,他将使用内部网络应用程序 为此,我必须以编程方式创建范围并将 API 与其相关联。还手动将范围映射到角色。
如何通过 WSO2 APIM 以编程方式创建作用域? 以编程方式对作用域进行哪些可能的操作? 如果不可能,我如何通过 WSO2 处理此类要求?
您可以使用 Publisher REST APIs 来实现。
首先,您需要获取 API.
的 swagger 定义curl -k -H "Authorization: Bearer ae4eae22-3f65-387b-a171-d37eaa366fa8"
https://127.0.0.1:9443/api/am/publisher/v0.10/apis/890a4f4d-09eb-4877-a323-57f6ce2ed79b/swagger
你得到的招摇会是这样的。
{
"swagger":"2.0",
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
现在您可以添加新范围并将其附加到 API 的资源,方法是更新您获得的 swagger 文件。
像这样添加了一个新的作用域。
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
}
它可以像这样附加到现有资源。
"x-scope":"new_scope"
那么完整的swagger就是这个样子
{
"swagger":"2.0",
"x-wso2-security":{
"apim":{
"x-wso2-scopes":[
{
"description":"New scope",
"name":"new_scope",
"roles":"admin",
"key":"new_scope"
}
]
}
},
"paths":{
"/menu":{
"get":{
"x-auth-type":"Application & Application User",
"x-throttling-tier":"Unlimited",
"x-scope":"new_scope",
"description":"Return a list of available menu items",
"parameters":[
],
"responses":{
"200":{
"headers":{
},
"schema":{
"title":"Menu",
"properties":{
"list":{
"items":{
"$ref":"#/definitions/MenuItem"
},
"type":"array"
}
},
"type":"object"
},
"description":"OK."
}
}
}
}
},
"schemes":[
"https"
],
"produces":[
"application/json"
],
"definitions":{
"MenuItem":{
"title":"Pizza menu Item",
"properties":{
"price":{
"type":"string"
},
"description":{
"type":"string"
},
"name":{
"type":"string"
},
"image":{
"type":"string"
}
},
"required":[
"name"
]
}
},
"consumes":[
"application/json"
],
"info":{
"title":"PizzaShackAPI",
"description":"This document describe a RESTFul API for Pizza Shack online pizza delivery store.\n",
"license":{
"name":"Apache 2.0",
"url":"http://www.apache.org/licenses/LICENSE-2.0.html"
},
"contact":{
"email":"architecture@pizzashack.com",
"name":"John Doe",
"url":"http://www.pizzashack.com"
},
"version":"1.0.0"
}
}
如果您在名为 'swagger.json' 的文件中有这个 swagger,您可以像这样更新 API 的 swagger。
curl -k -H "Authorization: Bearer b7108a70-3537-34f1-acbb-1c53b99d64dc"
-F "apiDefinition=@swagger.json;filename=swagger.json" -X PUT https://127.0.0.1:9443/api/am/publisher/v0.10/apis/2c5f05b2-0277-42b2-92c5-862750563661/swagger
这将使用新范围更新您的 API。