将所有 headers 从上游重定向到 nginx 中的另一个位置
Redirect all the headers from upstream to another location in nginx
你能告诉我是否可以将 nginx 中的 all 中的 headers 从上游 /auth_gateway 重定向到 /connection。
我的请求和nginx配置
curl -silent -include -X 'GET' -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJZa0hadkt5YUJuNU9oaVF6d3kxWXduNFBHYm5RSDV0aDh1ZkhOWHZiTVdrIn0' -H 'x-realy-company: google' -H 'x-realy-request-id: 12545787' https://mycooldomain.org/connection/
新增headers将在授权服务上添加/auth_gateway,如x-realy-privileges、x-realy-user等
location ~* ^/connection/ {
if ($http_authorization !~ "^Bearer .{20,}"){
return 403 "Not authorized";
}
auth_request /auth_gateway;
auth_request_set $auth_status $upstream_status;
proxy_pass http://10.xx.xx.xx:8080;
}
location = /auth_gateway {
proxy_pass http://10.xx.xx.xx:8081/authorize;
proxy_set_header X-Original-URI $request_uri;
}
x-realy-user: da82fe4b-d0ef-477e-a3d1-facc78b605c7
x-realy-privileges: 1,2,3,4,5,6,7,8,9,10
x-realy-global-roles: ROLE_OPERATOR
x-realy-okt-id: da82fe4b-d0ef-477e-a3d1
这些 headers 是从 Bearer 授权令牌中提取的,我想将它们重定向到 /connection
感谢并提前!
好吧,我是通过 lua 模块完成的。我希望这对以后的人有所帮助。
完整代码在这里
location ~* ^/connection/ {
if ($http_authorization !~ "^Bearer .{20,}"){
return 403 "Not authorized";
}
auth_request /auth_gateway;
auth_request_set $auth_status $upstream_status;
rewrite_by_lua_block {
local res1 = ngx.location.capture("/auth_gateway", {method=ngx.HTTP_GET, args=args})
local concat = table.concat
for name, value in pairs(res1.header) do
if type(value) == "table" then
ngx.req.set_header(name, concat(value, ", "))
else
ngx.req.set_header(name, value)
end
end
}
proxy_pass http://10.xx.xx.xx:8080;
}
location = /auth_gateway {
proxy_pass http://10.xx.xx.xx:8081/authorize;
proxy_set_header X-Original-URI $request_uri;
}
你能告诉我是否可以将 nginx 中的 all 中的 headers 从上游 /auth_gateway 重定向到 /connection。 我的请求和nginx配置
curl -silent -include -X 'GET' -H 'Authorization: Bearer eyJhbGciOiJSUzI1NiIsInR5cCIgOiAiSldUIiwia2lkIiA6ICJZa0hadkt5YUJuNU9oaVF6d3kxWXduNFBHYm5RSDV0aDh1ZkhOWHZiTVdrIn0' -H 'x-realy-company: google' -H 'x-realy-request-id: 12545787' https://mycooldomain.org/connection/
新增headers将在授权服务上添加/auth_gateway,如x-realy-privileges、x-realy-user等
location ~* ^/connection/ {
if ($http_authorization !~ "^Bearer .{20,}"){
return 403 "Not authorized";
}
auth_request /auth_gateway;
auth_request_set $auth_status $upstream_status;
proxy_pass http://10.xx.xx.xx:8080;
}
location = /auth_gateway {
proxy_pass http://10.xx.xx.xx:8081/authorize;
proxy_set_header X-Original-URI $request_uri;
}
x-realy-user: da82fe4b-d0ef-477e-a3d1-facc78b605c7
x-realy-privileges: 1,2,3,4,5,6,7,8,9,10
x-realy-global-roles: ROLE_OPERATOR
x-realy-okt-id: da82fe4b-d0ef-477e-a3d1
这些 headers 是从 Bearer 授权令牌中提取的,我想将它们重定向到 /connection
感谢并提前!
好吧,我是通过 lua 模块完成的。我希望这对以后的人有所帮助。
完整代码在这里
location ~* ^/connection/ {
if ($http_authorization !~ "^Bearer .{20,}"){
return 403 "Not authorized";
}
auth_request /auth_gateway;
auth_request_set $auth_status $upstream_status;
rewrite_by_lua_block {
local res1 = ngx.location.capture("/auth_gateway", {method=ngx.HTTP_GET, args=args})
local concat = table.concat
for name, value in pairs(res1.header) do
if type(value) == "table" then
ngx.req.set_header(name, concat(value, ", "))
else
ngx.req.set_header(name, value)
end
end
}
proxy_pass http://10.xx.xx.xx:8080;
}
location = /auth_gateway {
proxy_pass http://10.xx.xx.xx:8081/authorize;
proxy_set_header X-Original-URI $request_uri;
}