# Overview
For interfaces exposed through the gateway, routing must be configured.
Permission verification is the authentication of the client requesting the interface to confirm whether it can access the interface.
The client can indicate its identity through the fizz-appid request header, that is, what application it is.
The management background can configure the authentication method of the application. Currently, it supports three methods: md5, key, and custom.
Routes can be associated with applications, i.e. client authentication for access interfaces.
Based on the example of "routing-reverse proxy", the following introduces the definition of the application and the three authentication methods.
# Application definition
Management background definition application client-app-1:
# Configure authentication
# Key authentication
The above configuration: For clients with the request header fizz-appid=client-app-1, the gateway will check whether the fizz-sign request header is the key in the figure.
# md5 certification
The above configuration: gateway MD5 [client-app-1 + fizz-ts (timestamp, milliseconds) + 95c6990e07714a63aba8354fa6544701], check whether the previous value is consistent with the fizz-sign passed by the client.
# customize
Select "Custom plug-in" as the authentication method, inherit AbstractCustomAuth.java in the gateway code, and implement
public abstract Mono<Result<?>> auth(String appId, String ip, String timestamp, String sign, App fizzAppConfig, ServerWebExchange exchange);
// appId: client-app-1
// ip: client ip
// timestamp: fizz-ts
// sign: fizz-sign
// fizzAppConfig: application configuration
The implementation class is marked @Component, and the gateway needs to be restarted, such as:
@Component
public class MyAuth extends AbstractCustomAuth {
@Override
public Mono<Result<?>> auth(String appId, String ip, String timestamp, String sign, App fizzAppConfig, ServerWebExchange exchange) {
if (fizzAppConfig.secretkey.equals(sign)) {
return Mono.just(Result.succ()); // Authentication passed
}
return Mono.just(Result.fail("Incorrect key")); // Respond to the client "Incorrect key"
}
}
# Routing configuration
In the "routing-reverse proxy" example:
After selecting client-app-1 and saving:
After this configuration: only the client-app-1 client can access aservice/a/b, and the gateway will verify the request based on the authentication method of client-app-1.
# Introduction to FizzGate Integration Platform
FizzGate is a microservice aggregation gateway developed based on Java. It can achieve hot service orchestration and aggregation, automatic authorization selection, online service script coding, online testing, high-performance routing, API audit management, callback management, etc., and has powerful customization The plug-in system can be expanded by itself and provides a friendly graphical configuration interface, which can quickly help enterprises manage API services, reduce middle-layer glue codes, reduce coding investment, and improve the stability and security of API services.
Official website: https://www.fizzgate.com (opens new window)
GitHub: https://github.com/fizzgate/fizz-gateway-node (opens new window)
Code cloud: https://gitee.com/fizzgate/fizz-gateway (opens new window)
Getting Started Tutorial: https://www.fizzgate.com/fizz/guide/GettingStarted/ (opens new window)
Author: lancer