Tree Gateway - Authentication

We are assuming in these examples, that our test gateway will be running at 'http://gateway.address.com'.

JWT

JWT Example --- name: MyJWTAuthenticatedAPI version: 1.0.0 path: jwt/ proxy: target: host: http://httpbin.org authentication: strategy: name: jwt options: extractFrom: authHeader: Bearer queryParam: jwt secretOrKey: secret

This sample will make tree gateway to check authentication using JWT tokens before proxy the request to the mapped API (http://httpbin.org).

The token will be verified using the key 'secret' and you will be able to provide the token through one of those methods:

Basic

Basic Authentication --- name: MyBasicAuthenticatedAPI version: 1.0.0 path: basic/ proxy: target: host: http://httpbin.org authentication: strategy: name: basic options: verify: name: verifyMyUser "use strict"; const User = require('./my-user-service'); module.exports = function (userid, password, done){ User.findOne({ username: userid }, function (err, user) { if (err) { return done(err); } if (!user) { return done(null, false); } if (!user.verifyPassword(password)) { return done(null, false); } return done(null, user); }); };

This sample will make tree gateway to check authentication using http basic scheme before proxy the request to the mapped API (http://httpbin.org).

The verifyMyUser middleware is used to verify the provided username and password.

Authenticate Groups os URIs

Group Example --- name: MyGroupAuthenticatedAPI version: 1.0.0 path: group/ group: - id: secureGroup description: Secured endpoints member: - path: - "!/public/**/*" proxy: target: host: http://httpbin.org authentication: strategy: name: jwt options: extractFrom: authHeader: Bearer queryParam: jwt secretOrKey: secret group: secureGroup

This sample wil configure the same authentication as we show in the JWT example, but applying it only to certain group of URIs.

All API requests will be authenticated, except by those which starts with '/public' in its path.

Example of URI that will not be authenticated: curl http://gateway.address.com/group/public/get.