auth-request
<p class="shortdesc">auth-request认证插件是一种比较灵活的认证方式,系统只需要提供一个认证服务接口,即可将认证过滤处理提升到接入层网关层面。同时插件提供认证缓存时间,避免每个请求都会请求认证服务。</p>
<p class="p"><strong class="ph b">2.0.3版本及以后支持</strong></p>
<section class="section" id="auth-request__section_inc_rpw_2sb"><h2 class="doc-tairway">流程图</h2>
<p class="p"><img class="image" id="auth-request__image_gzv_ypw_2sb" src="https://obs-cn-shanghai.fincloud.pinganyun.com/pacloud/20220910180811-1df4ccf698e7.png" width="800"></p>
<p class="p">注意:</p>
<ol class="ol" id="auth-request__ol_h21_2qw_2sb">
<li class="li">在请求后端认证服务时,会将前端请求的querydata/postdata/header/cookie传入到后端。由后端提取数据认证。</li>
<li class="li">后端认证服务需要返回是json格式的body数据,插件会根据返回结果中的一个字段值来判断是否认证成功。(用于判断的字段名和字段值可配置)</li>
<li class="li">插件会根据配置的cache_header/cache_cookie/cache_querydata/cache_postdata字段名获取相应的字段值,然后根据key=value字符排序生成用于缓存的Key。</li>
<li class="li">如果后端认证失败,则会将后端认证服务的返回结果直接返回给客户端。</li>
</ol>
</section>
<section class="section" id="auth-request__section_a2z_fqw_2sb"><h2 class="doc-tairway">插件配置字段说明</h2>
<div class="p">
<table class="table" id="auth-request__table_axr_hqw_2sb"><caption></caption><colgroup><col><col><col><col><col></colgroup><thead class="thead">
<tr class="row">
<th class="entry align-left" id="auth-request__table_axr_hqw_2sb__entry__1">参数名</th>
<th class="entry align-left" id="auth-request__table_axr_hqw_2sb__entry__2">参数类型</th>
<th class="entry align-left" id="auth-request__table_axr_hqw_2sb__entry__3">是否必须</th>
<th class="entry align-left" id="auth-request__table_axr_hqw_2sb__entry__4">默认值</th>
<th class="entry align-left" id="auth-request__table_axr_hqw_2sb__entry__5">参数说明</th>
</tr>
</thead><tbody class="tbody">
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">url</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">string</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">Y</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 "></td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">后端认证服务接口地址。(需要保证Kong到该服务地址网络通)</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">method</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">string</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">Y</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">POST</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">后端认证服务接口请求方法</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">anonymous_uris</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">array</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">Y</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 "></td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">不用于认证的请求地址。例如[“/login”]</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">cache_time</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">number</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">Y</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">0</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">缓存有效期,单位为秒</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">cache_header</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">array</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">N</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">[]</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">用于生成缓存Key的header字段名列表</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">cache_cookie</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">array</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">N</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">[]</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">用于生成缓存Key的cookie字段名列表</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">cache_querydata</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">array</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">N</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">[]</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">用于生成缓存Key的querydata字段名列表</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">cache_postdata</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">array</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">N</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">[]</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">用于生成缓存Key的postdata字段名列表。(使用此字段,请保证请求体为json格式。并且字段是一级字段)</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">result_check_field</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">string</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">Y</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">retcode</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">认证结果用于判断的字段名</td>
</tr>
<tr class="row">
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__1 ">result_check_value</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__2 ">string</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__3 ">Y</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__4 ">200</td>
<td class="entry align-left" headers="auth-request__table_axr_hqw_2sb__entry__5 ">认证结果用于判断的字段值</td>
</tr>
</tbody></table>
</div>
</section>
<section class="section" id="auth-request__section_oxb_3qw_2sb"><h2 class="doc-tairway">插件配置示例</h2>
<p class="p"><img class="image" id="auth-request__image_tmn_4qw_2sb" src="https://obs-cn-shanghai.fincloud.pinganyun.com/pacloud/20220910180811-1fd72e259c2a.png" width="800"></p>
</section>
提交成功!非常感谢您的反馈,我们会继续努力做到更好!