coprocess

package
v2.3.4+incompatible Latest Latest
Warning

This package is not in the latest version of its module.

Go to latest
Published: Mar 22, 2017 License: MPL-2.0 Imports: 5 Imported by: 0

README

Coprocess - PoC

This feature makes it possible to write Tyk middleware using your favorite languages.

Python support

Python support is available, more notes here.

Lua support

Lua support is available as well. Notes here.

gRPC support

Tyk provides support for gRPC, you may use any of the gRPC supported languages (e.g. Ruby, Java, etc.). Check the gRPC support README.

ID Extractor & auth cache

The ID extractor is a very useful mechanism that will let you cache your authentication IDs and prevent certain requests from hitting your CP backend. It takes a set of rules from your API configuration (the rules are set per API).

A sample usage will look like this:

"custom_middleware": {
  "pre": [
    {
      "name": "MyPreMiddleware",
      "require_session": false
    }
  ],
  "id_extractor": {
    "extract_from": "header",
    "extract_with": "value",
    "extractor_config": {
      "header_name": "Authorization"
    }
  },
  "driver": "grpc"
},

Tyk provides a set of ID extractors that aim to cover the most common use cases, a very simple one is the value extractor.

Interoperability

This feature implements an in-process message passing mechanism, based on Protocol Buffers, any supported languages should provide a function to receive, unmarshal and process this kind of messages.

The main interoperability task is achieved by using cgo as a bridge between a supported language -like Python- and the Go codebase.

Your C bridge function must accept and return a CoProcessMessage data structure like the one described in api.h, where p_data is a pointer to the serialized data and length indicates the length of it.

struct CoProcessMessage {
  void* p_data;
  int length;
};

The unpacked data will hold the actual CoProcessObject data structure, where HookType represents the hook type (see below), Request represents the HTTP request and Session is the Tyk session data.

The Spec field holds the API specification data, like organization ID, API ID, etc.

type CoProcessObject struct {
	HookType string
	Request  CoProcessMiniRequestObject
	Session  SessionState
	Metadata map[string]string
	Spec     map[string]string
}

Coprocess Dispatcher

coprocess.Dispatcher describes a very simple interface for implementing the dispatcher logic, the required methods are: Dispatch, DispatchEvent and Reload.

Dispatch accepts a pointer to a struct CoProcessObject (as described above) and must return an object of the same type. This method will be called for every configured hook, on every request. Traditionally this method will perform a single function call on the target language side (like Python_DispatchHook in coprocess_python), and the corresponding logic will be handled from there (mostly because different languages have different ways of loading, referencing or calling middlewares).

DispatchEvent provides a way of dispatching Tyk events to a target language. This method doesn't return any variables but does receive a JSON-encoded object containing the event data. For extensibility purposes, this method doesn't use Protocol Buffers, the input is a []byte, the target language will take this (as a char) and perform the JSON decoding operation.

Reload is called when triggering a hot reload, this method could be useful for reloading scripts or modules in the target language.

Coprocess Dispatcher - Hooks

This component is in charge of dispatching your HTTP requests to the custom middlewares, in the right order. The dispatcher follows the standard middleware chain logic and provides a simple mechanism for "hooking" your custom middleware behavior, the supported hooks are:

Pre: gets executed before any authentication information is extracted from the header or parameter list of the request.

Post: gets executed after the authentication, validation, throttling, and quota-limiting middleware has been executed, just before the request is proxied upstream. Use this to post-process a request before sending it to your upstream API.

PostKeyAuth: gets executed right after the autentication process.

CustomAuthCheck: gets executed as a custom authentication middleware, instead of the standard ones provided by Tyk. Use this to provide your own authentication mechanism.

Coprocess Gateway API

coprocess_api.go provides a bridge between the gateway API and C, any function that needs to be exported should have the export keyword:

//export TykTriggerEvent
func TykTriggerEvent( CEventName *C.char, CPayload *C.char ) {
  eventName := C.GoString(CEventName)
  payload := C.GoString(CPayload)

  FireSystemEvent(tykcommon.TykEvent(eventName), EventMetaDefault{
    Message: payload,
  })
}

You should also expect a header file declaration of this function in api.h, like this:

#ifndef TYK_COPROCESS_API
#define TYK_COPROCESS_API
extern void TykTriggerEvent(char* event_name, char* payload);
#endif

The language binding will include this header file (or declare the function inline) and perform the necessary steps to call it with the appropriate arguments (like a ffi mechanism could do). As a reference, this is how this could be achieved if you're building a Cython module:

cdef extern:
  void TykTriggerEvent(char* event_name, char* payload);

def call():
  event_name = 'my event'.encode('utf-8')
  payload = 'my payload'.encode('utf-8')
  TykTriggerEvent( event_name, payload )

Basic usage

The intended way of using a Coprocess middleware is to specify it as part of an API definition:

"custom_middleware": {
  "pre": [
      {
          "name": "MyPreMiddleware",  
          "require_session": false
      },
      {
          "name": "AnotherPreMiddleware",
          "require_session": false
      }
  ],
  "post": [
    {
      "name": "MyPostMiddleware",
      "require_session": false
    }
  ],
  "post_key_auth": [
    {
      "name": "MyPostKeyAuthMiddleware",
      "require_session": true
    }
  ],
  "auth_check": {
    "name": "MyAuthCheck"
  },
  "driver": "python"
}

It's important to note that all hook types support chaining except the custom auth check (auth_check).

Build notes

It's possible to use a build tag:

go build -tags 'coprocess python'
go build -tags 'coprocess somelanguage'

Each language should implement a CoProcessInit function, this will be called from the main function when the coprocess build tag is used.

Using the coprocess build tag with no language tag will fail.

A standard build is still possible:

go build

coprocess_dummy.go provides a dummy CoProcessInit function that will be called if you perform a standard Tyk build. This file will be ignored when using the coprocess build tag, as we expect it to be implemented by a language.

Tests

You must use the coprocess build tag to run the tests:

go test -tags 'coprocess'
go test -run CoProcess -tags 'coprocess'

References

Trello note

Documentation

Overview

Package coprocess is a generated protocol buffer package.

It is generated from these files:

coprocess_common.proto
coprocess_mini_request_object.proto
coprocess_object.proto
coprocess_return_overrides.proto
coprocess_session_state.proto

It has these top-level messages:

StringSlice
MiniRequestObject
Object
Event
EventReply
ReturnOverrides
AccessSpec
AccessDefinition
BasicAuthData
JWTData
Monitor
SessionState

Index

Constants

This section is empty.

Variables

View Source
var HookType_name = map[int32]string{
	0: "Unknown",
	1: "Pre",
	2: "Post",
	3: "PostKeyAuth",
	4: "CustomKeyCheck",
}
View Source
var HookType_value = map[string]int32{
	"Unknown":        0,
	"Pre":            1,
	"Post":           2,
	"PostKeyAuth":    3,
	"CustomKeyCheck": 4,
}

Functions

func RegisterDispatcherServer

func RegisterDispatcherServer(s *grpc.Server, srv DispatcherServer)

Types

type AccessDefinition

type AccessDefinition struct {
	ApiName     string        `protobuf:"bytes,1,opt,name=api_name,json=apiName" json:"api_name,omitempty"`
	ApiId       string        `protobuf:"bytes,2,opt,name=api_id,json=apiId" json:"api_id,omitempty"`
	Versions    []string      `protobuf:"bytes,3,rep,name=versions" json:"versions,omitempty"`
	AllowedUrls []*AccessSpec `protobuf:"bytes,4,rep,name=allowed_urls,json=allowedUrls" json:"allowed_urls,omitempty"`
}

func (*AccessDefinition) Descriptor

func (*AccessDefinition) Descriptor() ([]byte, []int)

func (*AccessDefinition) GetAllowedUrls

func (m *AccessDefinition) GetAllowedUrls() []*AccessSpec

func (*AccessDefinition) ProtoMessage

func (*AccessDefinition) ProtoMessage()

func (*AccessDefinition) Reset

func (m *AccessDefinition) Reset()

func (*AccessDefinition) String

func (m *AccessDefinition) String() string

type AccessSpec

type AccessSpec struct {
	Url     string   `protobuf:"bytes,1,opt,name=url" json:"url,omitempty"`
	Methods []string `protobuf:"bytes,2,rep,name=methods" json:"methods,omitempty"`
}

func (*AccessSpec) Descriptor

func (*AccessSpec) Descriptor() ([]byte, []int)

func (*AccessSpec) ProtoMessage

func (*AccessSpec) ProtoMessage()

func (*AccessSpec) Reset

func (m *AccessSpec) Reset()

func (*AccessSpec) String

func (m *AccessSpec) String() string

type BasicAuthData

type BasicAuthData struct {
	Password string `protobuf:"bytes,1,opt,name=password" json:"password,omitempty"`
	Hash     string `protobuf:"bytes,2,opt,name=hash" json:"hash,omitempty"`
}

func (*BasicAuthData) Descriptor

func (*BasicAuthData) Descriptor() ([]byte, []int)

func (*BasicAuthData) ProtoMessage

func (*BasicAuthData) ProtoMessage()

func (*BasicAuthData) Reset

func (m *BasicAuthData) Reset()

func (*BasicAuthData) String

func (m *BasicAuthData) String() string

type DispatcherClient

type DispatcherClient interface {
	Dispatch(ctx context.Context, in *Object, opts ...grpc.CallOption) (*Object, error)
	DispatchEvent(ctx context.Context, in *Event, opts ...grpc.CallOption) (*EventReply, error)
}

func NewDispatcherClient

func NewDispatcherClient(cc *grpc.ClientConn) DispatcherClient

type DispatcherServer

type DispatcherServer interface {
	Dispatch(context.Context, *Object) (*Object, error)
	DispatchEvent(context.Context, *Event) (*EventReply, error)
}

type Event

type Event struct {
	Payload string `protobuf:"bytes,1,opt,name=payload" json:"payload,omitempty"`
}

func (*Event) Descriptor

func (*Event) Descriptor() ([]byte, []int)

func (*Event) ProtoMessage

func (*Event) ProtoMessage()

func (*Event) Reset

func (m *Event) Reset()

func (*Event) String

func (m *Event) String() string

type EventReply

type EventReply struct {
}

func (*EventReply) Descriptor

func (*EventReply) Descriptor() ([]byte, []int)

func (*EventReply) ProtoMessage

func (*EventReply) ProtoMessage()

func (*EventReply) Reset

func (m *EventReply) Reset()

func (*EventReply) String

func (m *EventReply) String() string

type HookType

type HookType int32
const (
	HookType_Unknown        HookType = 0
	HookType_Pre            HookType = 1
	HookType_Post           HookType = 2
	HookType_PostKeyAuth    HookType = 3
	HookType_CustomKeyCheck HookType = 4
)

func (HookType) EnumDescriptor

func (HookType) EnumDescriptor() ([]byte, []int)

func (HookType) String

func (x HookType) String() string

type JWTData

type JWTData struct {
	Secret string `protobuf:"bytes,1,opt,name=secret" json:"secret,omitempty"`
}

func (*JWTData) Descriptor

func (*JWTData) Descriptor() ([]byte, []int)

func (*JWTData) ProtoMessage

func (*JWTData) ProtoMessage()

func (*JWTData) Reset

func (m *JWTData) Reset()

func (*JWTData) String

func (m *JWTData) String() string

type MiniRequestObject

type MiniRequestObject struct {
	Headers         map[string]string `` /* 134-byte string literal not displayed */
	SetHeaders      map[string]string `` /* 158-byte string literal not displayed */
	DeleteHeaders   []string          `protobuf:"bytes,3,rep,name=delete_headers,json=deleteHeaders" json:"delete_headers,omitempty"`
	Body            string            `protobuf:"bytes,4,opt,name=body" json:"body,omitempty"`
	Url             string            `protobuf:"bytes,5,opt,name=url" json:"url,omitempty"`
	Params          map[string]string `` /* 132-byte string literal not displayed */
	AddParams       map[string]string `` /* 155-byte string literal not displayed */
	ExtendedParams  map[string]string `` /* 170-byte string literal not displayed */
	DeleteParams    []string          `protobuf:"bytes,9,rep,name=delete_params,json=deleteParams" json:"delete_params,omitempty"`
	ReturnOverrides *ReturnOverrides  `protobuf:"bytes,10,opt,name=return_overrides,json=returnOverrides" json:"return_overrides,omitempty"`
}

func (*MiniRequestObject) Descriptor

func (*MiniRequestObject) Descriptor() ([]byte, []int)

func (*MiniRequestObject) GetAddParams

func (m *MiniRequestObject) GetAddParams() map[string]string

func (*MiniRequestObject) GetExtendedParams

func (m *MiniRequestObject) GetExtendedParams() map[string]string

func (*MiniRequestObject) GetHeaders

func (m *MiniRequestObject) GetHeaders() map[string]string

func (*MiniRequestObject) GetParams

func (m *MiniRequestObject) GetParams() map[string]string

func (*MiniRequestObject) GetReturnOverrides

func (m *MiniRequestObject) GetReturnOverrides() *ReturnOverrides

func (*MiniRequestObject) GetSetHeaders

func (m *MiniRequestObject) GetSetHeaders() map[string]string

func (*MiniRequestObject) ProtoMessage

func (*MiniRequestObject) ProtoMessage()

func (*MiniRequestObject) Reset

func (m *MiniRequestObject) Reset()

func (*MiniRequestObject) String

func (m *MiniRequestObject) String() string

type Monitor

type Monitor struct {
	TriggerLimits []float64 `protobuf:"fixed64,1,rep,packed,name=trigger_limits,json=triggerLimits" json:"trigger_limits,omitempty"`
}

func (*Monitor) Descriptor

func (*Monitor) Descriptor() ([]byte, []int)

func (*Monitor) ProtoMessage

func (*Monitor) ProtoMessage()

func (*Monitor) Reset

func (m *Monitor) Reset()

func (*Monitor) String

func (m *Monitor) String() string

type Object

type Object struct {
	HookType HookType           `protobuf:"varint,1,opt,name=hook_type,json=hookType,enum=coprocess.HookType" json:"hook_type,omitempty"`
	HookName string             `protobuf:"bytes,2,opt,name=hook_name,json=hookName" json:"hook_name,omitempty"`
	Request  *MiniRequestObject `protobuf:"bytes,3,opt,name=request" json:"request,omitempty"`
	Session  *SessionState      `protobuf:"bytes,4,opt,name=session" json:"session,omitempty"`
	Metadata map[string]string  `` /* 136-byte string literal not displayed */
	Spec     map[string]string  `` /* 128-byte string literal not displayed */
}

func (*Object) Descriptor

func (*Object) Descriptor() ([]byte, []int)

func (*Object) GetMetadata

func (m *Object) GetMetadata() map[string]string

func (*Object) GetRequest

func (m *Object) GetRequest() *MiniRequestObject

func (*Object) GetSession

func (m *Object) GetSession() *SessionState

func (*Object) GetSpec

func (m *Object) GetSpec() map[string]string

func (*Object) ProtoMessage

func (*Object) ProtoMessage()

func (*Object) Reset

func (m *Object) Reset()

func (*Object) String

func (m *Object) String() string

type ReturnOverrides

type ReturnOverrides struct {
	ResponseCode  int32  `protobuf:"varint,1,opt,name=response_code,json=responseCode" json:"response_code,omitempty"`
	ResponseError string `protobuf:"bytes,2,opt,name=response_error,json=responseError" json:"response_error,omitempty"`
}

func (*ReturnOverrides) Descriptor

func (*ReturnOverrides) Descriptor() ([]byte, []int)

func (*ReturnOverrides) ProtoMessage

func (*ReturnOverrides) ProtoMessage()

func (*ReturnOverrides) Reset

func (m *ReturnOverrides) Reset()

func (*ReturnOverrides) String

func (m *ReturnOverrides) String() string

type SessionState

type SessionState struct {
	LastCheck               int64                        `protobuf:"varint,1,opt,name=last_check,json=lastCheck" json:"last_check,omitempty"`
	Allowance               float64                      `protobuf:"fixed64,2,opt,name=allowance" json:"allowance,omitempty"`
	Rate                    float64                      `protobuf:"fixed64,3,opt,name=rate" json:"rate,omitempty"`
	Per                     float64                      `protobuf:"fixed64,4,opt,name=per" json:"per,omitempty"`
	Expires                 int64                        `protobuf:"varint,5,opt,name=expires" json:"expires,omitempty"`
	QuotaMax                int64                        `protobuf:"varint,6,opt,name=quota_max,json=quotaMax" json:"quota_max,omitempty"`
	QuotaRenews             int64                        `protobuf:"varint,7,opt,name=quota_renews,json=quotaRenews" json:"quota_renews,omitempty"`
	QuotaRemaining          int64                        `protobuf:"varint,8,opt,name=quota_remaining,json=quotaRemaining" json:"quota_remaining,omitempty"`
	QuotaRenewalRate        int64                        `protobuf:"varint,9,opt,name=quota_renewal_rate,json=quotaRenewalRate" json:"quota_renewal_rate,omitempty"`
	AccessRights            map[string]*AccessDefinition `` /* 165-byte string literal not displayed */
	OrgId                   string                       `protobuf:"bytes,11,opt,name=org_id,json=orgId" json:"org_id,omitempty"`
	OauthClientId           string                       `protobuf:"bytes,12,opt,name=oauth_client_id,json=oauthClientId" json:"oauth_client_id,omitempty"`
	OauthKeys               map[string]string            `` /* 156-byte string literal not displayed */
	BasicAuthData           *BasicAuthData               `protobuf:"bytes,14,opt,name=basic_auth_data,json=basicAuthData" json:"basic_auth_data,omitempty"`
	JwtData                 *JWTData                     `protobuf:"bytes,15,opt,name=jwt_data,json=jwtData" json:"jwt_data,omitempty"`
	HmacEnabled             bool                         `protobuf:"varint,16,opt,name=hmac_enabled,json=hmacEnabled" json:"hmac_enabled,omitempty"`
	HmacSecret              string                       `protobuf:"bytes,17,opt,name=hmac_secret,json=hmacSecret" json:"hmac_secret,omitempty"`
	IsInactive              bool                         `protobuf:"varint,18,opt,name=is_inactive,json=isInactive" json:"is_inactive,omitempty"`
	ApplyPolicyId           string                       `protobuf:"bytes,19,opt,name=apply_policy_id,json=applyPolicyId" json:"apply_policy_id,omitempty"`
	DataExpires             int64                        `protobuf:"varint,20,opt,name=data_expires,json=dataExpires" json:"data_expires,omitempty"`
	Monitor                 *Monitor                     `protobuf:"bytes,21,opt,name=monitor" json:"monitor,omitempty"`
	EnableDetailedRecording bool                         `` /* 127-byte string literal not displayed */
	Metadata                string                       `protobuf:"bytes,23,opt,name=metadata" json:"metadata,omitempty"`
	Tags                    []string                     `protobuf:"bytes,24,rep,name=tags" json:"tags,omitempty"`
	Alias                   string                       `protobuf:"bytes,25,opt,name=alias" json:"alias,omitempty"`
	LastUpdated             string                       `protobuf:"bytes,26,opt,name=last_updated,json=lastUpdated" json:"last_updated,omitempty"`
	IdExtractorDeadline     int64                        `protobuf:"varint,27,opt,name=id_extractor_deadline,json=idExtractorDeadline" json:"id_extractor_deadline,omitempty"`
	SessionLifetime         int64                        `protobuf:"varint,28,opt,name=session_lifetime,json=sessionLifetime" json:"session_lifetime,omitempty"`
}

func (*SessionState) Descriptor

func (*SessionState) Descriptor() ([]byte, []int)

func (*SessionState) GetAccessRights

func (m *SessionState) GetAccessRights() map[string]*AccessDefinition

func (*SessionState) GetBasicAuthData

func (m *SessionState) GetBasicAuthData() *BasicAuthData

func (*SessionState) GetJwtData

func (m *SessionState) GetJwtData() *JWTData

func (*SessionState) GetMonitor

func (m *SessionState) GetMonitor() *Monitor

func (*SessionState) GetOauthKeys

func (m *SessionState) GetOauthKeys() map[string]string

func (*SessionState) ProtoMessage

func (*SessionState) ProtoMessage()

func (*SessionState) Reset

func (m *SessionState) Reset()

func (*SessionState) String

func (m *SessionState) String() string

type StringSlice

type StringSlice struct {
	Items []string `protobuf:"bytes,1,rep,name=items" json:"items,omitempty"`
}

func (*StringSlice) Descriptor

func (*StringSlice) Descriptor() ([]byte, []int)

func (*StringSlice) ProtoMessage

func (*StringSlice) ProtoMessage()

func (*StringSlice) Reset

func (m *StringSlice) Reset()

func (*StringSlice) String

func (m *StringSlice) String() string

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL