ayan.poddar/eShopOnContainers
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Ingress and security

Browse Source
This commit is contained in:
Siarhei_Sialitski 2023-01-08 11:24:08 +01:00
parent d60be0ccaa
commit 10f9ecc038
4 changed files with 355 additions and 298 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

26
deploy/k8s/helm/apigwms/envoy.yaml
View File

@ -37,6 +37,19 @@ static_resources:
route:
auto_host_rewrite: true
cluster: catalog
- name: "cp-short"
match:
prefix: "/cp/"
route:
auto_host_rewrite: true
prefix_rewrite: "/coupon-api/"
cluster: coupon
- name: "cp-long"
match:
prefix: "/coupon-api/"
route:
auto_host_rewrite: true
cluster: coupon
- name: "o-short"
match:
prefix: "/o/"
@ -106,6 +119,19 @@ static_resources:
socket_address:
address: catalog-api
port_value: 80
- name: coupon
connect_timeout: 0.25s
type: strict_dns
lb_policy: round_robin
load_assignment:
cluster_name: coupon
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: coupon-api
port_value: 80
- name: basket
connect_timeout: 0.25s
type: strict_dns

26
deploy/k8s/helm/apigwws/envoy.yaml
View File

@ -37,6 +37,19 @@ static_resources:
route:
auto_host_rewrite: true
cluster: catalog
- name: "cp-short"
match:
prefix: "/cp/"
route:
auto_host_rewrite: true
prefix_rewrite: "/coupon-api/"
cluster: coupon
- name: "cp-long"
match:
prefix: "/coupon-api/"
route:
auto_host_rewrite: true
cluster: coupon
- name: "o-short"
match:
prefix: "/o/"
@ -109,6 +122,19 @@ static_resources:
socket_address:
address: catalog-api
port_value: 80
- name: coupon
connect_timeout: 0.25s
type: strict_dns
lb_policy: round_robin
load_assignment:
cluster_name: coupon
endpoints:
- lb_endpoints:
- endpoint:
address:
socket_address:
address: coupon-api
port_value: 80
- name: basket
connect_timeout: 0.25s
type: strict_dns

13
src/Services/Identity/Identity.API/Configuration/Config.cs
View File

@ -15,6 +15,7 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
new ApiResource("webshoppingagg", "Web Shopping Aggregator"),
new ApiResource("orders.signalrhub", "Ordering Signalr Hub"),
new ApiResource("webhooks", "Webhooks registration Service"),
new ApiResource("coupon", "Coupon Service"),
};
}
@ -53,7 +54,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
"basket",
"webshoppingagg",
"orders.signalrhub",
"webhooks"
"webhooks",
"coupon"
},
},
new Client
@ -79,7 +81,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
"orders",
"basket",
"mobileshoppingagg",
"webhooks"
"webhooks",
"coupon"
},
//Allow requesting refresh tokens for long lived API access
AllowOfflineAccess = true,
@ -117,7 +120,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
"basket",
"webshoppingagg",
"orders.signalrhub",
"webhooks"
"webhooks",
"coupon"
},
AccessTokenLifetime = 60*60*2, // 2 hours
IdentityTokenLifetime= 60*60*2 // 2 hours
@ -183,7 +187,8 @@ namespace Microsoft.eShopOnContainers.Services.Identity.API.Configuration
"orders",
"basket",
"webshoppingagg",
"webhooks"
"webhooks",
"coupon"
},
},
new Client

2
src/Web/WebSPA/Client/src/modules/shared/services/security.service.ts
View File

@ -82,7 +82,7 @@ export class SecurityService {
let client_id = 'js';
let redirect_uri = location.origin + '/';
let response_type = 'id_token token';
let scope = 'openid profile orders basket webshoppingagg orders.signalrhub';
let scope = 'openid profile orders basket webshoppingagg orders.signalrhub coupon';
let nonce = 'N' + Math.random() + '' + Date.now();
let state = Date.now() + '' + Math.random();