jiazhizhong/higress
1
0
Fork 0
mirror of https://github.com/alibaba/higress.git synced 2026-05-29 23:27:28 +08:00
Code Issues Packages Projects Releases Wiki Activity

feat: cluster-key-rate-limit support setting global rate limit thresholds for routes​ (#2262)

Browse Source
This commit is contained in:
韩贤涛
2025-05-29 09:57:10 +08:00
committed by GitHub
parent 52464c0e06
commit 69b755a10d
15 changed files with 965 additions and 596 deletions
Download Patch File Download Diff File Expand all files Collapse all files

17
plugins/wasm-go/extensions/ext-auth/main.go
View File

@@ -20,6 +20,7 @@ import (
"ext-auth/config"
"ext-auth/util"
"github.com/alibaba/higress/plugins/wasm-go/pkg/log"
"github.com/alibaba/higress/plugins/wasm-go/pkg/wrapper"
"github.com/higress-group/proxy-wasm-go-sdk/proxywasm"
@@ -29,9 +30,9 @@ import (
func main() {
wrapper.SetCtx(
"ext-auth",
wrapper.ParseConfigBy(config.ParseConfig),
wrapper.ProcessRequestHeadersBy(onHttpRequestHeaders),
wrapper.ProcessRequestBodyBy(onHttpRequestBody),
wrapper.ParseConfig(config.ParseConfig),
wrapper.ProcessRequestHeaders(onHttpRequestHeaders),
wrapper.ProcessRequestBody(onHttpRequestBody),
)
}
@@ -50,7 +51,7 @@ const (
HeaderXForwardedHost = "x-forwarded-host"
)
func onHttpRequestHeaders(ctx wrapper.HttpContext, config config.ExtAuthConfig, log wrapper.Log) types.Action {
func onHttpRequestHeaders(ctx wrapper.HttpContext, config config.ExtAuthConfig) types.Action {
// If the request's domain and path match the MatchRules, skip authentication
if config.MatchRules.IsAllowedByMode(ctx.Host(), ctx.Method(), wrapper.GetRequestPathWithoutQuery()) {
ctx.DontReadRequestBody()
@@ -70,17 +71,17 @@ func onHttpRequestHeaders(ctx wrapper.HttpContext, config config.ExtAuthConfig,
}
ctx.DontReadRequestBody()
return checkExtAuth(ctx, config, nil, log, types.HeaderStopAllIterationAndWatermark)
return checkExtAuth(ctx, config, nil, types.HeaderStopAllIterationAndWatermark)
}
func onHttpRequestBody(ctx wrapper.HttpContext, config config.ExtAuthConfig, body []byte, log wrapper.Log) types.Action {
func onHttpRequestBody(ctx wrapper.HttpContext, config config.ExtAuthConfig, body []byte) types.Action {
if config.HttpService.AuthorizationRequest.WithRequestBody {
return checkExtAuth(ctx, config, body, log, types.DataStopIterationAndBuffer)
return checkExtAuth(ctx, config, body, types.DataStopIterationAndBuffer)
}
return types.ActionContinue
}
func checkExtAuth(ctx wrapper.HttpContext, cfg config.ExtAuthConfig, body []byte, log wrapper.Log, pauseAction types.Action) types.Action {
func checkExtAuth(ctx wrapper.HttpContext, cfg config.ExtAuthConfig, body []byte, pauseAction types.Action) types.Action {
httpServiceConfig := cfg.HttpService
extAuthReqHeaders := buildExtAuthRequestHeaders(ctx, cfg)