From 12cab97b55991f2ddd8bc9f44cb33bb25da847f7 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Thu, 27 Feb 2020 21:29:25 +0800 Subject: [PATCH 01/11] feature: supported key-based authentication to the dashboard. --- conf/config.yaml | 1 + lua/apisix/admin/init.lua | 28 ++++++++- t/admin/token.t | 126 ++++++++++++++++++++++++++++++++++++++ 3 files changed, 154 insertions(+), 1 deletion(-) create mode 100644 t/admin/token.t diff --git a/conf/config.yaml b/conf/config.yaml index 3281f4721738..2675c120e2ee 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -39,6 +39,7 @@ apisix: # - 127.0.0.0/24 # If we don't set any IP list, then any IP access is allowed by default. # - "::/64" # port_admin: 9180 # use a separate port + token_admin: 33926bc55db5e2c3 # default token when use API to call for Admin API router: http: 'radixtree_uri' # radixtree_uri: match route by uri(base on radixtree) # radixtree_host_uri: match route by host + uri(base on radixtree) diff --git a/lua/apisix/admin/init.lua b/lua/apisix/admin/init.lua index ee4ebea13f4e..9c68c8f9697e 100644 --- a/lua/apisix/admin/init.lua +++ b/lua/apisix/admin/init.lua @@ -14,6 +14,7 @@ -- See the License for the specific language governing permissions and -- limitations under the License. -- + local core = require("apisix.core") local route = require("resty.radixtree") local plugin = require("apisix.plugin") @@ -40,11 +41,36 @@ local resources = { } -local _M = {version = 0.3} +local _M = {version = 0.4} local router +local function check_token() + local local_conf = core.config.local_conf() + if not local_conf or not local_conf.apisix + or not local_conf.apisix.token_admin then + return true + end + + local req_token = ngx.var.http_apikey + if not req_token then + return false, "missing apikey" + end + + if req_token ~= local_conf.apisix.token_admin then + return false, "wrong apikey" + end + + return true +end + + local function run() + local ok, err = check_token() + if not ok then + core.response.exit(400, {error_msg = err}) + end + local uri_segs = core.utils.split_uri(ngx.var.uri) core.log.info("uri: ", core.json.delay_encode(uri_segs)) diff --git a/t/admin/token.t b/t/admin/token.t new file mode 100644 index 000000000000..3296505896f8 --- /dev/null +++ b/t/admin/token.t @@ -0,0 +1,126 @@ +# +# Licensed to the Apache Software Foundation (ASF) under one or more +# contributor license agreements. See the NOTICE file distributed with +# this work for additional information regarding copyright ownership. +# The ASF licenses this file to You under the Apache License, Version 2.0 +# (the "License"); you may not use this file except in compliance with +# the License. You may obtain a copy of the License at +# +# http://www.apache.org/licenses/LICENSE-2.0 +# +# Unless required by applicable law or agreed to in writing, software +# distributed under the License is distributed on an "AS IS" BASIS, +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. +# See the License for the specific language governing permissions and +# limitations under the License. +# +use t::APISIX 'no_plan'; + +repeat_each(1); +no_long_string(); +no_root_location(); +no_shuffle(); +log_level("info"); + +run_tests; + +__DATA__ + +=== TEST 1: set route without token +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").req_self_with_http + local res, err = t('/apisix/admin/routes/1', + "PUT", + [[{ + "upstream": { + "nodes": { + "127.0.0.1:8080": 1 + }, + "type": "roundrobin" + }, + "uri": "/index.html" + }]] + ) + + ngx.status = res.status + ngx.print(res.body) + } + } +--- request +GET /t +--- error_code: 400 +--- response_body +{"error_msg":"missing apikey"} +--- no_error_log +[error] + + + +=== TEST 2: set route with wrong token +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").req_self_with_http + local res, err = t( + '/apisix/admin/routes/1', + "PUT", + [[{ + "upstream": { + "nodes": { + "127.0.0.1:8080": 1 + }, + "type": "roundrobin" + }, + "uri": "/index.html" + }]], + {apikey = "wrong_key"} + ) + + ngx.status = res.status + ngx.print(res.body) + } + } +--- request +GET /t +--- error_code: 400 +--- response_body +{"error_msg":"wrong apikey"} +--- no_error_log +[error] + + + +=== TEST 3: set route with correct token +--- config + location /t { + content_by_lua_block { + local t = require("lib.test_admin").req_self_with_http + local res, err = t( + '/apisix/admin/routes/1', + "PUT", + [[{ + "upstream": { + "nodes": { + "127.0.0.1:8080": 1 + }, + "type": "roundrobin" + }, + "uri": "/index.html" + }]], + {apikey = "33926bc55db5e2c3"} + ) + + if res.status > 299 then + ngx.status = res.status + end + ngx.say("done") + } + } +--- request +GET /t +--- response_body +done +--- no_error_log +[error] From 718b6e8aed8d756a1eaaf16a3c5140b4f61ef2a3 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Thu, 27 Feb 2020 21:39:26 +0800 Subject: [PATCH 02/11] test: disable to check token of Admin API. --- t/APISIX.pm | 2 ++ t/admin/token.t | 27 +++++++++++++++++++++++++++ 2 files changed, 29 insertions(+) diff --git a/t/APISIX.pm b/t/APISIX.pm index 7e8755eca90b..7db0651fe529 100644 --- a/t/APISIX.pm +++ b/t/APISIX.pm @@ -42,6 +42,8 @@ my $ssl_crt = read_file("conf/cert/apisix.crt"); my $ssl_key = read_file("conf/cert/apisix.key"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; +$yaml_config =~ s/token_admin:/# token_admin:/; + my $profile = $ENV{"APISIX_PROFILE"}; diff --git a/t/admin/token.t b/t/admin/token.t index 3296505896f8..e99ca0bf7db2 100644 --- a/t/admin/token.t +++ b/t/admin/token.t @@ -15,6 +15,7 @@ # limitations under the License. # use t::APISIX 'no_plan'; +use Cwd qw(cwd); repeat_each(1); no_long_string(); @@ -22,6 +23,32 @@ no_root_location(); no_shuffle(); log_level("info"); +my $apisix_home = $ENV{APISIX_HOME} || cwd(); + +sub read_file($) { + my $infile = shift; + open my $in, "$apisix_home/$infile" + or die "cannot open $infile for reading: $!"; + my $data = do { local $/; <$in> }; + close $in; + $data; +} + +my $yaml_config = read_file("conf/config.yaml"); +$yaml_config =~ s/node_listen: 9080/node_listen: 1984/; +$yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; + +add_block_preprocessor(sub { + my ($block) = @_; + + my $user_yaml_config = $block->yaml_config; + $user_yaml_config .= <<_EOC_; +$yaml_config +_EOC_ + + $block->set_value("yaml_config", $user_yaml_config); +}); + run_tests; __DATA__ From 7079a060b9adc38e69438a1b90dc81cb1bf51b68 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 08:42:11 +0800 Subject: [PATCH 03/11] test: added more test cases. --- lua/apisix/admin/init.lua | 15 ++++++++++++++- t/admin/token.t | 26 ++++++++++++++++++++------ 2 files changed, 34 insertions(+), 7 deletions(-) diff --git a/lua/apisix/admin/init.lua b/lua/apisix/admin/init.lua index 9c68c8f9697e..09ca4d7ee532 100644 --- a/lua/apisix/admin/init.lua +++ b/lua/apisix/admin/init.lua @@ -68,7 +68,8 @@ end local function run() local ok, err = check_token() if not ok then - core.response.exit(400, {error_msg = err}) + core.log.warn("failed to check token: ", err) + core.response.exit(401) end local uri_segs = core.utils.split_uri(ngx.var.uri) @@ -124,12 +125,24 @@ end local function get_plugins_list() + local ok, err = check_token() + if not ok then + core.log.warn("failed to check token: ", err) + core.response.exit(401) + end + local plugins = resources.plugins.get_plugins_list() core.response.exit(200, plugins) end local function post_reload_plugins() + local ok, err = check_token() + if not ok then + core.log.warn("failed to check token: ", err) + core.response.exit(401) + end + local success, err = events.post(reload_event, get_method(), ngx.time()) if not success then core.response.exit(500, err) diff --git a/t/admin/token.t b/t/admin/token.t index e99ca0bf7db2..bbf07baebda6 100644 --- a/t/admin/token.t +++ b/t/admin/token.t @@ -77,9 +77,7 @@ __DATA__ } --- request GET /t ---- error_code: 400 ---- response_body -{"error_msg":"missing apikey"} +--- error_code: 401 --- no_error_log [error] @@ -111,9 +109,7 @@ GET /t } --- request GET /t ---- error_code: 400 ---- response_body -{"error_msg":"wrong apikey"} +--- error_code: 401 --- no_error_log [error] @@ -151,3 +147,21 @@ GET /t done --- no_error_log [error] + + + +=== TEST 4: get plugins name +--- request +GET /apisix/admin/plugins/list +--- error_code: 401 +--- no_error_log +[error] + + + +=== TEST 5: reload plugins +--- request +GET /apisix/admin/plugins/reload +--- error_code: 401 +--- no_error_log +[error] From 8f3aea2467164ec4f602cd5dfc1f7edd31c6e060 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 09:22:09 +0800 Subject: [PATCH 04/11] test --- t/router/radixtree-host-uri.t | 1 + t/router/radixtree-host-uri2.t | 1 + t/router/radixtree-uri-host.t | 1 + t/router/radixtree-uri-multiple.t | 1 + t/router/radixtree-uri-priority.t | 1 + t/router/radixtree-uri-sanity.t | 1 + 6 files changed, 6 insertions(+) diff --git a/t/router/radixtree-host-uri.t b/t/router/radixtree-host-uri.t index f80e3eb0be00..fb1c840af6f1 100644 --- a/t/router/radixtree-host-uri.t +++ b/t/router/radixtree-host-uri.t @@ -35,6 +35,7 @@ our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; $yaml_config =~ s/http: 'radixtree_uri'/http: 'radixtree_host_uri'/; +$yaml_config =~ s/token_admin:/# token_admin:/; run_tests(); diff --git a/t/router/radixtree-host-uri2.t b/t/router/radixtree-host-uri2.t index 1c7c3c3724ec..4d8ac747b1b1 100644 --- a/t/router/radixtree-host-uri2.t +++ b/t/router/radixtree-host-uri2.t @@ -37,6 +37,7 @@ $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; $yaml_config =~ s/config_center: etcd/config_center: yaml/; $yaml_config =~ s/enable_admin: true/enable_admin: false/; $yaml_config =~ s/http: 'radixtree_uri'/http: 'radixtree_host_uri'/; +$yaml_config =~ s/token_admin:/# token_admin:/; run_tests(); diff --git a/t/router/radixtree-uri-host.t b/t/router/radixtree-uri-host.t index cefe0a0398a7..b78ffa8227ce 100644 --- a/t/router/radixtree-uri-host.t +++ b/t/router/radixtree-uri-host.t @@ -34,6 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; +$yaml_config =~ s/token_admin:/# token_admin:/; run_tests(); diff --git a/t/router/radixtree-uri-multiple.t b/t/router/radixtree-uri-multiple.t index f591fd7686b9..af53bdae0476 100644 --- a/t/router/radixtree-uri-multiple.t +++ b/t/router/radixtree-uri-multiple.t @@ -34,6 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; +$yaml_config =~ s/token_admin:/# token_admin:/; run_tests(); diff --git a/t/router/radixtree-uri-priority.t b/t/router/radixtree-uri-priority.t index efae88cce186..443ef97ce24d 100644 --- a/t/router/radixtree-uri-priority.t +++ b/t/router/radixtree-uri-priority.t @@ -34,6 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; +$yaml_config =~ s/token_admin:/# token_admin:/; run_tests(); diff --git a/t/router/radixtree-uri-sanity.t b/t/router/radixtree-uri-sanity.t index d34ecbc836e2..3963d4cbe8e1 100644 --- a/t/router/radixtree-uri-sanity.t +++ b/t/router/radixtree-uri-sanity.t @@ -34,6 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; +$yaml_config =~ s/token_admin:/# token_admin:/; run_tests(); From 73d892050709fb6ea1114758f097379916e5de80 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 10:44:28 +0800 Subject: [PATCH 05/11] change: Refer to swagger for naming styles. https://swagger.io/docs/specification/authentication/api-keys/ --- lua/apisix/admin/init.lua | 20 +++++++++++++++----- t/admin/token.t | 24 ++++++++++++++++++++++-- 2 files changed, 37 insertions(+), 7 deletions(-) diff --git a/lua/apisix/admin/init.lua b/lua/apisix/admin/init.lua index 09ca4d7ee532..cd42474f0246 100644 --- a/lua/apisix/admin/init.lua +++ b/lua/apisix/admin/init.lua @@ -45,14 +45,15 @@ local _M = {version = 0.4} local router -local function check_token() +local function check_token(ctx) local local_conf = core.config.local_conf() if not local_conf or not local_conf.apisix or not local_conf.apisix.token_admin then return true end - local req_token = ngx.var.http_apikey + local req_token = ctx.var.arg_api_key or ctx.var.http_x_api_key + or ctx.var.cookie_x_api_key if not req_token then return false, "missing apikey" end @@ -66,7 +67,10 @@ end local function run() - local ok, err = check_token() + local api_ctx = {} + core.ctx.set_vars_meta(api_ctx) + + local ok, err = check_token(api_ctx) if not ok then core.log.warn("failed to check token: ", err) core.response.exit(401) @@ -125,7 +129,10 @@ end local function get_plugins_list() - local ok, err = check_token() + local api_ctx = {} + core.ctx.set_vars_meta(api_ctx) + + local ok, err = check_token(api_ctx) if not ok then core.log.warn("failed to check token: ", err) core.response.exit(401) @@ -137,7 +144,10 @@ end local function post_reload_plugins() - local ok, err = check_token() + local api_ctx = {} + core.ctx.set_vars_meta(api_ctx) + + local ok, err = check_token(api_ctx) if not ok then core.log.warn("failed to check token: ", err) core.response.exit(401) diff --git a/t/admin/token.t b/t/admin/token.t index bbf07baebda6..252c19c0a8e7 100644 --- a/t/admin/token.t +++ b/t/admin/token.t @@ -132,7 +132,7 @@ GET /t }, "uri": "/index.html" }]], - {apikey = "33926bc55db5e2c3"} + {x_api_key = "33926bc55db5e2c3"} ) if res.status > 299 then @@ -161,7 +161,27 @@ GET /apisix/admin/plugins/list === TEST 5: reload plugins --- request -GET /apisix/admin/plugins/reload +PUT /apisix/admin/plugins/reload --- error_code: 401 --- no_error_log [error] + + + +=== TEST 6: reload plugins with api key(arguments) +--- request +PUT /apisix/admin/plugins/reload?api_key=33926bc55db5e2c3 +--- error_code: 200 +--- no_error_log +[error] + + + +=== TEST 7: reload plugins with api key(cookie) +--- request +PUT /apisix/admin/plugins/reload +--- more_headers +X-API-KEY: 33926bc55db5e2c3 +--- error_code: 200 +--- no_error_log +[error] From d880994ab9a28b692c44e017f16250c67f843876 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 14:54:00 +0800 Subject: [PATCH 06/11] doc: added Admin API token. --- FAQ.md | 4 ++-- FAQ_CN.md | 4 ++-- benchmark/run.sh | 4 ++-- conf/config.yaml | 6 ++++- doc/admin-api-cn.md | 6 ++--- doc/admin-api.md | 6 ++--- doc/architecture-design-cn.md | 36 +++++++++++++++--------------- doc/architecture-design.md | 34 ++++++++++++++-------------- doc/benchmark.md | 4 ++-- doc/getting-started.md | 10 ++++----- doc/grpc-proxy-cn.md | 2 +- doc/grpc-proxy.md | 2 +- doc/health-check.md | 2 +- doc/https-cn.md | 4 ++-- doc/https.md | 4 ++-- doc/plugins-cn.md | 2 +- doc/plugins.md | 2 +- doc/plugins/basic-auth-cn.md | 6 ++--- doc/plugins/basic-auth.md | 4 ++-- doc/plugins/fault-injection-cn.md | 6 ++--- doc/plugins/fault-injection.md | 6 ++--- doc/plugins/grpc-transcoding-cn.md | 6 ++--- doc/plugins/grpc-transcoding.md | 4 ++-- doc/plugins/ip-restriction-cn.md | 2 +- doc/plugins/ip-restriction.md | 2 +- doc/plugins/jwt-auth-cn.md | 4 ++-- doc/plugins/jwt-auth.md | 4 ++-- doc/plugins/key-auth-cn.md | 4 ++-- doc/plugins/key-auth.md | 4 ++-- doc/plugins/limit-conn-cn.md | 4 ++-- doc/plugins/limit-conn.md | 4 ++-- doc/plugins/limit-count-cn.md | 6 ++--- doc/plugins/limit-count.md | 6 ++--- doc/plugins/limit-req-cn.md | 4 ++-- doc/plugins/limit-req.md | 4 ++-- doc/plugins/mqtt-proxy-cn.md | 2 +- doc/plugins/mqtt-proxy.md | 2 +- doc/plugins/oauth.md | 2 +- doc/plugins/prometheus-cn.md | 2 +- doc/plugins/prometheus.md | 2 +- doc/plugins/proxy-rewrite-cn.md | 4 ++-- doc/plugins/proxy-rewrite.md | 4 ++-- doc/plugins/redirect-cn.md | 6 ++--- doc/plugins/redirect.md | 6 ++--- doc/plugins/response-rewrite-cn.md | 2 +- doc/plugins/response-rewrite.md | 4 ++-- doc/plugins/serverless-cn.md | 4 ++-- doc/plugins/serverless.md | 4 ++-- doc/plugins/wolf-rbac-cn.md | 6 ++--- doc/plugins/wolf-rbac.md | 6 ++--- doc/plugins/zipkin-cn.md | 2 +- doc/plugins/zipkin.md | 2 +- doc/router-radixtree.md | 2 +- doc/stream-proxy-cn.md | 4 ++-- doc/stream-proxy.md | 4 ++-- t/admin/token.t | 6 ++--- t/grpc-proxy-test.sh | 2 +- 57 files changed, 147 insertions(+), 143 deletions(-) diff --git a/FAQ.md b/FAQ.md index 26ee8e97fa05..166a8b04731a 100644 --- a/FAQ.md +++ b/FAQ.md @@ -80,7 +80,7 @@ An example, if you want to group by the request param `arg_id`: here is the way: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "vars": [ @@ -93,7 +93,7 @@ curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' } }' -curl -i http://127.0.0.1:9080/apisix/admin/routes/2 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/2 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "vars": [ diff --git a/FAQ_CN.md b/FAQ_CN.md index 55f4ceb3dc89..3775093bc825 100644 --- a/FAQ_CN.md +++ b/FAQ_CN.md @@ -82,7 +82,7 @@ luarocks 服务。 运行 `luarocks config rocks_servers` 命令(这个命令 可以这么做: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "vars": [ @@ -95,7 +95,7 @@ curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' } }' -curl -i http://127.0.0.1:9080/apisix/admin/routes/2 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/2 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "vars": [ diff --git a/benchmark/run.sh b/benchmark/run.sh index b0d26adbea8c..ff068d64f57b 100755 --- a/benchmark/run.sh +++ b/benchmark/run.sh @@ -44,7 +44,7 @@ sleep 3 ############################################# echo -e "\n\napisix: $worker_cnt worker + 1 upstream + no plugin" -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hello", "plugins": { @@ -70,7 +70,7 @@ sleep 1 ############################################# echo -e "\n\napisix: $worker_cnt worker + 1 upstream + 2 plugins (limit-count + prometheus)" -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hello", "plugins": { diff --git a/conf/config.yaml b/conf/config.yaml index 2675c120e2ee..380a82abdb66 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -39,7 +39,11 @@ apisix: # - 127.0.0.0/24 # If we don't set any IP list, then any IP access is allowed by default. # - "::/64" # port_admin: 9180 # use a separate port - token_admin: 33926bc55db5e2c3 # default token when use API to call for Admin API + token_admin: edd1c9f034335f136f87ad84b625c8f1 + # Default token when use API to call for Admin API. + # *NOTE*: Highly recommended to modify this value to protect APISIX's Admin API. + # Disabling this configuration item means that the Admin API does not + # require any authentication. router: http: 'radixtree_uri' # radixtree_uri: match route by uri(base on radixtree) # radixtree_host_uri: match route by host + uri(base on radixtree) diff --git a/doc/admin-api-cn.md b/doc/admin-api-cn.md index 6a449e53d9b6..42471a633c04 100644 --- a/doc/admin-api-cn.md +++ b/doc/admin-api-cn.md @@ -75,7 +75,7 @@ ```shell # 创建一个路由 -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -i -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/index.html", "hosts": ["foo.com", "*.bar.com"], @@ -94,7 +94,7 @@ Date: Sat, 31 Aug 2019 01:17:15 GMT ... # 创建一个有效期为 60 秒的路由,过期后自动删除 -$ curl http://127.0.0.1:9080/apisix/admin/routes/2?ttl=60 -X PUT -i -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/2?ttl=60 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/aa/index.html", "upstream": { @@ -128,7 +128,7 @@ Date: Sat, 31 Aug 2019 01:17:15 GMT 请看下面例子,匹配请求参数 name 等于 json ,age 大于 18 且 address 开头是 China 的请求: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -i -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/index.html", "vars": [ diff --git a/doc/admin-api.md b/doc/admin-api.md index bdc2a3a2fee3..f9339e0a5fc1 100644 --- a/doc/admin-api.md +++ b/doc/admin-api.md @@ -71,7 +71,7 @@ Example: ```shell # Create a route -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -i -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/index.html", "hosts": ["foo.com", "*.bar.com"], @@ -90,7 +90,7 @@ Date: Sat, 31 Aug 2019 01:17:15 GMT ... # Create a route expires after 60 seconds, then it's deleted automatically -$ curl http://127.0.0.1:9080/apisix/admin/routes/2?ttl=60 -X PUT -i -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/2?ttl=60 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/aa/index.html", "upstream": { @@ -124,7 +124,7 @@ Return response from etcd currently. Consider the following example: matching requests whose `request name` is equal to `json`, `age` is greater than `18`, and `address` begins with `China`: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -i -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/index.html", "vars": [ diff --git a/doc/architecture-design-cn.md b/doc/architecture-design-cn.md index 227ba2551349..074715141b14 100644 --- a/doc/architecture-design-cn.md +++ b/doc/architecture-design-cn.md @@ -80,7 +80,7 @@ Route 中主要包含三部分内容:匹配规则(比如 uri、host、remote_a 下面创建的 Route 示例,是把 uri 为 "/index.html" 的请求代理到地址为 "39.97.63.215:80" 的 Upstream 服务: ```shell -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -i -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/index.html", "upstream": { @@ -120,7 +120,7 @@ Server: APISIX web server ```shell # create new Service -$ curl http://127.0.0.1:9080/apisix/admin/services/200 -X PUT -d ' +$ curl http://127.0.0.1:9080/apisix/admin/services/200 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "limit-count": { @@ -139,14 +139,14 @@ $ curl http://127.0.0.1:9080/apisix/admin/services/200 -X PUT -d ' }' # create new Route and reference the service by id `200` -curl http://127.0.0.1:9080/apisix/admin/routes/100 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/100 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", "service_id": "200" }' -curl http://127.0.0.1:9080/apisix/admin/routes/101 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/101 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/foo/index.html", @@ -157,7 +157,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/101 -X PUT -d ' 当然我们也可以为 Route 指定不同的插件参数或上游,比如下面这个 Route 设置了不同的限流参数,其他部分(比如上游)则继续使用 Service 中的配置参数。 ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/102 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/102 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/bar/index.html", "id": "102", @@ -253,7 +253,7 @@ APISIX 的 Upstream 除了基本的复杂均衡算法选择外,还支持对上 创建上游对象用例: ```json -curl http://127.0.0.1:9080/apisix/admin/upstreams/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/upstreams/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "type": "roundrobin", "nodes": { @@ -263,7 +263,7 @@ curl http://127.0.0.1:9080/apisix/admin/upstreams/1 -X PUT -d ' } }' -curl http://127.0.0.1:9080/apisix/admin/upstreams/2 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/upstreams/2 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "type": "chash", "key": "remote_addr", @@ -278,7 +278,7 @@ curl http://127.0.0.1:9080/apisix/admin/upstreams/2 -X PUT -d ' 上游对象创建后,均可以被具体 `Route` 或 `Service` 引用,例如: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "upstream_id": 2 @@ -288,7 +288,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' 为了方便使用,也可以直接把上游地址直接绑到某个 `Route` 或 `Service` ,例如: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -310,7 +310,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' 下面是一个配置了健康检查的示例: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -350,7 +350,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' ##### Consumer 创建一个consumer对象: ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ` +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ` { "username": "jack", "plugins": { @@ -362,7 +362,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ` ``` 新建路由,打开`key-auth`插件认证,`upstream`的`hash_on`类型为`consumer`: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "key-auth": {} @@ -386,7 +386,7 @@ curl http://127.0.0.1:9080/server_port -H "apikey: auth-jack" ##### Cookie 新建路由和`Upstream`,`hash_on`类型为`cookie`: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hash_on_cookie", "upstream": { @@ -403,13 +403,13 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' 客户端请求携带`Cookie`: ```shell - curl http://127.0.0.1:9080/hash_on_cookie -H "Cookie: sid=3c183a30cffcda1408daf1c61d47b274" + curl http://127.0.0.1:9080/hash_on_cookie -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -H "Cookie: sid=3c183a30cffcda1408daf1c61d47b274" ``` ##### Header 新建路由和`Upstream`,`hash_on`类型为`header`, `key`为`content-type`: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hash_on_header", "upstream": { @@ -426,7 +426,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' 客户端请求携带`content-type`的`header`: ```shell - curl http://127.0.0.1:9080/hash_on_header -H "Content-Type: application/json" + curl http://127.0.0.1:9080/hash_on_header -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -H "Content-Type: application/json" ``` [返回目录](#目录) @@ -482,7 +482,7 @@ APISIX 区别于其他 API 网关的一大特点是允许用户选择不同 Rout ```shell # 创建 Consumer ,指定认证插件 key-auth ,并开启特定插件 limit-count -$ curl http://127.0.0.1:9080/apisix/admin/consumers/1 -X PUT -d ' +$ curl http://127.0.0.1:9080/apisix/admin/consumers/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "jack", "plugins": { @@ -499,7 +499,7 @@ $ curl http://127.0.0.1:9080/apisix/admin/consumers/1 -X PUT -d ' }' # 创建 Router,设置路由规则和启用插件配置 -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "key-auth": {} diff --git a/doc/architecture-design.md b/doc/architecture-design.md index d678da9ed821..3a312f781612 100644 --- a/doc/architecture-design.md +++ b/doc/architecture-design.md @@ -81,7 +81,7 @@ The shortcomings mentioned above are independently abstracted in APISIX by the t The route example created below is to proxy the request with uri `/index.html` to the Upstream service with the address `39.97.63.215:80`: ```shell -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -i -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/index.html", "upstream": { @@ -120,7 +120,7 @@ The following example creates a Service that enables the current-limit plugin, a ```shell # create new Service -$ curl http://127.0.0.1:9080/apisix/admin/services/200 -X PUT -d ' +$ curl http://127.0.0.1:9080/apisix/admin/services/200 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "limit-count": { @@ -139,14 +139,14 @@ $ curl http://127.0.0.1:9080/apisix/admin/services/200 -X PUT -d ' }' # create new Route and reference the service by id `200` -curl http://127.0.0.1:9080/apisix/admin/routes/100 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/100 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", "service_id": "200" }' -curl http://127.0.0.1:9080/apisix/admin/routes/101 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/101 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/foo/index.html", @@ -157,7 +157,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/101 -X PUT -d ' Of course, we can also specify different plugin parameters or upstream for Route. Some of the following Routes have different current-limit parameters. Other parts (such as upstream) continue to use the configuration parameters in Service. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/102 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/102 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/bar/index.html", "id": "102", @@ -241,7 +241,7 @@ In addition to the basic complex equalization algorithm selection, APISIX's Upst Create an upstream object use case: ```json -curl http://127.0.0.1:9080/apisix/admin/upstreams/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/upstreams/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "type": "roundrobin", "nodes": { @@ -251,7 +251,7 @@ curl http://127.0.0.1:9080/apisix/admin/upstreams/1 -X PUT -d ' } }' -curl http://127.0.0.1:9080/apisix/admin/upstreams/2 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/upstreams/2 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "type": "chash", "key": "remote_addr", @@ -266,7 +266,7 @@ curl http://127.0.0.1:9080/apisix/admin/upstreams/2 -X PUT -d ' After the upstream object is created, it can be referenced by specific `Route` or `Service`, for example: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "upstream_id": 2 @@ -276,7 +276,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' For convenience, you can also directly bind the upstream address to a `Route` or `Service`, for example: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -299,7 +299,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' Here's an example of configuring a health check: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -340,7 +340,7 @@ Here are some examples of configurations using different `hash_on` types: ##### Consumer Create a consumer object: ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ` +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ` { "username": "jack", "plugins": { @@ -352,7 +352,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ` ``` Create route object and enable `key-auth` plugin authentication: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "key-auth": {} @@ -376,7 +376,7 @@ curl http://127.0.0.1:9080/server_port -H "apikey: auth-jack" ##### Cookie Create route and upstream object, `hash_on` is `cookie`: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hash_on_cookie", "upstream": { @@ -398,7 +398,7 @@ The client requests with `Cookie`: ##### Header Create route and upstream object, `hash_on` is `header`, `key` is `Content-Type`: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hash_on_header", "upstream": { @@ -415,7 +415,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' The client requests with header `Content-Type`: ```shell - curl http://127.0.0.1:9080/hash_on_header -H "Content-Type: application/json" + curl http://127.0.0.1:9080/hash_on_header -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -H "Content-Type: application/json" ``` [Back to top](#Table-of-contents) @@ -471,7 +471,7 @@ How to enable a specific plugin for a Consumer, you can see the following exampl ```shell # Create a Consumer , specify the authentication plugin key-auth, and enable the specific plugin limit-count -$ curl http://127.0.0.1:9080/apisix/admin/consumers/1 -X PUT -d ' +$ curl http://127.0.0.1:9080/apisix/admin/consumers/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "jack", "plugins": { @@ -488,7 +488,7 @@ $ curl http://127.0.0.1:9080/apisix/admin/consumers/1 -X PUT -d ' }' # Create a Router, set routing rules and enable plugin configuration -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "key-auth": {} diff --git a/doc/benchmark.md b/doc/benchmark.md index b2fbf1194683..ac63f5e3c15c 100644 --- a/doc/benchmark.md +++ b/doc/benchmark.md @@ -45,7 +45,7 @@ The result of Flame Graph: And if you want to run the benchmark test in your machine, you should run another Nginx to listen 80 port. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/hello", @@ -86,7 +86,7 @@ The result of Flame Graph: And if you want to run the benchmark test in your machine, you should run another Nginx to listen 80 port. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/hello", diff --git a/doc/getting-started.md b/doc/getting-started.md index 9d2f1564d14a..01b4d03617cf 100644 --- a/doc/getting-started.md +++ b/doc/getting-started.md @@ -58,7 +58,7 @@ It will take a while to download the source for the first time. But the conseque After the docker containers have started visit the following link to check if you are getting a successful response. ```bash -$ curl "http://127.0.0.1:9080/apisix/admin/services/" +$ curl "http://127.0.0.1:9080/apisix/admin/services/" -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' ``` The following will be the response from the Admin API. @@ -128,7 +128,7 @@ Technically all this information(upstream or service, plugins) can be included i Execute the following command to create an upstream with the id of '50' in APISIX. Let's use the round-robin mechanism for load balancing. ```bash -curl "http://127.0.0.1:9080/apisix/admin/upstreams/50" -X PUT -d ' +curl "http://127.0.0.1:9080/apisix/admin/upstreams/50" -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "type": "roundrobin", "nodes": { @@ -142,7 +142,7 @@ curl "http://127.0.0.1:9080/apisix/admin/upstreams/50" -X PUT -d ' By default APISIX proxies the request via the HTTP protocol. As our backend is hosted in a HTTPS environment, let's use the proxy-rewrite plugin to change the scheme to HTTPS. ```bash -curl "http://127.0.0.1:9080/apisix/admin/routes/5" -X PUT -d ' +curl "http://127.0.0.1:9080/apisix/admin/routes/5" -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/get", "host": "httpbin.org", @@ -177,7 +177,7 @@ Execute the following command to create a user called John with a dedicated api- Note: APISIX supports multiple authentication mechanism, view the plugin docs to learn more. ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "john", "plugins": { @@ -191,7 +191,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' Now, let's configure our endpoint to include the key-auth plugin. ```bash -curl http://127.0.0.1:9080/apisix/admin/routes/5 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/5 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/get", "host": "httpbin.org", diff --git a/doc/grpc-proxy-cn.md b/doc/grpc-proxy-cn.md index 301933c74c68..4c1647b6351f 100644 --- a/doc/grpc-proxy-cn.md +++ b/doc/grpc-proxy-cn.md @@ -40,7 +40,7 @@ * 下面例子所代理的 gRPC 服务可供参考:[grpc_server_example](https://github.com/iresty/grpc_server_example)。 ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["POST", "GET"], "uri": "/helloworld.Greeter/SayHello", diff --git a/doc/grpc-proxy.md b/doc/grpc-proxy.md index c59141c3e2f2..a6b8cf01cf34 100644 --- a/doc/grpc-proxy.md +++ b/doc/grpc-proxy.md @@ -41,7 +41,7 @@ Here's an example, to proxying gRPC service by specified route: * the grpc server example:[grpc_server_example](https://github.com/iresty/grpc_server_example) ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["POST", "GET"], "uri": "/helloworld.Greeter/SayHello", diff --git a/doc/health-check.md b/doc/health-check.md index d9922186e569..00d4e544e305 100644 --- a/doc/health-check.md +++ b/doc/health-check.md @@ -26,7 +26,7 @@ you can use it for upstream. The following is a example of health check: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { diff --git a/doc/https-cn.md b/doc/https-cn.md index 34de2d434613..cf9a8ce7e4e7 100644 --- a/doc/https-cn.md +++ b/doc/https-cn.md @@ -33,7 +33,7 @@ SNI(Server Name Indication)是用来改善 SSL 和 TLS 的一项特性,它允 * `sni`: SSL 证书所指定的域名,注意在设置这个参数之前,你需要确保这个证书对应的私钥是有效的。 ```shell -curl http://127.0.0.1:9080/apisix/admin/ssl/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/ssl/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "cert": "...", "key": "....", @@ -70,7 +70,7 @@ curl --resolve 'test.com:9443:127.0.0.1' https://test.com:9443/hello -vvv 看下面这个例子,请注意 `sni` 这个属性: ```shell -curl http://127.0.0.1:9080/apisix/admin/ssl/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/ssl/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "cert": "...", "key": "....", diff --git a/doc/https.md b/doc/https.md index c63c709c3656..04f2ea5f37e9 100644 --- a/doc/https.md +++ b/doc/https.md @@ -31,7 +31,7 @@ It is most common for an SSL certificate to contain only one domain. We can crea * `sni`: Hostname to associate with this certificate as SNIs. To set this attribute this certificate must have a valid private key associated with it. ```shell -curl http://127.0.0.1:9080/apisix/admin/ssl/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/ssl/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "cert": "...", "key": "....", @@ -69,7 +69,7 @@ Here is an example, please pay attention on the field `sni`. ```shell -curl http://127.0.0.1:9080/apisix/admin/ssl/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/ssl/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "cert": "...", "key": "....", diff --git a/doc/plugins-cn.md b/doc/plugins-cn.md index e93afec79711..02632b27370a 100644 --- a/doc/plugins-cn.md +++ b/doc/plugins-cn.md @@ -25,5 +25,5 @@ APISIX 的插件是热加载的,不管你是新增、删除还是修改插件 只需要通过 admin API 发送一个 HTTP 请求即可: ```shell -curl http://127.0.0.1:9080/apisix/admin/plugins/reload -X PUT +curl http://127.0.0.1:9080/apisix/admin/plugins/reload -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT ``` diff --git a/doc/plugins.md b/doc/plugins.md index 711290c387a0..5f938c355872 100644 --- a/doc/plugins.md +++ b/doc/plugins.md @@ -24,5 +24,5 @@ APISIX plug-ins are hot-loaded. No matter you add, delete or modify plug-ins, yo Just send an HTTP request through admin API: ```shell -curl http://127.0.0.1:9080/apisix/admin/plugins/reload -X PUT +curl http://127.0.0.1:9080/apisix/admin/plugins/reload -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT ``` diff --git a/doc/plugins/basic-auth-cn.md b/doc/plugins/basic-auth-cn.md index 4ac16c8a9d81..19c8db500709 100644 --- a/doc/plugins/basic-auth-cn.md +++ b/doc/plugins/basic-auth-cn.md @@ -45,7 +45,7 @@ 1. 创建一个 consumer 对象,并设置插件 `basic-auth` 的值。 ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "foo", "plugins": { @@ -65,7 +65,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' 2. 创建 Route 或 Service 对象,并开启 `basic-auth` 插件。 ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/hello", @@ -128,7 +128,7 @@ hello, foo! 当你想去掉 `basic-auth` 插件的时候,很简单,在插件的配置中把对应的 `json` 配置删除即可,无须重启服务,即刻生效: ```shell -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/hello", diff --git a/doc/plugins/basic-auth.md b/doc/plugins/basic-auth.md index 26a9df17e31a..5c9efbaadfe3 100644 --- a/doc/plugins/basic-auth.md +++ b/doc/plugins/basic-auth.md @@ -47,7 +47,7 @@ For more information on Basic authentication, refer to [Wiki](https://en.wikiped 1. set a consumer and config the value of the `basic-auth` option ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "foo", "plugins": { @@ -71,7 +71,7 @@ then add basic-auth plugin in the Consumer page: 2. add a Route or add a Service , and enable the `basic-auth` plugin ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/hello", diff --git a/doc/plugins/fault-injection-cn.md b/doc/plugins/fault-injection-cn.md index da8d50a27196..103e6f7cfe27 100644 --- a/doc/plugins/fault-injection-cn.md +++ b/doc/plugins/fault-injection-cn.md @@ -40,7 +40,7 @@ 示例1:为特定路由启用 `fault-injection` 插件,并指定 `abort` 参数: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "fault-injection": { @@ -79,7 +79,7 @@ Fault Injection! 示例2:为特定路由启用 `fault-injection` 插件,并指定 `delay` 参数: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "fault-injection": { @@ -123,7 +123,7 @@ sys 0m0.010s 移除插件配置中相应的 JSON 配置可立即禁用该插件,无需重启服务: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hello", "plugins": {}, diff --git a/doc/plugins/fault-injection.md b/doc/plugins/fault-injection.md index 9ccccefc87a2..da510447e2dc 100644 --- a/doc/plugins/fault-injection.md +++ b/doc/plugins/fault-injection.md @@ -41,7 +41,7 @@ Note: `abort` and `delay` must have at least one. 1: enable the fault-injection plugin for a specific route and specify the abort attribute: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "fault-injection": { @@ -80,7 +80,7 @@ Fault Injection! 2: Enable the `fault-injection` plugin for a specific route and specify the `delay` attribute: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "plugins": { "fault-injection": { @@ -124,7 +124,7 @@ sys 0m0.010s Remove the corresponding JSON in the plugin configuration to disable the plugin immediately without restarting the service: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hello", "plugins": {}, diff --git a/doc/plugins/grpc-transcoding-cn.md b/doc/plugins/grpc-transcoding-cn.md index 83d80801a07c..835f6008f79b 100644 --- a/doc/plugins/grpc-transcoding-cn.md +++ b/doc/plugins/grpc-transcoding-cn.md @@ -32,7 +32,7 @@ HTTP(s) -> APISIX -> gRPC server 路径中最后的数字,会被用作 proto 的 id 做唯一标识,比如下面示例的 proto `id` 是 `1` : ```shell -curl http://127.0.0.1:9080/apisix/admin/proto/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/proto/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "content" : "syntax = \"proto3\"; package helloworld; @@ -66,7 +66,7 @@ curl http://127.0.0.1:9080/apisix/admin/proto/1 -X PUT -d ' * 例子所代理的 grpc 服务可参考:[grpc_server_example](https://github.com/iresty/grpc_server_example) ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/111 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/111 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/grpctest", @@ -133,7 +133,7 @@ Proxy-Connection: keep-alive > disable_hooks ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/23 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/23 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/zeebe/WorkflowInstanceCreate", diff --git a/doc/plugins/grpc-transcoding.md b/doc/plugins/grpc-transcoding.md index 0b5c391755c8..9813a2fdd8e9 100644 --- a/doc/plugins/grpc-transcoding.md +++ b/doc/plugins/grpc-transcoding.md @@ -33,7 +33,7 @@ HTTP(s) -> APISIX -> gRPC server Here's an example, adding a proto which `id` is `1`: ```shell -curl http://127.0.0.1:9080/apisix/admin/proto/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/proto/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "content" : "syntax = \"proto3\"; package helloworld; @@ -65,7 +65,7 @@ Here's an example, to enable the grpc-transcode plugin to specified route: * the grpc server example:[grpc_server_example](https://github.com/iresty/grpc_server_example) ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/111 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/111 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/grpctest", diff --git a/doc/plugins/ip-restriction-cn.md b/doc/plugins/ip-restriction-cn.md index 55f4754489de..c9f1fcfdb5cf 100644 --- a/doc/plugins/ip-restriction-cn.md +++ b/doc/plugins/ip-restriction-cn.md @@ -42,7 +42,7 @@ 下面是一个示例,在指定的 route 上开启了 `ip-restriction` 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "upstream": { diff --git a/doc/plugins/ip-restriction.md b/doc/plugins/ip-restriction.md index 429003fe4f8c..d6e0698747d8 100644 --- a/doc/plugins/ip-restriction.md +++ b/doc/plugins/ip-restriction.md @@ -48,7 +48,7 @@ together. Creates a route or service object, and enable plugin `ip-restriction`. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "upstream": { diff --git a/doc/plugins/jwt-auth-cn.md b/doc/plugins/jwt-auth-cn.md index a1ddbff455e3..7cfb9efd1fd4 100644 --- a/doc/plugins/jwt-auth-cn.md +++ b/doc/plugins/jwt-auth-cn.md @@ -47,7 +47,7 @@ 1. 创建一个 consumer 对象,并设置插件 `jwt-auth` 的值。 ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "jack", "plugins": { @@ -67,7 +67,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' 2. 创建 Route 或 Service 对象,并开启 `jwt-auth` 插件。 ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/jwt-auth.md b/doc/plugins/jwt-auth.md index 5a5aa06887ea..ff16914acef7 100644 --- a/doc/plugins/jwt-auth.md +++ b/doc/plugins/jwt-auth.md @@ -49,7 +49,7 @@ For more information on JWT, refer to [JWT](https://jwt.io/) for more informatio 1. set a consumer and config the value of the `jwt-auth` option ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "jack", "plugins": { @@ -71,7 +71,7 @@ then add jwt-auth plugin in the Consumer page: 2. add a Route or add a Service , and enable the `jwt-auth` plugin ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/key-auth-cn.md b/doc/plugins/key-auth-cn.md index 93cd7b72718b..e7b392c69bea 100644 --- a/doc/plugins/key-auth-cn.md +++ b/doc/plugins/key-auth-cn.md @@ -42,7 +42,7 @@ 1. 创建一个 consumer 对象,并设置插件 `key-auth` 的值。 ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "jack", "plugins": { @@ -62,7 +62,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' 2. 创建 route 或 service 对象,并开启 `key-auth` 插件。 ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/key-auth.md b/doc/plugins/key-auth.md index 33153ae0c289..acb02f77bb96 100644 --- a/doc/plugins/key-auth.md +++ b/doc/plugins/key-auth.md @@ -47,7 +47,7 @@ Two steps are required: 1. creates a consumer object, and set the attributes of plugin `key-auth`. ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username": "jack", "plugins": { @@ -67,7 +67,7 @@ Then add key-auth plugin: 2. creates a route or service object, and enable plugin `key-auth`. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/limit-conn-cn.md b/doc/plugins/limit-conn-cn.md index acb11c7185df..fb0b4d70b4ed 100644 --- a/doc/plugins/limit-conn-cn.md +++ b/doc/plugins/limit-conn-cn.md @@ -40,7 +40,7 @@ Apisix 的限制并发请求(或并发连接)插件。 下面是一个示例,在指定的 route 上开启了 limit-conn 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", @@ -93,7 +93,7 @@ curl -i http://127.0.0.1:9080/index.html?sleep=20 当你想去掉 limit-conn 插件的时候,很简单,在插件的配置中把对应的 json 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/limit-conn.md b/doc/plugins/limit-conn.md index c73ebac7765b..db963f777d31 100644 --- a/doc/plugins/limit-conn.md +++ b/doc/plugins/limit-conn.md @@ -45,7 +45,7 @@ Limiting request concurrency (or concurrent connections) plugin for Apisix. Here's an example, enable the limit-conn plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", @@ -99,7 +99,7 @@ When you want to disable the limit-conn plugin, it is very simple, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/limit-count-cn.md b/doc/plugins/limit-count-cn.md index 4082687e48b9..540569734ddc 100644 --- a/doc/plugins/limit-count-cn.md +++ b/doc/plugins/limit-count-cn.md @@ -42,7 +42,7 @@ 下面是一个示例,在指定的 `route` 上开启了 `limit count` 插件: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -73,7 +73,7 @@ curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' 请看下面例子: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -137,7 +137,7 @@ Server: APISIX web server 当你想去掉 `limit count` 插件的时候,很简单,在插件的配置中把对应的 json 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/limit-count.md b/doc/plugins/limit-count.md index 49ffeb6ade9f..5e5dad81db04 100644 --- a/doc/plugins/limit-count.md +++ b/doc/plugins/limit-count.md @@ -48,7 +48,7 @@ Limit request rate by a fixed number of requests in a given time window. Here's an example, enable the `limit count` plugin on the specified route: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -79,7 +79,7 @@ If you need a cluster-level precision traffic limit, then we can do it with the Here is the example: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -145,7 +145,7 @@ When you want to disable the `limit count` plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/limit-req-cn.md b/doc/plugins/limit-req-cn.md index 74b27f1f8761..25fb4e15f8e4 100644 --- a/doc/plugins/limit-req-cn.md +++ b/doc/plugins/limit-req-cn.md @@ -34,7 +34,7 @@ 下面是一个示例,在指定的 route 上开启了 limit req 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", @@ -92,7 +92,7 @@ Server: APISIX web server 当你想去掉 limit req 插件的时候,很简单,在插件的配置中把对应的 json 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/limit-req.md b/doc/plugins/limit-req.md index 59c18477cd11..6d41d2d9aab8 100644 --- a/doc/plugins/limit-req.md +++ b/doc/plugins/limit-req.md @@ -43,7 +43,7 @@ limit request rate using the "leaky bucket" method. Here's an example, enable the limit req plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", @@ -102,7 +102,7 @@ When you want to disable the limit req plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/mqtt-proxy-cn.md b/doc/plugins/mqtt-proxy-cn.md index 287fc317aee2..141e99897e26 100644 --- a/doc/plugins/mqtt-proxy-cn.md +++ b/doc/plugins/mqtt-proxy-cn.md @@ -60,7 +60,7 @@ 下面是一个示例,在指定的 route 上开启了 mqtt-proxy 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "remote_addr": "127.0.0.1", "plugins": { diff --git a/doc/plugins/mqtt-proxy.md b/doc/plugins/mqtt-proxy.md index fb0abe234c1d..83ff9f9cc863 100644 --- a/doc/plugins/mqtt-proxy.md +++ b/doc/plugins/mqtt-proxy.md @@ -66,7 +66,7 @@ Then send the MQTT request to port 9100. Creates a stream route, and enable plugin `mqtt-proxy`. ```shell -curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "remote_addr": "127.0.0.1", "plugins": { diff --git a/doc/plugins/oauth.md b/doc/plugins/oauth.md index fb893b324a4e..3ecfeeac6461 100644 --- a/doc/plugins/oauth.md +++ b/doc/plugins/oauth.md @@ -55,7 +55,7 @@ The following is the curl command to enable the plugin to an external service. This route will protect `https://httpbin.org/get`(echo service) by introspecting the token provided in the header of the request. ```bash -curl http://127.0.0.1:9080/apisix/admin/routes/5 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/5 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/get", "plugins": { diff --git a/doc/plugins/prometheus-cn.md b/doc/plugins/prometheus-cn.md index 139d9bffc71a..1dd814285cf1 100644 --- a/doc/plugins/prometheus-cn.md +++ b/doc/plugins/prometheus-cn.md @@ -34,7 +34,7 @@ 例子如下: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hello", "plugins": { diff --git a/doc/plugins/prometheus.md b/doc/plugins/prometheus.md index 154ede970dfd..37a29fa85fed 100644 --- a/doc/plugins/prometheus.md +++ b/doc/plugins/prometheus.md @@ -34,7 +34,7 @@ any options yet. For example: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/hello", "plugins": { diff --git a/doc/plugins/proxy-rewrite-cn.md b/doc/plugins/proxy-rewrite-cn.md index 1a4416271996..2ad1f81d05de 100644 --- a/doc/plugins/proxy-rewrite-cn.md +++ b/doc/plugins/proxy-rewrite-cn.md @@ -38,7 +38,7 @@ 下面是一个示例,在指定的 route 上开启了 `proxy rewrite` 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", @@ -81,7 +81,7 @@ curl -X GET http://127.0.0.1:9080/test/index.html 当你想去掉 `proxy rewrite` 插件的时候,很简单,在插件的配置中把对应的 json 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/proxy-rewrite.md b/doc/plugins/proxy-rewrite.md index c0b57552443c..86cc0ec1e183 100644 --- a/doc/plugins/proxy-rewrite.md +++ b/doc/plugins/proxy-rewrite.md @@ -45,7 +45,7 @@ upstream proxy info rewrite plugin. Here's an example, enable the `proxy rewrite` plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", @@ -89,7 +89,7 @@ When you want to disable the `proxy rewrite` plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately : ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/redirect-cn.md b/doc/plugins/redirect-cn.md index 5edaaf8bb378..1f6d0f78da08 100644 --- a/doc/plugins/redirect-cn.md +++ b/doc/plugins/redirect-cn.md @@ -37,7 +37,7 @@ URI 重定向插件。 下面是一个基本实例,为特定路由启用 `redirect` 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/test/index.html", "plugins": { @@ -58,7 +58,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' 我们可以在新的 URI 中使用 Nginx 内置的任意变量: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/test", "plugins": { @@ -99,7 +99,7 @@ Location: /test/default.html 移除插件配置中相应的 JSON 配置可立即禁用该插件,无需重启服务: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/test/index.html", "plugins": {}, diff --git a/doc/plugins/redirect.md b/doc/plugins/redirect.md index 8a0e44c8ca3d..18b55d0c500a 100644 --- a/doc/plugins/redirect.md +++ b/doc/plugins/redirect.md @@ -42,7 +42,7 @@ URI redirect. Here's a mini example, enable the `redirect` plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/test/index.html", "plugins": { @@ -63,7 +63,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' And we can use any Nginx built-in variable in the new URI. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/test", "plugins": { @@ -108,7 +108,7 @@ When you want to disable the `redirect` plugin, it is very simple, no need to restart the service, it will take effect immediately : ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/test/index.html", "plugins": {}, diff --git a/doc/plugins/response-rewrite-cn.md b/doc/plugins/response-rewrite-cn.md index d81e62b526d6..282260d9a32c 100644 --- a/doc/plugins/response-rewrite-cn.md +++ b/doc/plugins/response-rewrite-cn.md @@ -40,7 +40,7 @@ 下面是一个示例,在指定的 route 上开启了 `response rewrite` 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/response-rewrite.md b/doc/plugins/response-rewrite.md index 0857f37c8b27..d8f30e5ed8d0 100644 --- a/doc/plugins/response-rewrite.md +++ b/doc/plugins/response-rewrite.md @@ -44,7 +44,7 @@ response rewrite plugin, rewrite the content from upstream. Here's an example, enable the `response rewrite` plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", @@ -92,7 +92,7 @@ When you want to disable the `response rewrite` plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/serverless-cn.md b/doc/plugins/serverless-cn.md index c9f5f495e7a6..0c594ddc4dd5 100644 --- a/doc/plugins/serverless-cn.md +++ b/doc/plugins/serverless-cn.md @@ -57,7 +57,7 @@ ngx.say(count) 下面是一个示例,在指定的 route 上开启了 serverless 插件: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/index.html", "plugins": { @@ -88,7 +88,7 @@ curl -i http://127.0.0.1:9080/index.html 当你想去掉插件的时候,很简单,在插件的配置中把对应的 json 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/serverless.md b/doc/plugins/serverless.md index e6cffda388ab..b1a9475893d3 100644 --- a/doc/plugins/serverless.md +++ b/doc/plugins/serverless.md @@ -69,7 +69,7 @@ ngx.say(count) Here's an example, enable the serverless plugin on the specified route: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "uri": "/index.html", "plugins": { @@ -104,7 +104,7 @@ When you want to disable the serverless plugin, it is very simple, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/wolf-rbac-cn.md b/doc/plugins/wolf-rbac-cn.md index 37c9dd7b85ba..b18002f606dc 100644 --- a/doc/plugins/wolf-rbac-cn.md +++ b/doc/plugins/wolf-rbac-cn.md @@ -56,7 +56,7 @@ rbac功能由[wolf](https://github.com/iGeeky/wolf)提供, 有关 `wolf` 的更 1. 创建一个 consumer 对象,并设置插件 `wolf-rbac` 的值。 ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "username":"wolf_rbac", "plugins":{ @@ -80,7 +80,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' 2. 创建 Route 或 Service 对象,并开启 `wolf-rbac` 插件。 ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/*", @@ -190,7 +190,7 @@ HTTP/1.1 200 OK 当你想去掉 `rbac-wolf` 插件的时候,很简单,在routes中的插件配置中把对应的 `插件` 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/*", diff --git a/doc/plugins/wolf-rbac.md b/doc/plugins/wolf-rbac.md index e237b635c651..0204aac9a0ac 100644 --- a/doc/plugins/wolf-rbac.md +++ b/doc/plugins/wolf-rbac.md @@ -56,7 +56,7 @@ The rbac feature is provided by [wolf](https://github.com/iGeeky/wolf). For more 1. set a consumer and config the value of the `wolf-rbac`。 ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "username":"wolf_rbac", "plugins":{ @@ -80,7 +80,7 @@ Notes: The `appid` filled in above needs to already exist in the wolf system. 1. Add a `Route` or `Service` and enable the wolf-rbac plugin. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/*", @@ -192,7 +192,7 @@ When you want to disable the `wolf-rbac` plugin, it is very simple, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/*", diff --git a/doc/plugins/zipkin-cn.md b/doc/plugins/zipkin-cn.md index 2f439996845c..c5f04e8faeb9 100644 --- a/doc/plugins/zipkin-cn.md +++ b/doc/plugins/zipkin-cn.md @@ -42,7 +42,7 @@ 下面是一个示例,在指定的 route 上开启了 zipkin 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/zipkin.md b/doc/plugins/zipkin.md index 629e35b2f80c..ae936bb6c94e 100644 --- a/doc/plugins/zipkin.md +++ b/doc/plugins/zipkin.md @@ -45,7 +45,7 @@ It's also works with `Apache SkyWalking`, which is support Zipkin v1/v2 format. Here's an example, enable the zipkin plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/router-radixtree.md b/doc/router-radixtree.md index 0641dd779e42..de47cdaab7b6 100644 --- a/doc/router-radixtree.md +++ b/doc/router-radixtree.md @@ -75,7 +75,7 @@ Please take a look at [radixtree-new](https://github.com/iresty/lua-resty-radixt here is an simple example: ```shell -$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -i -d ' +$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -i -d ' { "uri": "/index.html", "vars": [ diff --git a/doc/stream-proxy-cn.md b/doc/stream-proxy-cn.md index 536751f42234..92416b258e15 100644 --- a/doc/stream-proxy-cn.md +++ b/doc/stream-proxy-cn.md @@ -46,7 +46,7 @@ apisix: 简例如下: ```shell -curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "remote_addr": "127.0.0.1", "upstream": { @@ -66,7 +66,7 @@ curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -X PUT -d ' 我们可以添加更多的选项来匹配 route ,例如 ```shell -curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "server_addr": "127.0.0.1", "server_port": 2000, diff --git a/doc/stream-proxy.md b/doc/stream-proxy.md index 0bf1197b4545..e149ce488f49 100644 --- a/doc/stream-proxy.md +++ b/doc/stream-proxy.md @@ -46,7 +46,7 @@ apisix: Here is a mini example: ```shell -curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "remote_addr": "127.0.0.1", "upstream": { @@ -67,7 +67,7 @@ For more use cases, please take a look at [test case](../t/stream-node/sanity.t) And we can add more limit options to match a route, here is an example: ```shell -curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/stream_routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "server_addr": "127.0.0.1", "server_port": 2000, diff --git a/t/admin/token.t b/t/admin/token.t index 252c19c0a8e7..09c4437b6daf 100644 --- a/t/admin/token.t +++ b/t/admin/token.t @@ -132,7 +132,7 @@ GET /t }, "uri": "/index.html" }]], - {x_api_key = "33926bc55db5e2c3"} + {x_api_key = "edd1c9f034335f136f87ad84b625c8f1"} ) if res.status > 299 then @@ -170,7 +170,7 @@ PUT /apisix/admin/plugins/reload === TEST 6: reload plugins with api key(arguments) --- request -PUT /apisix/admin/plugins/reload?api_key=33926bc55db5e2c3 +PUT /apisix/admin/plugins/reload?api_key=edd1c9f034335f136f87ad84b625c8f1 --- error_code: 200 --- no_error_log [error] @@ -181,7 +181,7 @@ PUT /apisix/admin/plugins/reload?api_key=33926bc55db5e2c3 --- request PUT /apisix/admin/plugins/reload --- more_headers -X-API-KEY: 33926bc55db5e2c3 +X-API-KEY: edd1c9f034335f136f87ad84b625c8f1 --- error_code: 200 --- no_error_log [error] diff --git a/t/grpc-proxy-test.sh b/t/grpc-proxy-test.sh index 50cd96f075cc..01b03f90d803 100644 --- a/t/grpc-proxy-test.sh +++ b/t/grpc-proxy-test.sh @@ -17,7 +17,7 @@ # #test grpc proxy -curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' { "methods": ["POST"], "uri": "/helloworld.Greeter/SayHello", From 1ae31402c8e72ffa4058461e681298dc064f312f Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 16:24:55 +0800 Subject: [PATCH 07/11] change: added more test cases and doc. --- conf/config.yaml | 20 +++++++++++++++----- doc/how-to-build-cn.md | 32 ++++++++++++++++++++++++++++++++ doc/how-to-build.md | 37 +++++++++++++++++++++++++++++++++++-- lua/apisix/admin/init.lua | 22 ++++++++++++++++++++-- t/admin/token.t | 18 ++++++++++++++++++ 5 files changed, 120 insertions(+), 9 deletions(-) diff --git a/conf/config.yaml b/conf/config.yaml index 380a82abdb66..770bd475f81a 100644 --- a/conf/config.yaml +++ b/conf/config.yaml @@ -39,11 +39,21 @@ apisix: # - 127.0.0.0/24 # If we don't set any IP list, then any IP access is allowed by default. # - "::/64" # port_admin: 9180 # use a separate port - token_admin: edd1c9f034335f136f87ad84b625c8f1 - # Default token when use API to call for Admin API. - # *NOTE*: Highly recommended to modify this value to protect APISIX's Admin API. - # Disabling this configuration item means that the Admin API does not - # require any authentication. + + # Default token when use API to call for Admin API. + # *NOTE*: Highly recommended to modify this value to protect APISIX's Admin API. + # Disabling this configuration item means that the Admin API does not + # require any authentication. + admin_key: + - + name: "admin" + key: edd1c9f034335f136f87ad84b625c8f1 + role: admin # admin: manage all configuration data + # viewer: only can view configuration data + - + name: "viewer" + key: 4054f7cf07e344346cd3f287985e76a2 + role: viewer router: http: 'radixtree_uri' # radixtree_uri: match route by uri(base on radixtree) # radixtree_host_uri: match route by host + uri(base on radixtree) diff --git a/doc/how-to-build-cn.md b/doc/how-to-build-cn.md index 2da7b954280b..c0000f123de1 100644 --- a/doc/how-to-build-cn.md +++ b/doc/how-to-build-cn.md @@ -108,3 +108,35 @@ Makefile rules: 4. 通过 perl 的 `prove` 命令来加载 test-nginx 的库,并运行 `/t` 目录下的测试案例集: * 直接运行:`prove -Itest-nginx/lib -r t` * 指定 nginx 二进制路径:`TEST_NGINX_BINARY=/usr/local/bin/openresty prove -Itest-nginx/lib -r t` + +## 5. 更新 Admin API 的 token ,保护 Apache APISIX + +修改 `conf/config.yaml` 中的 `apisix.admin_key` 并重启服务。例如下面例子: + +```yaml +apisix: + # ... ... + admin_key + - + name: "admin" + key: abcdefghabcdefgh + role: admin +``` + +当我们需要访问 Admin API 时,就可以使用上面记录的 key 作为 token 了。 + +```shell +$ curl http://127.0.0.1:9080/apisix/admin/routes?api_key=abcdefghabcdefgh -i +HTTP/1.1 200 OK +Date: Fri, 28 Feb 2020 07:48:04 GMT +Content-Type: text/plain +... ... +{"node":{...},"action":"get"} + +$ curl http://127.0.0.1:9080/apisix/admin/routes?api_key=abcdefghabcdefgh-invalid -i +HTTP/1.1 401 Unauthorized +Date: Fri, 28 Feb 2020 08:17:58 GMT +Content-Type: text/html +... ... +{"node":{...},"action":"get"} +``` diff --git a/doc/how-to-build.md b/doc/how-to-build.md index 8774f4b90319..a52a9ba58038 100644 --- a/doc/how-to-build.md +++ b/doc/how-to-build.md @@ -69,7 +69,7 @@ sudo luarocks install --lua-dir=/path/openresty/luajit apisix 1.1 sudo luarocks install apisix 1.1 ``` -## Manage (start/stop) APISIX Server +## 3. Manage (start/stop) APISIX Server We can start the APISIX server by command `make run` in APISIX home folder, or we can stop APISIX server by command `make stop`. @@ -102,7 +102,7 @@ Makefile rules: license-check: Check lua souce code for Apache License ``` -## Test +## 4. Test 1. Install perl's package manager `cpanminus` first 2. Then install `test-gninx` via `cpanm`::`sudo cpanm --notest Test::Nginx IPC::Run > build.log 2>&1 || (cat build.log && exit 1)` @@ -110,3 +110,36 @@ Makefile rules: 4. Load the `test-nginx` library with perl's `prove` command and run the test cases in the `/t` directory: * Run the test cases: `prove -Itest-nginx/lib -r t` * To set the path of nginx to run the test cases: `TEST_NGINX_BINARY=/usr/local/bin/openresty prove -Itest-nginx/lib -r t` + +## 5. Update Admin API token to protect Apache APISIX + +Changes the `apisix.admin_key` in the file `conf/config.yaml` and restart the service. +Here is an example: + +```yaml +apisix: + # ... ... + admin_key + - + name: "admin" + key: abcdefghabcdefgh + role: admin +``` + +When calling the Admin API, `key` can be used as a token. + +```shell +$ curl http://127.0.0.1:9080/apisix/admin/routes?api_key=abcdefghabcdefgh -i +HTTP/1.1 200 OK +Date: Fri, 28 Feb 2020 07:48:04 GMT +Content-Type: text/plain +... ... +{"node":{...},"action":"get"} + +$ curl http://127.0.0.1:9080/apisix/admin/routes?api_key=abcdefghabcdefgh-invalid -i +HTTP/1.1 401 Unauthorized +Date: Fri, 28 Feb 2020 08:17:58 GMT +Content-Type: text/html +... ... +{"node":{...},"action":"get"} +``` diff --git a/lua/apisix/admin/init.lua b/lua/apisix/admin/init.lua index cd42474f0246..ab13b4119d1c 100644 --- a/lua/apisix/admin/init.lua +++ b/lua/apisix/admin/init.lua @@ -27,6 +27,11 @@ local reload_event = "/apisix/admin/plugins/reload" local events +local viewer_methods = { + get = true, +} + + local resources = { routes = require("apisix.admin.routes"), services = require("apisix.admin.services"), @@ -48,7 +53,7 @@ local router local function check_token(ctx) local local_conf = core.config.local_conf() if not local_conf or not local_conf.apisix - or not local_conf.apisix.token_admin then + or not local_conf.apisix.admin_key then return true end @@ -58,10 +63,23 @@ local function check_token(ctx) return false, "missing apikey" end - if req_token ~= local_conf.apisix.token_admin then + local admin + for i, row in ipairs(local_conf.apisix.admin_key) do + if req_token == row.key then + admin = row + break + end + end + + if not admin then return false, "wrong apikey" end + if admin.role == "viewer" and + not viewer_methods[str_lower(get_method())] then + return false, "invalid method for role viewer" + end + return true end diff --git a/t/admin/token.t b/t/admin/token.t index 09c4437b6daf..80cc4417fee0 100644 --- a/t/admin/token.t +++ b/t/admin/token.t @@ -185,3 +185,21 @@ X-API-KEY: edd1c9f034335f136f87ad84b625c8f1 --- error_code: 200 --- no_error_log [error] + + + +=== TEST 8: reload plugins with api key(viewer role) +--- request +PUT /apisix/admin/plugins/reload?api_key=4054f7cf07e344346cd3f287985e76a2 +--- error_code: 401 +--- no_error_log +[error] + + + +=== TEST 9: fetch with api key(viewer role) +--- request +GET /apisix/admin/routes??api_key=4054f7cf07e344346cd3f287985e76a2 +--- error_code: 401 +--- no_error_log +[error] From 24dde7a5c9f36e00b2a2adf587f4854d885bd1e5 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 19:12:29 +0800 Subject: [PATCH 08/11] code style. --- lua/apisix/admin/init.lua | 1 + 1 file changed, 1 insertion(+) diff --git a/lua/apisix/admin/init.lua b/lua/apisix/admin/init.lua index ab13b4119d1c..af562884a54c 100644 --- a/lua/apisix/admin/init.lua +++ b/lua/apisix/admin/init.lua @@ -24,6 +24,7 @@ local tonumber = tonumber local str_lower = string.lower local require = require local reload_event = "/apisix/admin/plugins/reload" +local ipairs = ipairs local events From 2ba2c782aeaa4551fdf7f406daee40526eb49843 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 21:07:54 +0800 Subject: [PATCH 09/11] test: fixed wrong name. --- t/APISIX.pm | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/t/APISIX.pm b/t/APISIX.pm index 7db0651fe529..6d4da7ab9743 100644 --- a/t/APISIX.pm +++ b/t/APISIX.pm @@ -42,7 +42,7 @@ my $ssl_crt = read_file("conf/cert/apisix.crt"); my $ssl_key = read_file("conf/cert/apisix.key"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; -$yaml_config =~ s/token_admin:/# token_admin:/; +$yaml_config =~ s/admin_key:/admin_key_useless:/; my $profile = $ENV{"APISIX_PROFILE"}; From efe4629ef472ea8987046f69a8bb8e7bad25bddf Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Fri, 28 Feb 2020 23:27:20 +0800 Subject: [PATCH 10/11] test --- t/router/radixtree-host-uri.t | 2 +- t/router/radixtree-host-uri2.t | 2 +- t/router/radixtree-uri-host.t | 2 +- t/router/radixtree-uri-multiple.t | 2 +- t/router/radixtree-uri-priority.t | 2 +- t/router/radixtree-uri-sanity.t | 2 +- 6 files changed, 6 insertions(+), 6 deletions(-) diff --git a/t/router/radixtree-host-uri.t b/t/router/radixtree-host-uri.t index fb1c840af6f1..b0eb66bf2260 100644 --- a/t/router/radixtree-host-uri.t +++ b/t/router/radixtree-host-uri.t @@ -35,7 +35,7 @@ our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; $yaml_config =~ s/http: 'radixtree_uri'/http: 'radixtree_host_uri'/; -$yaml_config =~ s/token_admin:/# token_admin:/; +$yaml_config =~ s/admin_key:/admin_key_useless:/; run_tests(); diff --git a/t/router/radixtree-host-uri2.t b/t/router/radixtree-host-uri2.t index 4d8ac747b1b1..358ff12d74a4 100644 --- a/t/router/radixtree-host-uri2.t +++ b/t/router/radixtree-host-uri2.t @@ -37,7 +37,7 @@ $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; $yaml_config =~ s/config_center: etcd/config_center: yaml/; $yaml_config =~ s/enable_admin: true/enable_admin: false/; $yaml_config =~ s/http: 'radixtree_uri'/http: 'radixtree_host_uri'/; -$yaml_config =~ s/token_admin:/# token_admin:/; +$yaml_config =~ s/admin_key:/admin_key_useless:/; run_tests(); diff --git a/t/router/radixtree-uri-host.t b/t/router/radixtree-uri-host.t index b78ffa8227ce..9faa5085ae5f 100644 --- a/t/router/radixtree-uri-host.t +++ b/t/router/radixtree-uri-host.t @@ -34,7 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; -$yaml_config =~ s/token_admin:/# token_admin:/; +$yaml_config =~ s/admin_key:/admin_key_useless:/; run_tests(); diff --git a/t/router/radixtree-uri-multiple.t b/t/router/radixtree-uri-multiple.t index af53bdae0476..565f9de301d2 100644 --- a/t/router/radixtree-uri-multiple.t +++ b/t/router/radixtree-uri-multiple.t @@ -34,7 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; -$yaml_config =~ s/token_admin:/# token_admin:/; +$yaml_config =~ s/admin_key:/admin_key_useless:/; run_tests(); diff --git a/t/router/radixtree-uri-priority.t b/t/router/radixtree-uri-priority.t index 443ef97ce24d..6dc8f55e6eef 100644 --- a/t/router/radixtree-uri-priority.t +++ b/t/router/radixtree-uri-priority.t @@ -34,7 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; -$yaml_config =~ s/token_admin:/# token_admin:/; +$yaml_config =~ s/admin_key:/admin_key_useless:/; run_tests(); diff --git a/t/router/radixtree-uri-sanity.t b/t/router/radixtree-uri-sanity.t index 3963d4cbe8e1..3bfaa4377d1b 100644 --- a/t/router/radixtree-uri-sanity.t +++ b/t/router/radixtree-uri-sanity.t @@ -34,7 +34,7 @@ sub read_file($) { our $yaml_config = read_file("conf/config.yaml"); $yaml_config =~ s/node_listen: 9080/node_listen: 1984/; $yaml_config =~ s/enable_heartbeat: true/enable_heartbeat: false/; -$yaml_config =~ s/token_admin:/# token_admin:/; +$yaml_config =~ s/admin_key:/admin_key_useless:/; run_tests(); From bd48431f2b7dac0b5d9101c18238cef01230e3b1 Mon Sep 17 00:00:00 2001 From: Yuansheng Date: Sat, 29 Feb 2020 08:41:19 +0800 Subject: [PATCH 11/11] bugfix: added missing space. --- doc/plugins/prometheus.md | 2 +- doc/plugins/proxy-rewrite-cn.md | 4 ++-- doc/plugins/proxy-rewrite.md | 4 ++-- doc/plugins/redirect-cn.md | 6 +++--- doc/plugins/redirect.md | 6 +++--- doc/plugins/response-rewrite-cn.md | 2 +- doc/plugins/response-rewrite.md | 4 ++-- doc/plugins/serverless-cn.md | 4 ++-- doc/plugins/serverless.md | 4 ++-- doc/plugins/wolf-rbac-cn.md | 6 +++--- doc/plugins/wolf-rbac.md | 6 +++--- doc/plugins/zipkin-cn.md | 2 +- doc/plugins/zipkin.md | 2 +- t/grpc-proxy-test.sh | 6 ++++-- 14 files changed, 30 insertions(+), 28 deletions(-) mode change 100644 => 100755 t/grpc-proxy-test.sh diff --git a/doc/plugins/prometheus.md b/doc/plugins/prometheus.md index 37a29fa85fed..1b57a97cef3f 100644 --- a/doc/plugins/prometheus.md +++ b/doc/plugins/prometheus.md @@ -34,7 +34,7 @@ any options yet. For example: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/hello", "plugins": { diff --git a/doc/plugins/proxy-rewrite-cn.md b/doc/plugins/proxy-rewrite-cn.md index 2ad1f81d05de..a49bdf8eeded 100644 --- a/doc/plugins/proxy-rewrite-cn.md +++ b/doc/plugins/proxy-rewrite-cn.md @@ -38,7 +38,7 @@ 下面是一个示例,在指定的 route 上开启了 `proxy rewrite` 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", @@ -81,7 +81,7 @@ curl -X GET http://127.0.0.1:9080/test/index.html 当你想去掉 `proxy rewrite` 插件的时候,很简单,在插件的配置中把对应的 json 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/proxy-rewrite.md b/doc/plugins/proxy-rewrite.md index 86cc0ec1e183..06dd685e4f66 100644 --- a/doc/plugins/proxy-rewrite.md +++ b/doc/plugins/proxy-rewrite.md @@ -45,7 +45,7 @@ upstream proxy info rewrite plugin. Here's an example, enable the `proxy rewrite` plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", @@ -89,7 +89,7 @@ When you want to disable the `proxy rewrite` plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately : ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/redirect-cn.md b/doc/plugins/redirect-cn.md index 1f6d0f78da08..ba7d94ce35eb 100644 --- a/doc/plugins/redirect-cn.md +++ b/doc/plugins/redirect-cn.md @@ -37,7 +37,7 @@ URI 重定向插件。 下面是一个基本实例,为特定路由启用 `redirect` 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/test/index.html", "plugins": { @@ -58,7 +58,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f1 我们可以在新的 URI 中使用 Nginx 内置的任意变量: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/test", "plugins": { @@ -99,7 +99,7 @@ Location: /test/default.html 移除插件配置中相应的 JSON 配置可立即禁用该插件,无需重启服务: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/test/index.html", "plugins": {}, diff --git a/doc/plugins/redirect.md b/doc/plugins/redirect.md index 18b55d0c500a..86a12ab8fbe8 100644 --- a/doc/plugins/redirect.md +++ b/doc/plugins/redirect.md @@ -42,7 +42,7 @@ URI redirect. Here's a mini example, enable the `redirect` plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/test/index.html", "plugins": { @@ -63,7 +63,7 @@ curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f1 And we can use any Nginx built-in variable in the new URI. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/test", "plugins": { @@ -108,7 +108,7 @@ When you want to disable the `redirect` plugin, it is very simple, no need to restart the service, it will take effect immediately : ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/test/index.html", "plugins": {}, diff --git a/doc/plugins/response-rewrite-cn.md b/doc/plugins/response-rewrite-cn.md index 282260d9a32c..2a97f42f4a1d 100644 --- a/doc/plugins/response-rewrite-cn.md +++ b/doc/plugins/response-rewrite-cn.md @@ -40,7 +40,7 @@ 下面是一个示例,在指定的 route 上开启了 `response rewrite` 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/response-rewrite.md b/doc/plugins/response-rewrite.md index d8f30e5ed8d0..98adcb39f009 100644 --- a/doc/plugins/response-rewrite.md +++ b/doc/plugins/response-rewrite.md @@ -44,7 +44,7 @@ response rewrite plugin, rewrite the content from upstream. Here's an example, enable the `response rewrite` plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", @@ -92,7 +92,7 @@ When you want to disable the `response rewrite` plugin, it is very simple, you can delete the corresponding json configuration in the plugin configuration, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/test/index.html", diff --git a/doc/plugins/serverless-cn.md b/doc/plugins/serverless-cn.md index 0c594ddc4dd5..be8e7c84a4fb 100644 --- a/doc/plugins/serverless-cn.md +++ b/doc/plugins/serverless-cn.md @@ -57,7 +57,7 @@ ngx.say(count) 下面是一个示例,在指定的 route 上开启了 serverless 插件: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -88,7 +88,7 @@ curl -i http://127.0.0.1:9080/index.html 当你想去掉插件的时候,很简单,在插件的配置中把对应的 json 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/serverless.md b/doc/plugins/serverless.md index b1a9475893d3..c3a722f652d7 100644 --- a/doc/plugins/serverless.md +++ b/doc/plugins/serverless.md @@ -69,7 +69,7 @@ ngx.say(count) Here's an example, enable the serverless plugin on the specified route: ```shell -curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl -i http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "uri": "/index.html", "plugins": { @@ -104,7 +104,7 @@ When you want to disable the serverless plugin, it is very simple, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/wolf-rbac-cn.md b/doc/plugins/wolf-rbac-cn.md index b18002f606dc..bd062810e1e8 100644 --- a/doc/plugins/wolf-rbac-cn.md +++ b/doc/plugins/wolf-rbac-cn.md @@ -56,7 +56,7 @@ rbac功能由[wolf](https://github.com/iGeeky/wolf)提供, 有关 `wolf` 的更 1. 创建一个 consumer 对象,并设置插件 `wolf-rbac` 的值。 ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username":"wolf_rbac", "plugins":{ @@ -80,7 +80,7 @@ curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f 2. 创建 Route 或 Service 对象,并开启 `wolf-rbac` 插件。 ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/*", @@ -190,7 +190,7 @@ HTTP/1.1 200 OK 当你想去掉 `rbac-wolf` 插件的时候,很简单,在routes中的插件配置中把对应的 `插件` 配置删除即可,无须重启服务,即刻生效: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/*", diff --git a/doc/plugins/wolf-rbac.md b/doc/plugins/wolf-rbac.md index 0204aac9a0ac..0b582c69f444 100644 --- a/doc/plugins/wolf-rbac.md +++ b/doc/plugins/wolf-rbac.md @@ -56,7 +56,7 @@ The rbac feature is provided by [wolf](https://github.com/iGeeky/wolf). For more 1. set a consumer and config the value of the `wolf-rbac`。 ```shell -curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/consumers -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "username":"wolf_rbac", "plugins":{ @@ -80,7 +80,7 @@ Notes: The `appid` filled in above needs to already exist in the wolf system. 1. Add a `Route` or `Service` and enable the wolf-rbac plugin. ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/*", @@ -192,7 +192,7 @@ When you want to disable the `wolf-rbac` plugin, it is very simple, no need to restart the service, it will take effect immediately: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/*", diff --git a/doc/plugins/zipkin-cn.md b/doc/plugins/zipkin-cn.md index c5f04e8faeb9..2e5b75cfeda4 100644 --- a/doc/plugins/zipkin-cn.md +++ b/doc/plugins/zipkin-cn.md @@ -42,7 +42,7 @@ 下面是一个示例,在指定的 route 上开启了 zipkin 插件: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/doc/plugins/zipkin.md b/doc/plugins/zipkin.md index ae936bb6c94e..b3512190c1bd 100644 --- a/doc/plugins/zipkin.md +++ b/doc/plugins/zipkin.md @@ -45,7 +45,7 @@ It's also works with `Apache SkyWalking`, which is support Zipkin v1/v2 format. Here's an example, enable the zipkin plugin on the specified route: ```shell -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["GET"], "uri": "/index.html", diff --git a/t/grpc-proxy-test.sh b/t/grpc-proxy-test.sh old mode 100644 new mode 100755 index 01b03f90d803..6f8f2d145ad7 --- a/t/grpc-proxy-test.sh +++ b/t/grpc-proxy-test.sh @@ -1,4 +1,4 @@ -#!/usr/bin/env bash +#!/usr/bin/env sh # # Licensed to the Apache Software Foundation (ASF) under one or more # contributor license agreements. See the NOTICE file distributed with @@ -16,8 +16,10 @@ # limitations under the License. # +set -ex + #test grpc proxy -curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1'-X PUT -d ' +curl http://127.0.0.1:9080/apisix/admin/routes/1 -H 'X-API-KEY: edd1c9f034335f136f87ad84b625c8f1' -X PUT -d ' { "methods": ["POST"], "uri": "/helloworld.Greeter/SayHello",