https://wenhan.blog/en/tags/plugin/ Recent content in Plugin on Wenhan blog Hugo -- gohugo.io en-US Tue, 23 Jan 2024 22:55:37 +0900 https://wenhan.blog/en/posts/20240123_kong-oidc-plugin-extra-use-cases/ Tue, 23 Jan 2024 22:55:37 +0900 https://wenhan.blog/en/posts/20240123_kong-oidc-plugin-extra-use-cases/ (Translated from https://tech.aufomm.com/kong-oidc-plugin-extra-use-cases/) The Kong OIDC plugin is very powerful and complex (it has nearly 200 parameters…), so if you know what combination of settings you need, you can do a lot more. In today’s post, I’ll introduce some use cases to help you make better use of this plugin. Note: I’m using Kong Gateway (Enterprise) version 2.4.1.1. Prerequisites Kong Gateway (Enterprise) An OIDC server is running (Keycloak in my example). https://wenhan.blog/en/posts/20230522_kong_jwt_plugin/ Mon, 22 May 2023 00:33:31 +0900 https://wenhan.blog/en/posts/20230522_kong_jwt_plugin/ (Translated from https://tech.aufomm.com/how-to-use-jwt-plugin/) Kong has many authentication plugins. This time, I would like to talk about how to use the JWT Plugin. Usage Example Create a Service 1 2 3 4 curl -X POST http://localhost:8001/services \ -H "Content-Type: application/json" \ -H "Accept: application/json, */*" \ -d '{"name":"jwt-service","url":"https://httpbin.org/anything"}' Create a Route 1 2 3 4 curl -X POST http://localhost:8001/services/jwt-service/routes \ -H "Content-Type: application/json" \ -H "Accept: application/json, */*" \ -d '{"name":"jwt-route","paths":["/jwt"]}' If you access the route with curl 'http://localhost:8000/jwt' -i, you should get HTTP/1. https://wenhan.blog/en/posts/20230220_exit_slack/ Mon, 20 Feb 2023 14:21:23 +0900 https://wenhan.blog/en/posts/20230220_exit_slack/ Background When accessing APIs via Kong Gateway, you may want to be notified if a request fails. The usual approach is to save logs with a logging plugin and then set up alerts and notifications using a third-party product (like ELK). However, using other products can be cumbersome to deploy, require licenses and extra configuration, and ideally, you’d like to achieve this within Kong itself. In this article, I’ll show how to use the Exit Transformer plugin to trigger a Slack Webhook via Lua script when a request results in an error. https://wenhan.blog/en/posts/20230127_plugin_ordering/ Fri, 27 Jan 2023 11:42:28 +0900 https://wenhan.blog/en/posts/20230127_plugin_ordering/ While working on a PoC with Kong Gateway, I encountered an issue. The PoC requirements were as follows: Protect the entire Gateway with the Key-auth plugin Use the Request-transformer plugin to add the required API Key to the header and pass authentication After configuring both plugins, even if the API key was added to the request, authentication still failed. 1 2 3 4 5 6 7 8 9 10 11 # key-auth is enabled ❯ http --header localhost:8000/demo | head -1 HTTP/1. https://wenhan.blog/en/posts/20220802_using-kong-gw-route-by-header-plugin/ Wed, 03 Aug 2022 01:19:02 +0900 https://wenhan.blog/en/posts/20220802_using-kong-gw-route-by-header-plugin/ Introduction In Kong Gateway, you can define subpaths in Routes to determine which Service to access. For example, if the subpath after the URL is pathA, traffic is routed to serviceA, which ultimately accesses endpointA. 1 http://mykong.org:8000/pathA => serviceA => endpointA However, sometimes you may want to determine the forwarding destination more dynamically, not just by subpath. This plugin uses pre-defined headers and destinations as rules, and determines the forwarding destination by looking at the request header information. https://wenhan.blog/en/posts/20220531_using-kong-canary-release-plugin/ Tue, 31 May 2022 13:58:39 +0900 https://wenhan.blog/en/posts/20220531_using-kong-canary-release-plugin/ Introduction With Kong Gateway plugins, you can easily set up canary releases. The canary release modes are not just simple percentages; you can also gradually increase traffic or configure whitelists and blacklists. This article is a memo on how to perform canary releases. https://docs.konghq.com/hub/kong-inc/canary/ Creating Service and Route For this demo, the current version will point to http://httpbin.org/xml, and the new release version will point to http://httpbin.org/json. So, if you hit the current version, you’ll get an XML response; if you hit the new version, you’ll get a JSON response. https://wenhan.blog/en/posts/20220517_using-kong-mocking-plugin/ Tue, 17 May 2022 13:58:39 +0900 https://wenhan.blog/en/posts/20220517_using-kong-mocking-plugin/ Introduction The Mocking plugin provides mock endpoints for testing APIs under development. Based on the Open API (OAS) specification, it returns mock responses to requests sent to the API. For flexibility in testing, the Mocking plugin can be easily enabled or disabled. https://docs.konghq.com/hub/kong-inc/mocking/ Note: This plugin can only return 200, 201, and 204 responses. It is designed for testing normal operations and cannot return codes outside the 200 range. In this article, we’ll build a db-less Kong Gateway environment using a Docker container and try out the Mocking Plugin on it.