• OpenAPI

** 新增API - 在目录 =/openapi/api/apis/= 下新增go文件，(example.go) #+BEGIN_SRC go //example.go package apis

var EXAMPLE = ApiSpec{ Path: "/example//path", BackendPath: "/example/backend//path", Host: "example.dice.marathon.l4lb.thisdcos.directory:9093", Scheme: "http", Method: "GET", CheckLogin: true, // 是否需要验证登陆 CheckToken: true, // 是否用token验证 // doc: swagger spec, https://swagger.io/docs/specification/2-0/basic-structure // json: {"desc": "string", "id": 1, "stats": {"timeLastModified": "2018-2-3 15:32:33"}} Doc: summary: example-summary parameters: - in: path name: example-id type: integer required: true produces: - application/json responses: '200': description: OK schema: type: object properties: desc: type: string id: type: integer stats: type: object properties: timeLastModified: type: string format: date-time , }

#+END_SRC

- make openapi

** token验证

*** 1. 创建 Client #+BEGIN_SRC curl -XPOST $OPENAPIHOST/api/openapi/manager/clients -d '{ "accessTokenValiditySeconds": 433200, "autoApprove": false, "clientId": "testId", "clientLogoUrl": "http://123.com ", "clientNam e": "测试应用", "clientSecret": "secret", "refreshTokenValiditySeconds": 433200, "userId": 1 }' #+END_SRC

• accessTokenValiditySeconds token有效时长（单位s）

*** 2. 申请 Token #+BEGIN_SRC SECRET = base64(:) curl -XPOST $OPENAPIHOST/api/openapi/client-token -H "Authorization: Basic $SECRET" #+END_SRC

*** 3. 使用Token 测试token是否生效: #+BEGIN_SRC curl $OPENAPIHOST/api/openapi/client-token -H "Authorization: Bearer " <----- 注意有个空格 #+END_SRC

对于 =CheckToken=true= 的API，可以使用token验证

*** 4. 后端服务 请求至后端服务在Header中有 Client-ID, Client-Name 信息

** BasicAuth 验证 对 =CheckBasicAuth=true= 的API有效

token = base64(:)

http header: "Authorization: Basic "