Categorygithub.com/x-ream/traefik-plugin-jwt-antpath
repositorypackage
0.1.2
Repository: https://github.com/x-ream/traefik-plugin-jwt-antpath.git
Documentation: pkg.go.dev
Overview
Dependencies
17
Dependents
0

# README

JWT AntPath

workflow build

JWT AntPath is a middleware plugin for Traefik which verify JWT excludes configured path, and add payload to header

Limited support AntPath for interpreter plugin

  • AntPath only support / as separator
  • AntPath only support * as wildcard
  • AntPath only support ** as recursive wildcard

Support

          paths:
            - /base/app-home/**
            - /*/doc/**
            - /foo/*/doc/**
            - /foo/*

Not support: contains(path, "**") && !endWith2Star

          paths:
            - /**/app-home/**
            - /**/app-home/*
            - /**/doc/**
            - /**/doc/*
            - /foo/**/doc/**

Configuration

Traefik helm charts values.yml

experimental:
  plugins:
    traefik-plugin-jwt-antpath:
      moduleName: "github.com/x-ream/traefik-plugin-jwt-antpath"
      version: "v0.1.2"

K8s middleware

apiVersion: traefik.containo.us/v1alpha1
kind: Middleware
metadata:
  name: my-jwtantpath
spec:
  plugin:
    traefik-plugin-jwt-antpath:
      headerKey: "Authorization"
      secureKey: "my-secret-key"
      paths:
        - /base/app-home/**

App ingress values.yml

ingress:
  enabled: true
  annotations:
    traefik.ingress.kubernetes.io/router.entrypoints: web
    traefik.ingress.kubernetes.io/router.middlewares: test-my-jwtantpath@kubernetescrd,test-strip-prefix@kubernetescrd
  ingressClassName: traefik
  hosts:
    - host: myapp.com
      paths:
        - path: /base
          pathType: "Prefix"

Other configuration, not for k8s

Static

[experimental.plugins.traefik-plugin-jwt-antpath]
    modulename = "github.com/x-ream/traefik-plugin-jwt-antpath"
    version = "v0.1.2"

Dynamic

To configure the JWT AntPath plugin you should create a middleware in your dynamic configuration as explained here. The following example creates and uses the JWT AntPath middleware plugin to verify token and add payload to header of all HTTP requests exclude path starting with /foo.

[http.routers]
  [http.routers.my-router]
    rule = "Host(`localhost`)"
    middlewares = ["jwtantpath"]
    service = "my-service"

# Very jwt exclude all paths starting with /foo
[http.middlewares]
  [http.middlewares.foo.plugin.traefik-plugin-jwt-antpath]
    secureKey = "my-secret-key"
    headerKey =  "Authorization"  
    paths = ["/foo/**", "/*/goods/**"]

[http.services]
  [http.services.my-service]
    [http.services.my-service.loadBalancer]
      [[http.services.my-service.loadBalancer.servers]]
        url = "http://127.0.0.1"