diff --git a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/Program.cs b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/Program.cs index 761e836..3fcd11f 100644 --- a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/Program.cs +++ b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/Program.cs @@ -1,5 +1,4 @@ -using Microsoft.AspNetCore.Authentication.JwtBearer; -using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Logging; using Microsoft.IdentityModel.Protocols.OpenIdConnect; using Microsoft.IdentityModel.Tokens; using Ocelot.DependencyInjection; @@ -16,9 +15,9 @@ options.Authority = builder.Configuration["IdentityUrl"]; options.TokenValidationParameters = new TokenValidationParameters { - ValidateAudience = false + ValidateAudience = true, + ValidAudiences = new[] { "payment", "movies" } }; - // options.Configuration = new OpenIdConnectConfiguration(); }); builder.Services.AddOcelot(); @@ -47,8 +46,8 @@ builder.AllowAnyMethod(); }); app.UseHttpsRedirection(); -app.UseAuthorization(); app.UseAuthentication(); +app.UseAuthorization(); app.UseOcelot().Wait(); app.MapControllers(); app.Run(); diff --git a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.Development.json b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.Development.json index 7b04b11..4fae73d 100644 --- a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.Development.json +++ b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.Development.json @@ -5,6 +5,6 @@ "Microsoft.AspNetCore": "Warning" } }, - "IdentityUrl":"http://localhost:5002" + "IdentityUrl":"https://localhost:7096" } diff --git a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.json b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.json index 8f8e7b2..3833569 100644 --- a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.json +++ b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/appsettings.json @@ -6,6 +6,6 @@ } }, "AllowedHosts": "*", - "IdentityUrl": "http://localhost:5002" + "IdentityUrl": "https://localhost:7096" } diff --git a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/ocelot.Development.json b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/ocelot.Development.json index 955c596..f90cd05 100644 --- a/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/ocelot.Development.json +++ b/SimpleServer/src/ApiGateways/Web.Bff.SimpleNetflix/OcelotApiGw/ocelot.Development.json @@ -1,24 +1,122 @@ { "Routes": [ + { + "DownstreamPathTemplate": "/api/pricingPlans", + "DownstreamScheme": "http", + "DownstreamHostAndPorts": [ + { + "Host": "localhost", + "Port": 5031 + } + ], + "UpstreamHttpMethod": [ + "GET" + ], + "UpstreamPathTemplate": "/payment/planform/{everything}", + "AuthenticationOptions": { + "AuthenticationProviderKey": "IdentityApiKey", + "AllowedScopes": [ + "payment" + ] + } + }, + { + "DownstreamPathTemplate": "/api/pricingPlans", + "DownstreamScheme": "http", + "DownstreamHostAndPorts": [ + { + "Host": "localhost", + "Port": 5031 + } + ], + "UpstreamHttpMethod": [ + "GET" + ], + "UpstreamPathTemplate": "/payment/planform", + "AuthenticationOptions": { + "AuthenticationProviderKey": "IdentityApiKey", + "AllowedScopes": [ + "payment" + ] + } + }, + { + "DownstreamPathTemplate": "/api/subscription", + "DownstreamScheme": "http", + "DownstreamHostAndPorts": [ + { + "Host": "localhost", + "Port": 5031 + } + ], + "UpstreamHttpMethod": [ + "POST" + ], + "UpstreamPathTemplate": "/payment/subscriptions", + "AuthenticationOptions": { + "AuthenticationProviderKey": "IdentityApiKey", + "AllowedScopes": [ + "payment" + ] + } + }, + { + "DownstreamPathTemplate": "/api/create-payment-intent", + "DownstreamScheme": "http", + "DownstreamHostAndPorts": [ + { + "Host": "localhost", + "Port": 5031 + } + ], + "UpstreamHttpMethod": [ + "POST" + ], + "UpstreamPathTemplate": "/payment/checkout", + "AuthenticationOptions": { + "AuthenticationProviderKey": "IdentityApiKey", + "AllowedScopes": [ + "payment" + ] + } + }, + { + "DownstreamPathTemplate": "/subscription/success", + "DownstreamScheme": "http", + "DownstreamHostAndPorts": [ + { + "Host": "localhost", + "Port": 5031 + } + ], + "UpstreamHttpMethod": [ + "POST" + ], + "UpstreamPathTemplate": "/payment/success", + "AuthenticationOptions": { + "AuthenticationProviderKey": "IdentityApiKey", + "AllowedScopes": [ + "payment" + ] + } + }, { "DownstreamPathTemplate": "/api/movie", "DownstreamScheme": "http", "DownstreamHostAndPorts": [ { // Uncomment this to use the local api - // "Host": "localhost", - // "Port": 8000 - + "Host": "localhost", + "Port": 8000 // Uncomment this to use the docker container - "Host": "movie.api", - "Port": 80 + // "Host": "movie.api", + // "Port": 80 } ], "UpstreamPathTemplate": "/movies", "UpstreamHttpMethod": [ "GET", - "POST", - "PUT" + "POST" ], "AuthenticationOptions": { "AuthenticationProviderKey": "IdentityApiKey", @@ -27,8 +125,5 @@ ] } } - ], - "GlobalConfiguration": { - "BaseUrl": "http:localhost:5001" - } + ] } \ No newline at end of file diff --git a/SimpleServer/src/Services/Movie/Movie.API/appsettings.Development.json b/SimpleServer/src/Services/Movie/Movie.API/appsettings.Development.json index 4a4e8a3..1d2627b 100644 --- a/SimpleServer/src/Services/Movie/Movie.API/appsettings.Development.json +++ b/SimpleServer/src/Services/Movie/Movie.API/appsettings.Development.json @@ -10,7 +10,7 @@ "DatabaseName": "sampleDB", "CollectionName": "movies" }, - "IdentityUrl":"http://localhost:5002", + "IdentityUrl":"https://localhost:7096", "EventBusSettings": { "HostAddress": "amqp://guest:guest@localhost:5672" } diff --git a/SimpleServer/src/Services/Movie/Movie.API/appsettings.json b/SimpleServer/src/Services/Movie/Movie.API/appsettings.json index b54285d..f5a003b 100644 --- a/SimpleServer/src/Services/Movie/Movie.API/appsettings.json +++ b/SimpleServer/src/Services/Movie/Movie.API/appsettings.json @@ -6,7 +6,7 @@ } }, "AllowedHosts": "*", - "IdentityUrl":"http://localhost:5002", + "IdentityUrl":"https://localhost:7096", "EventBusSettings": { "HostAddress": "amqp://guest:guest@localhost:5672" } diff --git a/SimpleServer/src/Services/Payment/Payment.API/Program.cs b/SimpleServer/src/Services/Payment/Payment.API/Program.cs index c75405a..faa37d1 100644 --- a/SimpleServer/src/Services/Payment/Payment.API/Program.cs +++ b/SimpleServer/src/Services/Payment/Payment.API/Program.cs @@ -2,6 +2,7 @@ using Microsoft.AspNetCore.Server.Kestrel.Core; using Microsoft.EntityFrameworkCore; using Microsoft.IdentityModel.Logging; +using Microsoft.IdentityModel.Tokens; using Payment.API; using Payment.API.Data; using Payment.API.GrpcService; diff --git a/SimpleServer/src/Services/Payment/Payment.API/appsettings.json b/SimpleServer/src/Services/Payment/Payment.API/appsettings.json index fbfbc35..004299b 100644 --- a/SimpleServer/src/Services/Payment/Payment.API/appsettings.json +++ b/SimpleServer/src/Services/Payment/Payment.API/appsettings.json @@ -9,11 +9,6 @@ "ConnectionStrings": { "PaymentDB": "User ID=meofadmin;Password=123456;Server=localhost;Port=5432;Database=PaymentDB" }, - //"Kestrel": { - // "EndpointDefaults": { - // "Protocols": "Http2" - // } - //}, - "GrpcUrl": "http://localhost:50050", - "IdentityUrl": "http://localhost:5286" + "GrpcUrl": "https://aks.20.44.235.37.nip.io/", + "IdentityUrl": "https://localhost:7096" } diff --git a/deploy/k8s/apigw.yaml b/deploy/k8s/apigw.yaml index 48d622e..a4a74e9 100644 --- a/deploy/k8s/apigw.yaml +++ b/deploy/k8s/apigw.yaml @@ -50,26 +50,28 @@ spec: apiVersion: networking.k8s.io/v1 kind: Ingress metadata: - name: movie-service-ingress + name: apigw-service-ingress namespace: ingress-nginx annotations: kubernetes.io/ingress.class: nginx nginx.ingress.kubernetes.io/ssl-redirect: "true" nginx.ingress.kubernetes.io/use-regex: "true" cert-manager.io/cluster-issuer: letsencrypt + # nginx.ingress.kubernetes.io/rewrite-target: /identity/$2 spec: tls: - hosts: - - frontend.20.211.61.204.nip.io # update IP address here + - aks.20.44.235.37.nip.io # update IP address here secretName: app-web-cert rules: - - host: frontend.20.211.61.204.nip.io - http: - paths: - - path: /movies(/|$)(.*) - pathType: Prefix - backend: - service: - name: apigw-service - port: - number: 80 + - host: aks.20.44.235.37.nip.io + http: + paths: + - path: /(.*) + pathType: Prefix + backend: + service: + name: apigw-service + port: + number: 80 + diff --git a/deploy/k8s/identity-grpc.yaml b/deploy/k8s/identity-grpc.yaml index 7b718e7..9240886 100644 --- a/deploy/k8s/identity-grpc.yaml +++ b/deploy/k8s/identity-grpc.yaml @@ -17,7 +17,7 @@ spec: spec: containers: - name: identity-grpc - image: 281901/identity:dev + image: 281901/identity.grpc:dev imagePullPolicy: Always ports: - containerPort: 80 @@ -61,32 +61,4 @@ spec: app: identity-grpc ports: - protocol: TCP - port: 80 ---- -apiVersion: networking.k8s.io/v1 -kind: Ingress -metadata: - name: identity-service-ingress - namespace: ingress-nginx - annotations: - kubernetes.io/ingress.class: nginx - nginx.ingress.kubernetes.io/ssl-redirect: "true" - nginx.ingress.kubernetes.io/use-regex: "true" - cert-manager.io/cluster-issuer: letsencrypt - # nginx.ingress.kubernetes.io/rewrite-target: /identity/$2 -spec: - tls: - - hosts: - - aks.20.44.235.37.nip.io # update IP address here - secretName: app-web-cert - rules: - - host: aks.20.44.235.37.nip.io - http: - paths: - - path: /(.*) - pathType: Prefix - backend: - service: - name: identity-grpc-service - port: - number: 80 + port: 80 \ No newline at end of file diff --git a/deploy/k8s/ocelot-config.yaml b/deploy/k8s/ocelot-config.yaml index 4191c82..47464f2 100644 --- a/deploy/k8s/ocelot-config.yaml +++ b/deploy/k8s/ocelot-config.yaml @@ -27,6 +27,17 @@ data: "movies" ] } + }, + { + "DownstreamPathTemplate": "/", + "DownstreamScheme": "http", + "DownstreamHostAndPorts": [ + { + "Host": "identity-grpc-service", + "Port": 80 + } + ], + "UpstreamPathTemplate": "/identity-grpc", } ] } diff --git a/deploy/k8s/ocelot.Development.json b/deploy/k8s/ocelot.Development.json deleted file mode 100644 index 769c03a..0000000 --- a/deploy/k8s/ocelot.Development.json +++ /dev/null @@ -1,26 +0,0 @@ -{ - "Routes": [ - { - "DownstreamPathTemplate": "/api/movie", - "DownstreamScheme": "http", - "DownstreamHostAndPorts": [ - { - "Host": "movie-api-service", - "Port": 80 - } - ], - "UpstreamPathTemplate": "/movies", - "UpstreamHttpMethod": [ - "GET", - "POST", - "PUT" - ], - "AuthenticationOptions": { - "AuthenticationProviderKey": "IdentityApiKey", - "AllowedScopes": [ - "movies" - ] - } - } - ] - } \ No newline at end of file