forked from konveyor/tackle2-ui
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathproxies.ts
94 lines (85 loc) · 3.16 KB
/
proxies.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
import type { Options } from "http-proxy-middleware";
import { KONVEYOR_ENV } from "./environment.js";
export const proxyMap: Record<string, Options> = {
"/auth": {
target: KONVEYOR_ENV.KEYCLOAK_SERVER_URL || "http://localhost:9001",
logLevel: process.env.DEBUG ? "debug" : "info",
changeOrigin: true,
onProxyReq: (proxyReq, req, _res) => {
// Keycloak needs these header set so we can function in Kubernetes (non-OpenShift)
// https://www.keycloak.org/server/reverseproxy
//
// Note, on OpenShift, this works as the haproxy implementation
// for the OpenShift route is setting these for us automatically
//
// We saw problems with including the below broke the OpenShift route
// {"X-Forwarded-Proto", req.protocol} broke the OpenShift
// {"X-Forwarded-Port", req.socket.localPort}
// {"Forwarded", `for=${req.socket.remoteAddress};proto=${req.protocol};host=${req.headers.host}`}
// so we are not including even though they are customary
//
req.socket.remoteAddress &&
proxyReq.setHeader("X-Forwarded-For", req.socket.remoteAddress);
req.socket.remoteAddress &&
proxyReq.setHeader("X-Real-IP", req.socket.remoteAddress);
req.headers.host &&
proxyReq.setHeader("X-Forwarded-Host", req.headers.host);
},
},
"/hub": {
target: KONVEYOR_ENV.TACKLE_HUB_URL || "http://localhost:9002",
logLevel: process.env.DEBUG ? "debug" : "info",
changeOrigin: true,
pathRewrite: {
"^/hub": "",
},
onProxyReq: (proxyReq, req, _res) => {
// Add the Bearer token to the request if it is not already present, AND if
// the token is part of the request as a cookie
if (req.cookies?.keycloak_cookie && !req.headers["authorization"]) {
proxyReq.setHeader(
"Authorization",
`Bearer ${req.cookies.keycloak_cookie}`
);
}
},
onProxyRes: (proxyRes, req, res) => {
const includesJsonHeaders =
req.headers.accept?.includes("application/json");
if (
(!includesJsonHeaders && proxyRes.statusCode === 401) ||
(!includesJsonHeaders && proxyRes.statusMessage === "Unauthorized")
) {
res.redirect("/");
}
},
},
"/kai": {
target: KONVEYOR_ENV.TACKLE_HUB_URL || "http://localhost:9002",
logLevel: process.env.DEBUG ? "debug" : "info",
changeOrigin: true,
pathRewrite: {
"^/kai": "/services/kai",
},
onProxyReq: (proxyReq, req, _res) => {
// Add the Bearer token to the request if it is not already present, AND if
// the token is part of the request as a cookie
if (req.cookies?.keycloak_cookie && !req.headers["authorization"]) {
proxyReq.setHeader(
"Authorization",
`Bearer ${req.cookies.keycloak_cookie}`
);
}
},
onProxyRes: (proxyRes, req, res) => {
const includesJsonHeaders =
req.headers.accept?.includes("application/json");
if (
(!includesJsonHeaders && proxyRes.statusCode === 401) ||
(!includesJsonHeaders && proxyRes.statusMessage === "Unauthorized")
) {
res.redirect("/");
}
},
},
};