lizhouyang commented on issue #5834:
URL: https://github.com/apache/apisix/issues/5834#issuecomment-997608346
还是不行,贴一下我的思路,您帮我看下:
1. 建一个服务,提供OAuth的访问
```JSON
{
"name": "oauth",
"upstream_id": "386066599586562754",
"plugins": {
"openid-connect": {
"client_id": "login-client",
"client_secret": "{noop}openid-connect",
"disable": false,
"discovery":
"http://auth-server:9999/.well-known/openid-configuration";,
"redirect_uri": "http://lizhouyang.cn:9080/web1/";
}
}
}
```
2. 新建一个路由,将上面的服务关联到路由上。路由配置如下:
```JSON
{
"uri": "/web1/*",
"name": "web1",
"methods": [
"GET",
"POST",
"PUT",
"DELETE",
"PATCH",
"HEAD",
"OPTIONS",
"CONNECT",
"TRACE"
],
"plugins": {
"proxy-rewrite": {
"regex_uri": [
"^/web1/*",
"/*"
]
}
},
"service_id": "386068954721813186",
"upstream_id": "386066599586562754",
"labels": {
"API_VERSION": "1.0"
},
"status": 1
}
```
3. 浏览器访问`http://lizhouyang.cn:9080/web1/' 出现500错误。不跳转,如下图。域名已经映射到我个人MAC。
<img width="809" alt="企业微信截图_73fb9a73-b919-49a2-a924-ac2b569b530e"
src="https://user-images.githubusercontent.com/6194509/146715410-c59b50c9-526e-40e7-a872-b784d8f2fa2f.png";>
---------------------------
PS:补充一些材料
1.
apisix采用docker部署,采用example文件中的docker-compose.yml,只是加了HOSTS域名映射,修改了端口映射,yml如下:
```yml
version: "3"
services:
apisix-dashboard:
image: apache/apisix-dashboard:2.9.0
restart: always
volumes:
- ./dashboard_conf/conf.yaml:/usr/local/apisix-dashboard/conf/conf.yaml
ports:
- "9000:9000"
networks:
apisix:
apisix:
image: apache/apisix:2.10.0-alpine
restart: always
volumes:
- ./apisix_log:/usr/local/apisix/logs
- ./apisix_conf/config.yaml:/usr/local/apisix/conf/config.yaml:ro
depends_on:
- etcd
##network_mode: host
ports:
- "9080:9080/tcp"
- "9081:9091/tcp"
- "9082:9443/tcp"
- "9083:9092/tcp"
extra_hosts:
- "auth-server:192.168.65.2"
networks:
apisix:
etcd:
image: bitnami/etcd:3.4.15
restart: always
volumes:
- etcd_data:/bitnami/etcd
environment:
ETCD_ENABLE_V2: "true"
ALLOW_NONE_AUTHENTICATION: "yes"
ETCD_ADVERTISE_CLIENT_URLS: "http://0.0.0.0:2379";
ETCD_LISTEN_CLIENT_URLS: "http://0.0.0.0:2379";
ports:
- "9084:2379/tcp"
networks:
apisix:
web1:
image: nginx:1.19.0-alpine
restart: always
volumes:
- ./upstream/web1.conf:/etc/nginx/nginx.conf
ports:
- "9085:80/tcp"
environment:
- NGINX_PORT=80
networks:
apisix:
web2:
image: nginx:1.19.0-alpine
restart: always
volumes:
- ./upstream/web2.conf:/etc/nginx/nginx.conf
ports:
- "9086:80/tcp"
environment:
- NGINX_PORT=80
networks:
apisix:
prometheus:
image: prom/prometheus:v2.25.0
restart: always
volumes:
- ./prometheus_conf/prometheus.yml:/etc/prometheus/prometheus.yml
ports:
- "9087:9090"
networks:
apisix:
grafana:
image: grafana/grafana:7.3.7
restart: always
ports:
- "9088:3000"
volumes:
- "./grafana_conf/provisioning:/etc/grafana/provisioning"
- "./grafana_conf/dashboards:/var/lib/grafana/dashboards"
- "./grafana_conf/config/grafana.ini:/etc/grafana/grafana.ini"
networks:
apisix:
networks:
apisix:
driver: bridge
volumes:
etcd_data:
driver: local
```
2. 在容器中可以访问.well-known文件,如下:
<img width="1600" alt="docker内部可以访问auth-server"
src="https://user-images.githubusercontent.com/6194509/146715780-9dc0d246-bfe4-423c-9dc5-5315b4153676.png";>
2. OpenID服务采用
spring-authorization-server服务,回调地址加了`http://lizhouyang.cn:9080/web1/`。自己写的client端可以正常登录。
--
This is an automated message from the Apache Git Service.
To respond to the message, please log on to GitHub and use the
URL above to go to the specific comment.
To unsubscribe, e-mail: [email protected]
For queries about this service, please contact Infrastructure at:
[email protected]
![https://user-images.githubusercontent.com/6194509/146715410-c59b50c9-526e-40e7-a872-b784d8f2fa2f.png"](https://user-images.githubusercontent.com/6194509/146715410-c59b50c9-526e-40e7-a872-b784d8f2fa2f.png"){kind=link}
![https://user-images.githubusercontent.com/6194509/146715780-9dc0d246-bfe4-423c-9dc5-5315b4153676.png"](https://user-images.githubusercontent.com/6194509/146715780-9dc0d246-bfe4-423c-9dc5-5315b4153676.png"){kind=link}