forked from baron/baron-sso
oathkeeper 동작 확인
This commit is contained in:
92
docker/ory/oathkeeper/rules.active.json
Normal file
92
docker/ory/oathkeeper/rules.active.json
Normal file
@@ -0,0 +1,92 @@
|
||||
[
|
||||
{
|
||||
"id": "public-health",
|
||||
"description": "공개 헬스체크",
|
||||
"match": {
|
||||
"url": "http://<.*>/health",
|
||||
"methods": ["GET"]
|
||||
},
|
||||
"upstream": {
|
||||
"url": "http://baron_backend:3000"
|
||||
},
|
||||
"authenticators": [
|
||||
{ "handler": "noop" }
|
||||
],
|
||||
"authorizer": { "handler": "allow" },
|
||||
"mutators": [
|
||||
{ "handler": "noop" }
|
||||
]
|
||||
},
|
||||
{
|
||||
"id": "public-preflight",
|
||||
"description": "CORS preflight",
|
||||
"match": {
|
||||
"url": "http://<.*>/api/v1/<.*>",
|
||||
"methods": ["OPTIONS"]
|
||||
},
|
||||
"upstream": {
|
||||
"url": "http://baron_backend:3000"
|
||||
},
|
||||
"authenticators": [
|
||||
{ "handler": "noop" }
|
||||
],
|
||||
"authorizer": { "handler": "allow" },
|
||||
"mutators": [
|
||||
{ "handler": "noop" }
|
||||
]
|
||||
},
|
||||
{
|
||||
"id": "public-auth",
|
||||
"description": "인증/회원가입 등 공개 엔드포인트",
|
||||
"match": {
|
||||
"url": "http://<.*>/api/v1/auth/<.*>",
|
||||
"methods": ["GET", "POST", "OPTIONS"]
|
||||
},
|
||||
"upstream": {
|
||||
"url": "http://baron_backend:3000"
|
||||
},
|
||||
"authenticators": [
|
||||
{ "handler": "noop" }
|
||||
],
|
||||
"authorizer": { "handler": "allow" },
|
||||
"mutators": [
|
||||
{ "handler": "noop" }
|
||||
]
|
||||
},
|
||||
{
|
||||
"id": "backend-command",
|
||||
"description": "Command 요청은 Backend로 전달 (Audit 강제)",
|
||||
"match": {
|
||||
"url": "http://<.*>/api/v1/<.*>",
|
||||
"methods": ["POST", "PUT", "PATCH", "DELETE"]
|
||||
},
|
||||
"upstream": {
|
||||
"url": "http://baron_backend:3000"
|
||||
},
|
||||
"authenticators": [
|
||||
{ "handler": "cookie_session" }
|
||||
],
|
||||
"authorizer": { "handler": "remote_json" },
|
||||
"mutators": [
|
||||
{ "handler": "noop" }
|
||||
]
|
||||
},
|
||||
{
|
||||
"id": "backend-query",
|
||||
"description": "Backend Query (admin/dev 포함)",
|
||||
"match": {
|
||||
"url": "http://<.*>/api/v1/<.*>",
|
||||
"methods": ["GET"]
|
||||
},
|
||||
"upstream": {
|
||||
"url": "http://baron_backend:3000"
|
||||
},
|
||||
"authenticators": [
|
||||
{ "handler": "cookie_session" }
|
||||
],
|
||||
"authorizer": { "handler": "remote_json" },
|
||||
"mutators": [
|
||||
{ "handler": "noop" }
|
||||
]
|
||||
}
|
||||
]
|
||||
Reference in New Issue
Block a user