forked from baron/baron-sso
114 lines
3.2 KiB
JSON
Executable File
114 lines
3.2 KiB
JSON
Executable File
[
|
|
{
|
|
"id": "public-health",
|
|
"description": "공개 헬스체크 (STAGE 도메인)",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/health",
|
|
"methods": ["GET"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://baron_backend:3000"
|
|
},
|
|
"authenticators": [{ "handler": "noop" }],
|
|
"authorizer": { "handler": "allow" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
},
|
|
{
|
|
"id": "public-preflight",
|
|
"description": "CORS preflight (STAGE 도메인)",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/api/v1/<.*>",
|
|
"methods": ["OPTIONS"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://baron_backend:3000"
|
|
},
|
|
"authenticators": [{ "handler": "noop" }],
|
|
"authorizer": { "handler": "allow" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
},
|
|
{
|
|
"id": "public-auth",
|
|
"description": "인증/회원가입 등 공개 엔드포인트 (STAGE 도메인)",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/api/v1/auth/<.*>",
|
|
"methods": ["GET", "POST", "OPTIONS"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://baron_backend:3000"
|
|
},
|
|
"authenticators": [{ "handler": "noop" }],
|
|
"authorizer": { "handler": "allow" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
},
|
|
{
|
|
"id": "backend-command",
|
|
"description": "Command 요청은 Backend로 전달 (Audit 강제)",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/api/v1/<.*>",
|
|
"methods": ["POST", "PUT", "PATCH", "DELETE"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://baron_backend:3000"
|
|
},
|
|
"authenticators": [{ "handler": "cookie_session" }],
|
|
"authorizer": { "handler": "remote_json" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
},
|
|
{
|
|
"id": "backend-query",
|
|
"description": "Backend Query (admin/dev 포함)",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/api/v1/<.*>",
|
|
"methods": ["GET"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://baron_backend:3000"
|
|
},
|
|
"authenticators": [{ "handler": "cookie_session" }],
|
|
"authorizer": { "handler": "remote_json" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
},
|
|
{
|
|
"id": "hydra-well-known",
|
|
"description": "Hydra OIDC Discovery & JWKS",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/.well-known/<.*>",
|
|
"methods": ["GET", "OPTIONS"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://hydra:4444"
|
|
},
|
|
"authenticators": [{ "handler": "noop" }],
|
|
"authorizer": { "handler": "allow" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
},
|
|
{
|
|
"id": "hydra-oauth2",
|
|
"description": "Hydra OAuth2 Endpoints",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/oauth2/<.*>",
|
|
"methods": ["GET", "POST", "PUT", "DELETE", "PATCH", "OPTIONS"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://hydra:4444"
|
|
},
|
|
"authenticators": [{ "handler": "noop" }],
|
|
"authorizer": { "handler": "allow" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
},
|
|
{
|
|
"id": "hydra-userinfo",
|
|
"description": "Hydra Userinfo",
|
|
"match": {
|
|
"url": "<.*>://sso-test.hmac.kr/userinfo",
|
|
"methods": ["GET", "POST", "OPTIONS"]
|
|
},
|
|
"upstream": {
|
|
"url": "http://hydra:4444"
|
|
},
|
|
"authenticators": [{ "handler": "noop" }],
|
|
"authorizer": { "handler": "allow" },
|
|
"mutators": [{ "handler": "noop" }]
|
|
}
|
|
] |