Proxy legacy api requests in api

swisstopo · Dec 7, 2023 · 17e6663 · 17e6663
1 parent b591d12
commit 17e6663
Show file tree

Hide file tree

Showing 6 changed files with 65 additions and 1 deletion.
diff --git a/docker-compose.yml b/docker-compose.yml
@@ -111,5 +111,6 @@ services:
       ASPNETCORE_HTTP_PORTS: 5000
       DOTNET_USE_POLLING_FILE_WATCHER: 1
       CONNECTIONSTRINGS__BdmsContext: Host=db;Username=SPAWNPLOW;Password=YELLOWSPATULA;Database=bdms;CommandTimeout=300
+      ReverseProxy__Clusters__pythonApi__Destinations__legacyApi__Address: "http://api-legacy:8888/"
       S3__ENDPOINT: http://minio:9000
       S3__SECURE: 1
diff --git a/src/api/Authentication/LegacyApiAuthenticationMiddleware.cs b/src/api/Authentication/LegacyApiAuthenticationMiddleware.cs
@@ -0,0 +1,33 @@
+using System.Security.Claims;
+
+namespace BDMS.Authentication;
+
+public class LegacyApiAuthenticationMiddleware : IMiddleware
+{
+    private ILogger<LegacyApiAuthenticationMiddleware> logger;
+
+    public LegacyApiAuthenticationMiddleware(ILogger<LegacyApiAuthenticationMiddleware> logger)
+    {
+        this.logger = logger;
+    }
+
+    public async Task InvokeAsync(HttpContext context, RequestDelegate next)
+    {
+        Claim? userName;
+        if (context.Request.Path.StartsWithSegments(new PathString("/api/v1"), StringComparison.OrdinalIgnoreCase))
+        {
+            userName = context.User.Claims.FirstOrDefault(c => c.Type == ClaimTypes.Name);
+            if (userName is not null)
+            {
+                context.Request.Headers.Authorization = userName.Value;
+
+                await next.Invoke(context).ConfigureAwait(false);
+
+                logger.LogInformation("Authorized user <{UserName}> for legacy api accessing route <{Route}>", userName.Value, context.Request.Path);
+                return;    
+            }
+        }
+
+        await next.Invoke(context).ConfigureAwait(false);
+    }
+}
diff --git a/src/api/BDMS.csproj b/src/api/BDMS.csproj
@@ -35,6 +35,7 @@
       <IncludeAssets>runtime; build; native; contentfiles; analyzers</IncludeAssets>
     </PackageReference>
     <PackageReference Include="System.Data.SqlClient" Version="4.8.5" />
+    <PackageReference Include="Yarp.ReverseProxy" Version="2.1.0" />
     <AssemblyAttribute Include="System.Runtime.CompilerServices.InternalsVisibleTo">
       <_Parameter1>$(AssemblyName).Test</_Parameter1>
     </AssemblyAttribute>

diff --git a/src/api/Program.cs b/src/api/Program.cs
@@ -119,6 +119,11 @@
     return new AmazonS3Client(accessKey, secretKey, clientConfig);
 });
 
+builder.Services.AddScoped<LegacyApiAuthenticationMiddleware>();
+builder.Services
+    .AddReverseProxy()
+    .LoadFromConfig(builder.Configuration.GetSection("ReverseProxy"));
+
 var app = builder.Build();
 
 // Migrate db changes on startup
@@ -140,7 +145,9 @@
 
 app.UseAuthentication();
 app.UseAuthorization();
+app.UseMiddleware<LegacyApiAuthenticationMiddleware>();
 
 app.MapControllers();
+app.MapReverseProxy();
 
 app.Run();
diff --git a/src/api/appsettings.Development.json b/src/api/appsettings.Development.json
@@ -14,5 +14,16 @@
     "ENDPOINT": "http://localhost:9000",
     "SECRET_KEY": "YELLOWMONKEY",
     "SECURE": "0"
+  },
+  "ReverseProxy": {
+    "Clusters": {
+      "pythonApi": {
+        "Destinations": {
+          "legacyApi": {
+            "Address": "http://localhost:8888/"
+          }
+        }
+      }
+    }
   }
 }
diff --git a/src/api/appsettings.json b/src/api/appsettings.json
@@ -5,5 +5,16 @@
       "Microsoft.AspNetCore": "Warning"
     }
   },
-  "AllowedHosts": "*"
+  "AllowedHosts": "*",
+  "ReverseProxy": {
+    "Routes": {
+      "pythonApi": {
+        "ClusterId": "pythonApi",
+        "AuthorizationPolicy" : "anonymous",
+        "Match": {
+          "Path": "/api/v1/{**catch-all}"
+        }
+      }
+    }
+  }
 }