Skip to content
/ openapi-rest-proxy Public

A simple endpoint filtering, auth token forwarding REST service proxy

License

AGPL-3.0 license
0 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

canonical/openapi-rest-proxy

BranchesTags

Repository files navigation

OpenAPI REST Proxy Unit tests Integration tests Publish OCI Image and charm

This project is an OpenAPI REST Proxy that allows you to easily create a RESTful API based on an OpenAPI specification, filtering through a selection of allowed endpoints.

The proxy service passes request headers to the origin it is configured to proxy, and similarly passes through response headers from the origin (right now without particular smarts).

Running instructions

Make sure you have uv installed.

  1. Clone the repository:

    git clone https://github.com/canonical/openapi-rest-proxy.git
cd openapi-rest-proxy

  2. Start the server:

    ENDPOINT_ALLOW_LIST='GET:/api/v2/certified-configurations' \
OPENAPI_SCHEMA_URL='https://certification.canonical.com/api/v2/openapi' \
ORIGIN_BASE_URL='https://certification.canonical.com' \
HOST='0.0.0.0' \
PORT=8000 \
uv run uvicorn proxy.app:app --reload

The server will be running at http://localhost:8000 by default.

Configuration

The following environment variables can be set to configure the server:

  • ENDPOINT_ALLOW_LIST: A |-separated list of allowed endpoints in the format METHOD:PATH (e.g., GET:/api/v2/certified-configurations). | is used as a delimiter since it is not itself a valid character in a path.
  • OPENAPI_SCHEMA_URL: The URL of the OpenAPI schema to use (e.g., https://certification.canonical.com/api/v2/openapi).
  • ORIGIN_BASE_URL: The base URL of the origin server (e.g., https://certification.canonical.com).
  • PORT: The port on which the server will run (default is 8000).
  • HOST: The host on which the server will run (default is 0.0.0.0).
  • FIXED_REQUEST_HEADERS: A |-separated list of fixed request headers in the format HEADER:VALUE (e.g., Authorization:Bearer token|X-Custom-Header:Value) which are included in all requests to the origin.
  • AUTH_ENDPOINT_URL: The URL of the OAuth2 token endpoint (e.g., https://auth.example.com/o/token/).
  • CLIENT_ID: The client ID for OAuth2 authentication.
  • CLIENT_SECRET: The client secret for OAuth2 authentication.
  • AUTH_SCOPE: The scope for OAuth2 authentication (optional).

Running unit tests

uv run pytest tests/unit

Running integration tests

To run the integration tests, you need to have a server up serving the test fixtures (example toy OpenAPI schema and a toy API response). Easiest accomplished for local development with the help of docker-compose. In the root of the project, issue the following:

docker-compose up schema -d

Once you have the test fixture server running, run integration tests from the root of the project:

uv run pytest tests/integration

License

This project is licensed under the Affero GPL 3.0 License.

About

A simple endpoint filtering, auth token forwarding REST service proxy

Resources

Readme

License

AGPL-3.0 license
Activity
Custom properties

Stars

0 stars

Watchers

11 watching

Forks

0 forks
Report repository

Releases 11

Revision 13 Latest
Jan 20, 2025
+ 10 releases

Packages

 
 
 

Contributors 2

  •  
  •  

Languages