-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathjerry.xml
120 lines (96 loc) · 4.38 KB
/
jerry.xml
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
<jerry>
<!--certificate domain="*" key="/etc/letsencrypt/live/sven-lukas.de/privkey.pem" cert="/etc/letsencrypt/live/sven-lukas.de/fullchain.pem"/-->
<mime-types file="/opt/jerry/etc/mime.types"/>
<!--database id="my-db" implementation="sqlite4esl">
<parameter key="URI" value="file:my.db?mode=rw"/>
</database-->
<http-client id="google-jwks" implementation="esl/com/http/client/CURLConnectionFactory">
<parameter key="url" value="https://www.googleapis.com/oauth2/v3/certs"/>
</http-client>
<http-context id="http-1">
<requesthandler implementation="jerry/filebrowser">
<parameter key="path" value="/opt/jerry/workspace"/>
<parameter key="ignoreError" value="true"/>
<parameter key="browsable" value="false"/>
</requesthandler>
<requesthandler implementation="jerry/self"/>
</http-context>
<http-context id="https-1">
<!--requesthandler implementation="jerry/self"/-->
<endpoint path="google-login">
<requesthandler implementation="jerry/dump"/>
<requesthandler implementation="jerry/self"/>
</endpoint>
<endpoint path="test-token">
<context>
<!-- -------------- -->
<!-- Authentication -->
<!-- -------------- -->
<procedure id="authentication-basicauth-stable" implementation="jerry/authentication-basic-stable">
<parameter key="credential" value="Hans:plain:Wurst"/>
</procedure>
<!--procedure id="authentication-basicauth-dblookup" implementation="jerry/authentication-basic-dblookup">
<parameter key="connection-id" value="my-db"/>
<parameter key="sql" value="SELECT PASSWD FROM users WHERE USER_ID=?;"/>
<parameter key="lifetime-renew" value="true"/>
<parameter key="lifetime-ms" value="60000"/>
</procedure-->
<procedure id="authentication-jwt" implementation="jerry/authentication-jwt">
<parameter key="drop-field" value="aud"/>
<parameter key="jwks-client-id" value="google-jwks"/>
</procedure>
<requesthandler implementation="jerry/authentication">
<!--parameter key="allow" value="basic"/-->
<parameter key="allow" value="bearer"/>
<!--parameter key="authentication-procedure-id" value="authentication-basicauth-stable"/>
<parameter key="authentication-procedure-id" value="authentication-basicauth-dblookup"/-->
<parameter key="authentication-procedure-id" value="authentication-jwt"/>
<!--parameter key="behavior" value="reply"/-->
<!--parameter key="behavior" value="proceed"/-->
<!--parameter key="behavior" value="disconnect"/-->
</requesthandler>
<!--response-header key="WWW-Authenticate" value="Basic realm="AuthArea""/-->
<response-header key="WWW-Authenticate" value="Bearer realm="AuthArea""/>
<!-- ------------- -->
<!-- Authorization -->
<!-- ------------- -->
<!--procedure id="get-my-roles" implementation="jerry/authorization-dblookup">
<parameter key="authorized-object-id" value="my-roles"/>
<parameter key="connection-id" value="my-db"/>
<parameter key="sql" value="SELECT IS_ADMIN, GRANT_USERS FROM users WHERE USER_ID=?;"/>
</procedure>
<procedure implementation="jerry/authorization-cache">
<parameter key="authorized-object-id" value="my-roles"/>
<parameter key="authorizing-procedure-id" value="get-my-roles"/>
<parameter key="lifetime-renew" value="false"/>
<parameter key="lifetime-ms" value="60000"/>
</procedure-->
</context>
<requesthandler implementation="jerry/dump"/>
<requesthandler implementation="jerry/self"/>
</endpoint>
<procedure id="sleep" implementation="jerry/sleep">
<parameter key="sleep-ms" value="1000"/>
</procedure>
<requesthandler implementation="jerry/filebrowser">
<parameter key="path" value="/opt/jerry/workspace"/>
<parameter key="ignoreError" value="true"/>
<parameter key="browsable" value="false"/>
<parameter key="default" value="index.html"/>
</requesthandler>
<requesthandler implementation="jerry/self"/>
</http-context>
<!--http-server implementation="mhd4esl">
<parameter key="https" value="false"/>
<parameter key="port" value="80"/>
<parameter key="threads" value="4"/>
<context ref-id="http-1"/>
</http-server-->
<http-server implementation="mhd4esl">
<parameter key="https" value="false"/>
<parameter key="port" value="443"/>
<parameter key="threads" value="4"/>
<requesthandler implementation="jerry/log"/>
<context ref-id="https-1"/>
</http-server>
</jerry>