Added HTTP_X_FORWARDED_PROTO/HOST support to API

* Added oslo.middleware's HTTPProxyToWSGI middleware * Deprecated designate's SSL middleware * Fixed "//" in versions URIs Change-Id: Id205246f791f33fd02aa9a17d4247bdf5b310088
2015-11-24 15:25:17 +00:00
parent e5e92222e2
commit deb622eb4b
4 changed files with 19 additions and 12 deletions
--- a/etc/designate/api-paste.ini
+++ b/etc/designate/api-paste.ini
@@ -5,32 +5,35 @@ use = egg:Paste#urlmap
 /v2: osapi_dns_v2
 /admin: osapi_dns_admin

-[pipeline:osapi_dns_versions]
-pipeline = cors maintenance faultwrapper ssl osapi_dns_app_versions
+[composite:osapi_dns_versions]
+use = call:designate.api.middleware:auth_pipeline_factory
+noauth = http_proxy_to_wsgi cors maintenance faultwrapper osapi_dns_app_versions
+keystone = http_proxy_to_wsgi cors maintenance faultwrapper osapi_dns_app_versions

 [app:osapi_dns_app_versions]
 paste.app_factory = designate.api.versions:factory

 [composite:osapi_dns_v1]
 use = call:designate.api.middleware:auth_pipeline_factory
-noauth = cors request_id noauthcontext maintenance validation_API_v1 faultwrapper ssl normalizeuri osapi_dns_app_v1
-keystone = cors request_id authtoken keystonecontext maintenance validation_API_v1 faultwrapper ssl normalizeuri osapi_dns_app_v1
+noauth = http_proxy_to_wsgi cors request_id  noauthcontext maintenance validation_API_v1 faultwrapper normalizeuri osapi_dns_app_v1
+keystone = http_proxy_to_wsgi cors request_id authtoken keystonecontext maintenance validation_API_v1 faultwrapper normalizeuri osapi_dns_app_v1
+

 [app:osapi_dns_app_v1]
 paste.app_factory = designate.api.v1:factory

 [composite:osapi_dns_v2]
 use = call:designate.api.middleware:auth_pipeline_factory
-noauth = cors request_id faultwrapper ssl validation_API_v2 noauthcontext maintenance normalizeuri osapi_dns_app_v2
-keystone = cors request_id faultwrapper ssl validation_API_v2 authtoken keystonecontext maintenance normalizeuri osapi_dns_app_v2
+noauth = http_proxy_to_wsgi cors request_id faultwrapper validation_API_v2 noauthcontext maintenance normalizeuri osapi_dns_app_v2
+keystone = http_proxy_to_wsgi cors request_id faultwrapper validation_API_v2 authtoken keystonecontext maintenance normalizeuri osapi_dns_app_v2

 [app:osapi_dns_app_v2]
 paste.app_factory = designate.api.v2:factory

 [composite:osapi_dns_admin]
 use = call:designate.api.middleware:auth_pipeline_factory
-noauth = cors request_id faultwrapper ssl noauthcontext maintenance normalizeuri osapi_dns_app_admin
-keystone = cors request_id faultwrapper ssl authtoken keystonecontext maintenance normalizeuri osapi_dns_app_admin
+noauth = http_proxy_to_wsgi cors request_id faultwrapper noauthcontext maintenance normalizeuri osapi_dns_app_admin
+keystone = http_proxy_to_wsgi cors request_id faultwrapper authtoken keystonecontext maintenance normalizeuri osapi_dns_app_admin

 [app:osapi_dns_app_admin]
 paste.app_factory = designate.api.admin:factory
@@ -42,6 +45,9 @@ oslo_config_project = designate
 [filter:request_id]
 paste.filter_factory = oslo_middleware:RequestId.factory

+[filter:http_proxy_to_wsgi]
+paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory
+
 [filter:noauthcontext]
 paste.filter_factory = designate.api.middleware:NoAuthContextMiddleware.factory

@@ -65,6 +71,3 @@ paste.filter_factory = designate.api.middleware:APIv1ValidationErrorMiddleware.f

 [filter:validation_API_v2]
 paste.filter_factory = designate.api.middleware:APIv2ValidationErrorMiddleware.factory
-
-[filter:ssl]
-paste.filter_factory = designate.api.middleware:SSLMiddleware.factory