Skip to content

How to use haproxy for oathkeeper API integration #1037

Answered by meinrecht
meinrecht asked this question in Q&A
Discussion options

You must be logged in to vote

Basically this works via a lua script for haproxy.

A basic script is described in the section "Verify a request with another service" of the documentation.

This script can be modified like this, assuming an oathkeeper-instance listens on the default API port:

core.register_action("verify_request", { "http-req" }, function(txn)
   local s = core.tcp()
   s:connect("127.0.0.1:4456")
   s:send("GET /decisions" .. txn.sf:path() .. " HTTP/1.1\r\n" .. txn.f:req_hdrs())
   local msg = s:receive("*l")
   -- connection failure
   if msg == nil then
      -- This leave txn.request_verified unset for potentially diffrent handling
      return
   end
 
   msg = tonumber(string.sub(msg, 9, 12)) -- Rea…

Replies: 2 comments 3 replies

Comment options

You must be logged in to vote
0 replies
Comment options

You must be logged in to vote
3 replies
@vinckr
Comment options

@mfreeman451
Comment options

@meinrecht
Comment options

Answer selected by vinckr
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Category
Q&A
Labels
None yet
3 participants