Hmac header validation
#2129
-
|
I am considering a single gateway that will support both api and webhook routes. For the webhook routes I would like to validate the signature header using hmac before proxying to a service (example). Is a middleware the best place to put this validation? If so, is there a way I can configure the middleware for specific routes or do I need to add some conditions for those specific routes (i.e. the webhook routes)? |
Beta Was this translation helpful? Give feedback.
Answered by
MihaZupan
May 15, 2023
Replies: 1 comment
-
|
If you already have a YARP route specific to webhooks, you can add a transform to just that route .AddTransforms(builder =>
{
if (builder.Route.RouteId == "myWebhookRoute")
{
builder.AddRequestTransform(async context =>
{
context.HttpContext.Request.EnableBuffering();
if (false) // your validation
{
// As you're writing to the response, the proxy step will be skipped.
context.HttpContext.Response.StatusCode = StatusCodes.Status400BadRequest;
await context.HttpContext.Response.WriteAsync("Nope");
}
});
}
});Alternatively in a middleware app.MapReverseProxy(app =>
{
app.Use(async (context, next) =>
{
if (context.GetReverseProxyFeature().Route.Config.RouteId == "myWebhookRoute")
{
// ...
}
await next();
});
app.UseSessionAffinity();
app.UseLoadBalancing();
app.UsePassiveHealthChecks();
}); |
Beta Was this translation helpful? Give feedback.
0 replies
Answer selected by
karelz
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If you already have a YARP route specific to webhooks, you can add a transform to just that route
Alternatively in a middleware