Hide
Tested in 3scale On-premises using apicast 3scale managed:
1) Set up a proxy:
The User-Agent was changed to make sure the proxy was used.
2) Configure the Camel Proxy in a Product:
all_proxy: http://127.0.0.1:8888
3) Request to the staging environment with the Camel Service policy enabled:
4) Request without the Camel Service policy enabled:
Show
Tested in 3scale On-premises using apicast 3scale managed:
1) Set up a proxy:
$ oc rsh dc/apicast-staging
sh-4.4$ cd /tmp
sh-4.4$ curl --output mitmproxy-8.0.0-linux.tar.gz https://downloads.mitmproxy.org/8.0.0/mitmproxy-8.0.0-linux.tar.gz
% Total % Received % Xferd Average Speed Time Time Time Current
Dload Upload Total Spent Left Speed
100 86.5M 100 86.5M 0 0 43.9M 0 0:00:01 0:00:01 --:--:-- 43.8M
sh-4.4$ tar zxvf mitmproxy-8.0.0-linux.tar.gz
mitmproxy
mitmdump
mitmweb
sh-4.4$ ./mitmdump -p 8888 --modify-headers "/~q/User-Agent/test" --verbose
Proxy server listening at http://*:8888
127.0.0.1:33730: client connect
127.0.0.1:33730: server connect echo-api.3scale.net:443 (xx.xx.xx.xx:443)
127.0.0.1:33730: GET https://echo-api.3scale.net/?user_key=<key>
x-forwarded-for: xx.x.xx.xx
accept: */*
x-forwarded-host: api-3scale-apicast-staging.xx.apps.<wildcard>
forwarded: for=xx.x.xx.xx;host=api-3scale-apicast-staging.xx.apps.<wildcard>;proto=https
x-forwarded-proto: https
host: echo-api.3scale.net
x-forwarded-port: 443
User-Agent: test
<< 200 OK 837b
content-type: application/json
x-3scale-echo-api: echo-api/1.0.3
vary: Origin
x-content-type-options: nosniff
content-length: 837
x-envoy-upstream-service-time: 1
date: Wed, 13 Sep 2023 14:49:25 GMT
server: envoy
The User-Agent was changed to make sure the proxy was used.
2) Configure the Camel Proxy in a Product:
all_proxy: http://127.0.0.1:8888
3) Request to the staging environment with the Camel Service policy enabled:
$ curl -k "https://api-3scale-apicast-staging.xx.apps.<wildcard>:443/?user_key=<key>"
{
"method": "GET",
"path": "/",
"args": "user_key=<key>",
"body": "",
"headers": {
"HTTP_VERSION": "HTTP/1.1",
"HTTP_HOST": "echo-api.3scale.net",
"HTTP_X_FORWARDED_FOR": "xx.xx.xx,xx. xxx.xxx.xxx",
"HTTP_ACCEPT": "*/*",
"HTTP_X_FORWARDED_HOST": "api-3scale-apicast-staging.xx.apps.<wildcard>",
"HTTP_FORWARDED": "for=xxx.xx.xx;host=api-3scale-apicast-staging.xx.apps.<wildcard>;proto=https",
"HTTP_X_FORWARDED_PROTO": "https",
"HTTP_X_FORWARDED_PORT": "443",
"HTTP_USER_AGENT": "test",
"HTTP_X_ENVOY_EXTERNAL_ADDRESS": "xx.xxx.xxx.xxx",
"HTTP_X_REQUEST_ID": "318f1c89-1238-49dd-868e-4d13ef1c7629",
"HTTP_X_ENVOY_EXPECTED_RQ_TIMEOUT_MS": "15000"
},
"uuid": "6ede46eb-b527-4a86-8367-89501de99366"
}
4) Request without the Camel Service policy enabled:
$ curl -k "https://api-3scale-apicast-staging.xx.apps.<wildcard>:443/?user_key=<key>"
{
"method": "GET",
"path": "/",
"args": "user_key=<key>",
"body": "",
"headers": {
"HTTP_VERSION": "HTTP/1.1",
"HTTP_HOST": "echo-api.3scale.net",
"HTTP_X_REAL_IP": "YY.YYY.Y.Y", <--------------------------- MISSING HEADER
"HTTP_X_3SCALE_PROXY_SECRET_TOKEN": "Shared_secret_sent_from_proxy_to_API_backend_8827ff9564e3323c", <----- MISSING HEADER
"HTTP_USER_AGENT": "curl/8.0.1",
"HTTP_ACCEPT": "*/*",
"HTTP_X_FORWARDED_HOST": "api-3scale-apicast-staging.xx.apps.<wildcard>",
"HTTP_X_FORWARDED_PORT": "443",
"HTTP_X_FORWARDED_PROTO": "https",
"HTTP_FORWARDED": "for=xx.x.xx.xx;host=api-3scale-apicast-staging.xx.apps.<wildcard>;proto=https",
"HTTP_X_FORWARDED_FOR": "xx.xx.xx,xx. xxx.xxx.xxx",
"HTTP_X_ENVOY_EXTERNAL_ADDRESS": "xx.xxx.xxx.xxx",
"HTTP_X_REQUEST_ID": "d26e2b7b-6531-4b2a-b801-75da8a6bfa8d",
"HTTP_X_ENVOY_EXPECTED_RQ_TIMEOUT_MS": "15000"
},
"uuid": "d5ef3d22-ff38-4675-9179-7fc9d21841f1"
}
Major