You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
In the Gateway I'd like to apply custom limiting logic to incoming requests based on the caller's identity, and if all is good we proxy the request to the Internal-only API.
Both servers have OpenAPI specs available (thank you open_api_spex), but from the caller's perspective only the Specs defined inside the Gateway API would be available.
My question is, how feasible would it be to dynamically load the Internal-only API's OpenAPI spec at startup time inside Gateway API and generate the schemas/routes/etc. so that external callers can see the available proxies endpoints as well as their Open API schemas via Swagger/etc? In addition to this, how feasible would it be to add the required authorization header token definition to the exposed endpoint request object specs that are unique to Gateway API (as in, Internal-only API doesn't know about this auth header and it's added in by Gateway API to all endpoints it proxies to)?
It would be nice to have/build this dynamic proxy behavior, the alternative being copy-pasting code or managing external libraries.
The text was updated successfully, but these errors were encountered:
There's a scenario I want to explore which is:
Let's say we have two Elixir servers:
In the Gateway I'd like to apply custom limiting logic to incoming requests based on the caller's identity, and if all is good we proxy the request to the Internal-only API.
Both servers have OpenAPI specs available (thank you open_api_spex), but from the caller's perspective only the Specs defined inside the Gateway API would be available.
My question is, how feasible would it be to dynamically load the Internal-only API's OpenAPI spec at startup time inside Gateway API and generate the schemas/routes/etc. so that external callers can see the available proxies endpoints as well as their Open API schemas via Swagger/etc? In addition to this, how feasible would it be to add the required
authorizationheader token definition to the exposed endpoint request object specs that are unique to Gateway API (as in, Internal-only API doesn't know about this auth header and it's added in by Gateway API to all endpoints it proxies to)?It would be nice to have/build this dynamic proxy behavior, the alternative being copy-pasting code or managing external libraries.
The text was updated successfully, but these errors were encountered: