Upstream Application Login service extension (Legacy)

Upstream Application Login service extension (Legacy)

ℹ️
This topic refers to legacy configuration syntax. App gateways are now defined as Proxy apps.

It can be useful to determine if a request to an upstream application is authenticated and to be able to login to an upstream app. Such situations are common when an app manages its own sessions or directly authenticates against a backing data store like LDAP or a relational database.

Note: The IsLoggedIn and LoginService Extensions should almost always be used together.

IsLoggedIn

This Service Extension can be used to determine if a request to an upstream application is authenticated. The extension is called immediately before the Orchestrator proxies to the upstream application. Determining authentication status can be tricky, but the presence of a cookie or a request to a given path can be used for inference.

appgateways:
  - name: example
    # ...
    
    isLoggedInSE:
      funcName: IsLoggedIn
      file: /etc/maverics/extensions/upstreamLogin.go

/etc/maverics/extensions/upstreamLogin.go

package main

import (
	"net/http"

	"maverics/app"
	"maverics/log"
)

func IsLoggedIn(
	ag *app.AppGateway,
	rw http.ResponseWriter,
	req *http.Request,
) bool {
	log.Debug("msg", "determining if upstream application is authenticated")
	return false
}

Login

This Service Extension can be used to login to an upstream application. The extension is called immediately before the Orchestrator proxies to the upstream application if authentication is required. How logging in is achieved will be variable depending on the application, but common techniques including submitting a form or generating a session cookie.

appgateways:
  - name: example
    # ...

    loginSE:
      funcName: Login
      file: /etc/maverics/extensions/upstreamLogin.go

/etc/maverics/extensions/upstreamLogin.go

package main

import (
	"net/http"

	"maverics/app"
	"maverics/log"
)

func Login(
	ag *app.AppGateway,
	rw http.ResponseWriter,
	req *http.Request,
) error {
	log.Debug("msg", "authenticating against upstream application")
	return nil
}