Kong as a gateway for your Drupal API

Transcript

1. Sponsors Organisers https://www.drupal.org/u/el7cosmos https://github.com/el7cosmos Kong as a Gateway for Your

   Drupal API by Luhur Abdi Rizal

2. Sponsors Organisers Drupal 8 API First

3. Sponsors Organisers Drupal 8: API First

4. Sponsors Organisers Problems ? Basic Auth Cookie OAuth2 A

5. Sponsors Organisers Solution Any Auth Reduce Load D A

6. Sponsors Organisers

7. Sponsors Organisers Radically Extensible Blazingly Fast Open Source Platform Agnostic

   Cloud Native RESTful Interface why ?

8. Sponsors Organisers

9. Sponsors Organisers Decoupling Drupal Authentication

10. Sponsors Organisers Consumer Integration 1 Extends Account Interface 2 Reverse

    Proxy Settings 3 Register Authentication Provider 4 Mapping Kong Group to Drupal Roles 5 Decoupling Drupal Authentication

11. Sponsors Organisers Consumers Integration The Consumer object represents a consumer

    - or a user - of a Service. You can either rely on Kong as the Primary Datastore, or you can Map the Consumer List with your database to keep consistency between Kong and your existing primary datastore. https://www.drupal.org/project/consumers

12. Sponsors Organisers Consumer Account - \Drupal::currentUser - AccountInterface - -

    - X-Consumer-ID - X-Consumer-Custom-ID - X-Consumer-Username - X-Anonymous-Consumer

13. Sponsors Organisers Reverse Proxy Settings /** * Reverse Proxy Configuration:

    */ $settings['reverse_proxy'] = TRUE; /** * Specify every reverse proxy IP address in your environment. */ $settings['reverse_proxy_addresses'] = [ '127.0.0.1', ];

14. Sponsors Organisers Kong Authentication Provider public function applies(Request $request) {

    return $request->isFromTrustedProxy() && $request->headers->has('X-Consumer-ID'); }

15. Sponsors Organisers Kong Authentication Provider public function authenticate(Request $request) {

    if ($request->headers->has('X-Consumer-Custom-ID')) { $this->consumerAccount->setRequest($request); return $this->consumerAccount; } return NULL; }

16. Sponsors Organisers Permission and ACL Restrict access to a Service

    or a Route by whitelisting or blacklisting consumers using arbitrary ACL group names.

17. Sponsors Organisers Kong Group as Drupal Role public function getRoles($exclude_locked_roles

    = FALSE) { $roles = []; if ($this->request->headers->has('X-Consumer-Groups')) { $roles += preg_split("/,\s?/", $this->request->headers ->get('X-Consumer-Groups')); } if (!$exclude_locked_roles) { $roles[] = RoleInterface::AUTHENTICATED_ID; } return $roles; }

18. Sponsors Organisers Kong as a gateway for Drupal API -

    Provide underlying APIs with additional functionalities - Replace Drupal authentication - Provide various authentication method - Reduce Drupal load

19. Sponsors Organisers Whats Next?

20. Sponsors Organisers Q&A

21. Sponsors Organisers Thank You