1

我正在使用 WSO2 REST API 而不是从其 UI 创建和发布 API,因为我有数百个 WSO2 API 需要管理。我使用 swagger 文件(json 格式)来配置有关我的 API 的所有详细信息,然后使用 curl 命令发布此 swagger 文件。我想为我的 WSO2 API 启用 CORS 配置。

为 WSO2 API 提供的文档仅提供有关通过 UI 启用 CORS 配置的信息。这是链接

除了直接从其 UI 之外,我找不到任何关于如何通过任何方式启用它的信息。我尝试在 API 的 swagger 文件中添加以下字段,但此更改未反映在已发布的 API 中。

    "CORSConfiguration": {
        "Enabled": "true",
        "Access-Control-Allow-Origin": "*",
        "Access-Control-Allow-Methods": "GET,PUT,POST,DELETE,PATCH,OPTIONS",
        "Access-Control-Allow-Headers": "authorization,Access-Control-Allow-Origin,Content-Type,SOAPAction",
        "Access-Control-Allow-Credentials": "false"
    }

任何为特定 API 启用 CORS 配置的帮助将不胜感激。谢谢 :)

4

4 回答 4

1

CORS 信息应该像这样进入 API 创建/更新有效负载。

   "corsConfiguration":    {
      "accessControlAllowOrigins": ["*"],
      "accessControlAllowHeaders":       [
         "authorization",
         "Access-Control-Allow-Origin",
         "Content-Type",
         "SOAPAction"
      ],
      "accessControlAllowMethods":       [
         "GET",
         "PUT",
         "POST",
         "DELETE",
         "PATCH",
         "OPTIONS"
      ],
      "accessControlAllowCredentials": false,
      "corsConfigurationEnabled": false
   }

请参阅 [1] 中的示例有效负载。

[1] https://docs.wso2.com/display/AM260/apidocs/publisher/#!/operations#APIIndividual#apisPost

于 2019-08-05T08:40:38.087 回答
0

@Bee,这是我试图做的。

{
  "swagger": "2.0",
  "info": {
    "description": "Registration Type Master",
    "version": "1.0",
    "title": "Test_Entity_Master_API",
    "termsOfService": "urn:tos",
    "contact": {"name":"RD"},
    "license": {
      "name": "Apache 2.0",
      "url": "http://www.apache.org/licenses/LICENSE-2.0"
    }
  },
  "host": "http://sampleurl.com/",
  "basePath": "/samplemethod",
  "schemes": [
    "http"
  ],
  "consumes": [
    "application/json"
  ],
  "produces": [
    "application/json"
  ],
  "paths": {
    "/regtype/createregtype": {
      "post": {
        "summary": "Create reg type entry",
        "tags": [
          "Registration Type Master"
        ],
        "deprecated": false,
        "produces": [
          "application/json"
        ],
        "parameters": [
          {
            "name": "Body",
            "in": "body",
            "required": true,
            "description": "",
            "schema": {
              "type": "object",
              "properties": {
                "key": {
                  "type": "string"
                },
                "value": {
                  "type": "string"
                }
              }
            }
          }
        ],
        "responses": {
          "200": {
            "description": "",
            "schema": {
              "type": "object",
              "properties": {
                "success": {
                  "type": "boolean"
                },
                "error": {
                  "type": "boolean",
                  "default": false
                },
                "message": {
                  "type": "string"
                },
                "data": {
                  "type": "object"
                }
              }
            }
          },
          "500": {
            "description": "",
            "schema": {
              "type": "object",
              "properties": {
                "success": {
                  "type": "boolean",
                  "default": false
                },
                "error": {
                  "type": "boolean"
                },
                "message": {
                  "type": "string"
                },
                "data": {
                  "type": "object"
                }
              }
            }
          }
        }
      }
    }
  },
  "tags": [
    {
      "name": "entity-master-controller",
      "description": "Entity Master Controller"
    }
  ],
     "corsConfiguration":    {
      "accessControlAllowOrigins": ["https://dtdevsso.ril.com"],
      "accessControlAllowHeaders":[
         "authorization",
         "Access-Control-Allow-Origin",
         "Content-Type",
         "SOAPAction"
      ],
      "accessControlAllowMethods":[
         "GET",
         "PUT",
         "POST",
         "DELETE",
         "PATCH",
         "OPTIONS"
      ],
      "accessControlAllowCredentials": "true",
      "corsConfigurationEnabled": "true"
   }
}

在这个 swagger 文件中,尽管添加了 CORS payload,但通过 swagger 文件发布 API 后并没有体现出来。

于 2019-08-06T06:33:16.150 回答
0

我使用以下有效负载在 WSO2 中创建/更新 API。它运行良好。抱歉,这方面的更新延迟。

{
   "name": "%apiName%",
   "description": "%apiDescription%",
   "context": "/%apiName%",
   "version": "%apiVersion%",
   "provider": "%apiProvider%",
   "apiDefinition": "%swaggger_extended.json% // Input swagger file",
   "wsdlUri": null,
   "status": "CREATED",
   "responseCaching": "Disabled",
   "cacheTimeout": 300,
   "destinationStatsEnabled": false,
   "isDefaultVersion": false,
   "type": "HTTP",
   "transport":    [
      "http",
      "https"
   ],
   "tags": ["%apiTags%"],
   "tiers": ["%apiTiersCollection%"],
   "visibility": "%apiVisibility%",
   "visibleRoles": [],
   "endpointConfig": "%endPointConfig%",
   "gatewayEnvironments": "Production and Sandbox",
   "subscriptionAvailability": null,
   "subscriptionAvailableTenants": [],
   "businessInformation":    {
      "businessOwnerEmail": "%BizOwnerName@ril.com%",
      "technicalOwnerEmail": "%TechOwnerName@ril.com%",
      "technicalOwner": "%TechOwnerName%",
      "businessOwner": "%BizOwnerName%"
   },
   "corsConfiguration":    {
      "accessControlAllowOrigins": ["originURL"],
      "accessControlAllowHeaders":       [
         "authorization",
         "Access-Control-Allow-Origin",
         "Content-Type",
         "SOAPAction"
      ],
      "accessControlAllowMethods":       [
         "GET",
         "PUT",
         "POST",
         "DELETE",
         "PATCH",
         "OPTIONS"
      ],
      "accessControlAllowCredentials": false,
      "corsConfigurationEnabled": true
   }
}
于 2019-09-19T09:21:59.157 回答
0

要设置 CORS 支持,您必须首先在您的资源中定义一个返回所需标头的 OPTIONS 方法。swagger 中的所有路径都需要一个 cors 选项块。这是块。

"/users":
   {
    "options": {
        "summary": "CORS support",
        "description": "Enable CORS by returning correct headers\n",
        "consumes": [
            "application/json"
        ],
        "produces": [
            "application/json"
        ],
        "tags": [
            "CORS"
        ],
        "x-amazon-apigateway-integration": {
            "type": "mock",
            "requestTemplates": {
                "application/json": "{\n  \"statusCode\" : 200\n}\n"
            },
            "responses": {
                "default": {
                    "statusCode": "200",
                    "responseParameters": {
                        "method.response.header.Access-Control-Allow-Headers": "'Content-Type,X-Amz-Date,Authorization,X-Api-Key'",
                        "method.response.header.Access-Control-Allow-Methods": "'*'",
                        "method.response.header.Access-Control-Allow-Origin": "'*'"
                    },
                    "responseTemplates": {
                        "application/json": "{}\n"
                    }
                }
            }
        },
        "responses": {
            "200": {
                "description": "Default response for CORS method",
                "headers": {
                    "Access-Control-Allow-Headers": {
                        "type": "string"
                    },
                    "Access-Control-Allow-Methods": {
                        "type": "string"
                    },
                    "Access-Control-Allow-Origin": {
                        "type": "string"
                    }
                }
            }
        }
    }
}

有关更多详细信息,您可以访问此链接

于 2019-08-06T11:48:27.603 回答