nevis
/
adn-agov-iam-inventory
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

new configuration version

This commit is contained in:
haburger 2024-12-17 07:58:22 +00:00
parent 122315f23f
commit 9f82022b09
3 changed files with 63 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/etc/nevis/k8s-nevisproxy-idp-0ceb05c56644a59d648c13b9.yaml
View File

@ -46,7 +46,7 @@ spec:
podDisruptionBudget:
maxUnavailable: "50%"
git:
tag: "r-c3f3450d1e993cf5f26ceeaec99256e99fb503fa"
tag: "r-139ef65dd089d9e8ca8e589cb232846974ed2f1c"
dir: "DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp"
credentials: "git-credentials"
keystores:

42
DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/utility_resource_service_countries_security_filter.lua Normal file
View File

@ -0,0 +1,42 @@
package.path = package.path .. ";/opt/nevisproxy/webapp/WEB-INF/lib/lua/Utils.lua"
local Utils = require "Utils"
function inputHeader(request, response)
local trace = request:getTracer()
local queryParams = Utils.getQueryParameters(request)
local path = request:getRequestPath()
-- only allow calls to the countries service
if path == nil then
trace:error("path is nil")
end
if path ~= nil and path ~= '/resource/utility/api/v1/countries' then
trace:info("utility service called with invalid path " .. request:getRequestPath())
response:send(404)
return
end
-- only alloq one query-parameter 'lang' with the values DE, FR, IT, EN, RS
for param, values in pairs(queryParams) do
if (param ~= 'lang') then
trace:info("utility service called with invalid query param " .. param)
response:send(404)
return
end
if Helpers.tableLength(values) ~= 1 then
trace:info("utility service called with invalid value for query param " .. param)
response:send(404)
return
end
for i, value in pairs(values) do
local lang = string.upper(value)
if not ('DE' == lang or 'FR' == lang or 'IT' == lang or 'EN' == lang or 'RS' == lang) then
trace:info("utility service called with invalid value for query param " .. param .. "=" .. value)
response:send(404)
return
end
end
end
end

20
DEFAULT-ADN-AGOV-PROJECT/DEFAULT-ADN-AGOV-INV/proxy-idp/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/web.xml
View File

@ -640,6 +640,21 @@
<param-value>outputHeader</param-value>
</init-param>
</filter>
<!-- source: pattern://3a982aa242ff4f8ebd823693 -->
<filter>
<filter-name>Lua_Utility_Resource_Service_Countries_Security_Filter</filter-name>
<filter-class>ch::nevis::isiweb4::filter::lua::LuaFilter</filter-class>
<!-- source: pattern://3a982aa242ff4f8ebd823693 -->
<init-param>
<param-name>Script.InputHeaderFunctionName</param-name>
<param-value>inputHeader</param-value>
</init-param>
<!-- source: pattern://3a982aa242ff4f8ebd823693 -->
<init-param>
<param-name>Script.Path</param-name>
<param-value>/var/opt/nevisproxy/default/host-auth.agov-w.azure.adnovum.net/WEB-INF/utility_resource_service_countries_security_filter.lua</param-value>
</init-param>
</filter>
<!-- source: pattern://cdbb957d49fdc6695a978265 -->
<filter>
<filter-name>ModSecurity_App_Icon_Application</filter-name>
@ -1098,6 +1113,11 @@
<filter-name>CSRF_Default</filter-name>
<url-pattern>/AUTH/RECOVERY</url-pattern>
</filter-mapping>
<!-- source: pattern://3a982aa242ff4f8ebd823693 -->
<filter-mapping>
<filter-name>Lua_Utility_Resource_Service_Countries_Security_Filter</filter-name>
<url-pattern>/resource/utility/*</url-pattern>
</filter-mapping>
<!-- source: pattern://eaa622e2a760704c1e0e22f2 -->
<filter-mapping>
<filter-name>JSON_Utility_Resource_Service</filter-name>