wanglei/AuthPlatform
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
7ab44b198e
AuthPlatform/conf/nginx.conf

124 lines
4.9 KiB
Nginx Configuration File
Raw Blame History

This file contains ambiguous Unicode characters

This file contains Unicode characters that might be confused with other characters. If you think that this is intentional, you can safely ignore this warning. Use the Escape button to reveal them.

worker_processes auto; #nginx worker 数量
error_log /home/frankly/work/AuthPlatform/logs/error.log info; #指定错误日志文件路径
#worker_rlimit_nofile 65535;
events {
worker_connections 1024;
}
http {
##lua_need_request_body on; #开启读取请求体数据
client_max_body_size 1024M; #允许最大100k的请求体
client_body_buffer_size 1024M; #设置缓冲区大小
#lua_code_cache off; #关闭代码缓存修改lua脚本不需要重启
lua_package_path '$prefix/src/?/?.lua;$prefix/src/?.lua;/home/frankly/work/AuthPlatform/src/?/?.lua;/home/frankly/work/AuthPlatform/src/?.lua;;';
lua_package_cpath '$prefix/src/share/lib/?.so;/home/frankly/work/AuthPlatform/src/share/lib/?.so;;';
# Path of the file with trusted CA certificates.
#lua_ssl_trusted_certificate /etc/ssl/certs/ca-certificates.crt;
# The verification depth in the server certificates chain.
#lua_ssl_verify_depth 3;
#在Nginx启动时执行的Lua代码块
#oauth2.0第三方验证后将code放到共享内存中
lua_shared_dict codeDict 10m;
#init_by_lua_block {
# -- 定义一个全局变量
# ngx.log(ngx.INFO, "Initializing global variable")
# global_var = "Hello, Nginx with Lua!"
# -- 初始化一个共享字典(需要 lua-shared-dict 模块)
# local shared_dict = ngx.shared.dict_a
# shared_dict:set("key", "value")
#}
#init_by_lua_block 与 init_by_lua_file 只能初始化其中的一个,不能同时启用
#否则报错nginx: [emerg] "init_by_lua_file" directive is duplicate
#init_by_lua_file '/home/frankly/work/AuthPlatform/src/init.lua';
init_worker_by_lua_file '/home/frankly/work/AuthPlatform/src/init.lua';
server {
listen 9080;
server_name 127.0.0.1;
default_type text/html;
location = /favicon.ico {
log_not_found off;
access_log off;
}
## 应用路径 todo 路径问题
set $APP_PATH '/home/frankly/work/AuthPlatform';
#访问时允许跨域处理
access_by_lua_block {
ngx.header["Access-Control-Allow-Origin"] = "*";
ngx.header["Access-Control-Allow-Methods"] = "GET, POST, DELETE, PUT";
ngx.header["Access-Control-Allow-Headers"] = "DNT,User-Agent,X-Requested-With,If-Modified-Since,Cache-Control,Content-Type,Range,Authorization";
ngx.header["Access-Control-Max-Age"] = 1728000;
ngx.header["Access-Control-Expose-Headers"] = "Content-Length,Content-Range";
if ngx.var.request_method == "OPTIONS" then
ngx.status = 204
ngx.exit(ngx.OK)
end
}
#OP端点配置
location /yum/v1/.well-known/openid-configuration {
content_by_lua_block {
local cjson = require "cjson"
local config = {
issuer = "http://localhost:9080",
authorization_endpoint = "http://localhost:9080/yum/v1/oauth/v2/authorize",
token_endpoint = "http://localhost:9080yum/v1/oauth/v2/token",
userinfo_endpoint = "http://localhost:9080yum/v1/oauth/v2/userinfo",
--jwks_uri = "http://localhost:9080/jwks", -- 公钥端点(可选)
grant_types_supported = { "authorization_code", "token", "refresh_token" }, -- 新增支持 refresh_token
response_types_supported = { "code" },
subject_types_supported = { "public" },
id_token_signing_alg_values_supported = { "HS256" },
refresh_token_issuance_supported = true -- 声明支持颁发 refresh_token
}
ngx.header["Content-Type"] = "application/json"
ngx.say(cjson.encode(config))
}
}
#数据列表配置
include 'system/system.conf';
#测试接口配置
location /testTree {
content_by_lua_file '${APP_PATH}/src/test/testRadixtree.lua';
}
location /testRBAC {
content_by_lua_file '${APP_PATH}/src/test/testRBAC.lua';
}
location /test {
content_by_lua_file '${APP_PATH}/src/test/test.lua';
}
location = /testSM {
content_by_lua_block {
cjson = require "cjson.safe"
ngx.say(cjson.encode({a = 1, b = 2}))
local dict_a = ngx.shared.dict_a;
ngx.say("abc=",dict_a:get("abc"))
-- 访问全局变量
ngx.say("Global variable: ", global_var)
-- 访问共享字典
ngx.say("Shared dict value: ", dict_a:get("key"))
}
}
}
#server {
# listen 9081 ssl http2;
# server_name *.*;
# ssl_certificate ssl/metroid.crt;
# ssl_certificate_key ssl/metroid.key;
#}
}
Reference in New Issue View Git Blame Copy Permalink