├── LICENSE.md
├── get-started
├── docker-compose
│ ├── config
│ │ ├── jwt.env
│ │ ├── feature-flags.env
│ │ ├── otk.env
│ │ ├── core.env
│ │ ├── solutionkits
│ │ │ └── policysdk.env
│ │ ├── license-agreement.env
│ │ └── certificates.env
│ ├── add-ons
│ │ ├── services
│ │ │ ├── README.md
│ │ │ └── sample_service.json
│ │ ├── Dockerfile.addon
│ │ └── bundles
│ │ │ └── dummy.bundle
│ ├── Dockerfile.postgresql
│ ├── docker-compose.addons.yml
│ ├── docker-compose.lb.dockercloud.yml
│ ├── liquibase
│ │ └── scalerDbSchemaPostgreSql.sql
│ ├── docker-compose.db.postgresql.yml
│ ├── docker-compose.db.consul.yml
│ └── docker-compose.yml
├── external
│ ├── mag
│ │ ├── customize
│ │ │ ├── license
│ │ │ │ └── README.md
│ │ │ ├── rc.d
│ │ │ │ └── z-add-edge-gateway-user.sh
│ │ │ └── bundle
│ │ │ │ └── after-start
│ │ │ │ ├── add_edge_gateway_user.bundle
│ │ │ │ ├── add_microgateway_user.bundle
│ │ │ │ ├── ca_msso_cert.xml
│ │ │ │ ├── ca_msso_key.xml
│ │ │ │ └── README.md
│ │ ├── solutionkits
│ │ │ ├── build
│ │ │ │ ├── PolicySDK.skmult.footer
│ │ │ │ └── PolicySDK.skmult.header
│ │ │ ├── PolicySDK-v1.0.0.00.skmult
│ │ │ ├── README.md
│ │ │ └── build.sh
│ │ ├── config
│ │ │ ├── license.env
│ │ │ ├── otk-db.env
│ │ │ ├── otk-hostname.env
│ │ │ └── otk.env
│ │ ├── README.md
│ │ ├── Dockerfile.otk
│ │ └── docker-compose.yml
│ ├── otk
│ │ ├── customize
│ │ │ ├── license
│ │ │ │ └── README.md
│ │ │ ├── rc.d
│ │ │ │ └── z-add-edge-gateway-user.sh
│ │ │ ├── db
│ │ │ │ └── cassandra
│ │ │ │ │ └── setupSchemas.sh
│ │ │ └── bundle
│ │ │ │ └── after-start
│ │ │ │ ├── add_edge_gateway_user.bundle
│ │ │ │ ├── add_microgateway_user.bundle
│ │ │ │ ├── ca_msso_cert.xml
│ │ │ │ ├── ca_msso_key.xml
│ │ │ │ └── README.md
│ │ ├── solutionkits
│ │ │ ├── build
│ │ │ │ ├── PolicySDK.skmult.footer
│ │ │ │ └── PolicySDK.skmult.header
│ │ │ ├── PolicySDK-v1.0.0.00.skmult
│ │ │ ├── README.md
│ │ │ └── build.sh
│ │ ├── config
│ │ │ ├── license.env
│ │ │ ├── otk-db.env
│ │ │ ├── otk-hostname.env
│ │ │ └── otk.env
│ │ ├── Dockerfile.cassandra
│ │ ├── Dockerfile.otk
│ │ ├── README.md
│ │ └── docker-compose.yml
│ └── oauth-clients
│ │ └── tiny-oauth-client
│ │ ├── pkg
│ │ └── README.md
│ │ ├── README.md
│ │ └── src
│ │ └── client
│ │ └── client.go
├── config
│ └── certs
│ │ ├── otk.p12
│ │ ├── rootCA.p12
│ │ ├── microgateway.mycompany.com.p12
│ │ ├── otk.pem
│ │ ├── microgateway.mycompany.com.crt
│ │ ├── rootCA.pem
│ │ ├── otk.key
│ │ ├── rootCA.key
│ │ └── microgateway.mycompany.com.key
└── get-further
│ ├── demo-with-live-api-creator
│ ├── gateway
│ │ ├── config
│ │ │ ├── feature-flags.env
│ │ │ ├── jwt.env
│ │ │ ├── core.env
│ │ │ ├── solutionkits
│ │ │ │ └── policysdk.env
│ │ │ ├── license-agreement.env
│ │ │ ├── otk.env
│ │ │ └── certificates.env
│ │ ├── add-ons
│ │ │ ├── services
│ │ │ │ ├── README.md
│ │ │ │ └── sample_service.json
│ │ │ ├── Dockerfile.addon
│ │ │ └── bundles
│ │ │ │ └── README.md
│ │ ├── Dockerfile.postgresql
│ │ ├── docker-compose.addons.yml
│ │ ├── docker-compose.lb.dockercloud.yml
│ │ ├── liquibase
│ │ │ └── scalerDbSchemaPostgreSql.sql
│ │ ├── docker-compose.db.postgresql.yml
│ │ ├── docker-compose.db.consul.yml
│ │ └── docker-compose.yml
│ ├── microgateway
│ │ ├── add-ons
│ │ │ ├── services
│ │ │ │ ├── README.md
│ │ │ │ ├── .DS_Store
│ │ │ │ ├── newyorktimes.json
│ │ │ │ └── orders.json
│ │ │ └── bundles
│ │ │ │ └── README.md
│ │ └── customization
│ │ │ ├── docker-compose.customize.yml
│ │ │ └── docker-compose.solutionkit.policysdk.yml
│ ├── live-api-creator
│ │ ├── etc
│ │ │ ├── db.env
│ │ │ ├── tls
│ │ │ │ ├── ca.jks
│ │ │ │ ├── node.p12
│ │ │ │ ├── admin.p12
│ │ │ │ ├── node.csr
│ │ │ │ ├── admin.csr
│ │ │ │ ├── README.md
│ │ │ │ ├── node.crt
│ │ │ │ ├── admin.crt
│ │ │ │ ├── admin.key
│ │ │ │ └── node.key
│ │ │ ├── eula.env
│ │ │ ├── license
│ │ │ │ └── README.md
│ │ │ └── tomcat
│ │ │ │ └── conf
│ │ │ │ └── context.xml
│ │ ├── docker-compose.db.yml
│ │ ├── Dockerfile.admin
│ │ ├── Dockerfile.node
│ │ └── docker-compose.yml
│ ├── mqtt
│ │ └── docker-compose.yml
│ ├── img
│ │ ├── ca-microgateway-diagram-demo_draw-io.png
│ │ └── ca-microgateway-diagram-demo_draw-io.xml
│ ├── microservices
│ │ ├── newyorktimes
│ │ │ └── Gatewayfile
│ │ ├── orders
│ │ │ ├── docker-compose.db.yml
│ │ │ └── Gatewayfile
│ │ ├── recommendation
│ │ │ ├── docker-compose.db.yml
│ │ │ └── Gatewayfile
│ │ └── customer
│ │ │ └── Gatewayfile
│ ├── config.sh
│ └── apis-orchestration
│ │ ├── recommendator.json
│ │ └── recommendator.v2.json
│ ├── operations
│ ├── platforms
│ │ ├── img
│ │ │ ├── docker_draw.io.png
│ │ │ ├── kubernetes_draw.io.png
│ │ │ ├── openshift_draw.io.png
│ │ │ ├── kubernetes_demo_thumbnail.png
│ │ │ ├── openshift_draw.io.xml
│ │ │ └── docker_draw.io.xml
│ │ └── kubernetes-minikube.md
│ └── system
│ │ ├── logging-auditing.md
│ │ └── performance.md
│ ├── extend-microgateway-with-new-templates.md
│ ├── api-with-basic-auth.md
│ ├── build-microgateway-with-custom-templates-and-services.md
│ └── register-google-tls-certificate.md
├── img
├── ca-world-17-footer.png
├── ca-microgateway-diagram_draw-io.png
└── ca-microgateway-diagram_draw-io.xml
├── samples
├── platforms
│ ├── kubernetes
│ │ ├── README.md
│ │ ├── db-postgresql.yml
│ │ ├── microgateway.yml
│ │ └── db-consul.yml
│ └── openshift
│ │ ├── config
│ │ ├── postgresql.env
│ │ └── consul.env
│ │ ├── db-postgres.yaml
│ │ └── config.yaml
└── APIs
│ ├── Gatewayfile-with-route
│ ├── Gatewayfile-with-basic-auth-route
│ ├── Gatewayfile-with-oauth-route
│ ├── README.md
│ ├── Gatewayfile-with-orchestrator-oauth-route
│ ├── Gatewayfile-with-frontoauth-orchestrator-oauth-route
│ └── Gatewayfile-with-frontoauth-orchestrator-oauth-route-with-params
├── .gitignore
├── MAINTAIN.md
├── TROUBLESHOOT.md
└── CHANGELOG.md
/LICENSE.md:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/LICENSE.md
--------------------------------------------------------------------------------
/get-started/docker-compose/config/jwt.env:
--------------------------------------------------------------------------------
1 | CLUSTER_PROPERTY_clusterhost_ssl_port=443
2 |
--------------------------------------------------------------------------------
/get-started/external/mag/customize/license/README.md:
--------------------------------------------------------------------------------
1 | Add your CA license files here.
2 |
--------------------------------------------------------------------------------
/get-started/external/otk/customize/license/README.md:
--------------------------------------------------------------------------------
1 | Add your CA license files here.
2 |
--------------------------------------------------------------------------------
/get-started/docker-compose/config/feature-flags.env:
--------------------------------------------------------------------------------
1 | SOLUTION_KIT_POLICYSDK_ENABLED=false
2 |
--------------------------------------------------------------------------------
/get-started/external/mag/solutionkits/build/PolicySDK.skmult.footer:
--------------------------------------------------------------------------------
1 |
2 | --PolicySDK--
3 |
--------------------------------------------------------------------------------
/get-started/external/otk/solutionkits/build/PolicySDK.skmult.footer:
--------------------------------------------------------------------------------
1 |
2 | --PolicySDK--
3 |
--------------------------------------------------------------------------------
/get-started/docker-compose/config/otk.env:
--------------------------------------------------------------------------------
1 | OTK_SERVER_HOST=otk
2 | OTK_SERVER_SSL_PORT=8443
3 |
--------------------------------------------------------------------------------
/img/ca-world-17-footer.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/img/ca-world-17-footer.png
--------------------------------------------------------------------------------
/get-started/config/certs/otk.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/config/certs/otk.p12
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/config/feature-flags.env:
--------------------------------------------------------------------------------
1 | SOLUTION_KIT_POLICYSDK_ENABLED=true
2 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/config/jwt.env:
--------------------------------------------------------------------------------
1 | CLUSTER_PROPERTY_clusterhost_ssl_port=8443
2 |
--------------------------------------------------------------------------------
/get-started/config/certs/rootCA.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/config/certs/rootCA.p12
--------------------------------------------------------------------------------
/img/ca-microgateway-diagram_draw-io.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/img/ca-microgateway-diagram_draw-io.png
--------------------------------------------------------------------------------
/get-started/external/oauth-clients/tiny-oauth-client/pkg/README.md:
--------------------------------------------------------------------------------
1 | Will contain the Go dependencies after running the command `go get`.
2 |
--------------------------------------------------------------------------------
/get-started/docker-compose/add-ons/services/README.md:
--------------------------------------------------------------------------------
1 | This folder will contain bundle files that can be added on top of the microgateway image
2 |
--------------------------------------------------------------------------------
/get-started/docker-compose/Dockerfile.postgresql:
--------------------------------------------------------------------------------
1 | FROM postgres:9.6
2 |
3 | ADD ./liquibase/scalerDbSchemaPostgreSql.sql /docker-entrypoint-initdb.d/schema.sql
4 |
--------------------------------------------------------------------------------
/get-started/config/certs/microgateway.mycompany.com.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/config/certs/microgateway.mycompany.com.p12
--------------------------------------------------------------------------------
/samples/platforms/kubernetes/README.md:
--------------------------------------------------------------------------------
1 | Check the get-further folder for [deployment information](../../../get-started/get-further/operations/platforms/kubernetes.md).
2 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/add-ons/services/README.md:
--------------------------------------------------------------------------------
1 | This folder will contain bundle files that can be added on top of the microgateway image
2 |
--------------------------------------------------------------------------------
/get-started/external/mag/solutionkits/PolicySDK-v1.0.0.00.skmult:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/external/mag/solutionkits/PolicySDK-v1.0.0.00.skmult
--------------------------------------------------------------------------------
/get-started/external/otk/solutionkits/PolicySDK-v1.0.0.00.skmult:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/external/otk/solutionkits/PolicySDK-v1.0.0.00.skmult
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microgateway/add-ons/services/README.md:
--------------------------------------------------------------------------------
1 | This folder will contain bundle files that can be added on top of the microgateway image
2 |
--------------------------------------------------------------------------------
/get-started/docker-compose/config/core.env:
--------------------------------------------------------------------------------
1 | # Hostname of the Gateway cluster, usually the hostname used by the load balancer
2 | CLUSTER_PROPERTY_cluster_hostname=microgateway.mycompany.com
3 |
--------------------------------------------------------------------------------
/get-started/get-further/operations/platforms/img/docker_draw.io.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/operations/platforms/img/docker_draw.io.png
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/Dockerfile.postgresql:
--------------------------------------------------------------------------------
1 | FROM postgres:9.6
2 |
3 | ADD ./liquibase/scalerDbSchemaPostgreSql.sql /docker-entrypoint-initdb.d/schema.sql
4 |
--------------------------------------------------------------------------------
/get-started/get-further/operations/platforms/img/kubernetes_draw.io.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/operations/platforms/img/kubernetes_draw.io.png
--------------------------------------------------------------------------------
/get-started/get-further/operations/platforms/img/openshift_draw.io.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/operations/platforms/img/openshift_draw.io.png
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/db.env:
--------------------------------------------------------------------------------
1 | RDS_HOSTNAME=lac_mysql
2 | RDS_PORT=3306
3 | RDS_USERNAME=lac_admin
4 | RDS_PASSWORD=CAdemo123
5 | RDS_DB_NAME=lac_admin
6 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/config/core.env:
--------------------------------------------------------------------------------
1 | # Hostname of the Gateway cluster, usually the hostname used by the load balancer
2 | CLUSTER_PROPERTY_cluster_hostname=edge-ssg
3 |
--------------------------------------------------------------------------------
/get-started/get-further/operations/platforms/img/kubernetes_demo_thumbnail.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/operations/platforms/img/kubernetes_demo_thumbnail.png
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microgateway/customization/docker-compose.customize.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | ssg:
4 | environment:
5 | CLUSTER_PROPERTY_cluster_hostname: ssg
6 |
--------------------------------------------------------------------------------
/get-started/docker-compose/docker-compose.addons.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | ssg:
4 | image: caapim/microgateway:addons
5 | build:
6 | context: ./add-ons
7 | dockerfile: Dockerfile.addon
8 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/ca.jks:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/ca.jks
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/node.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/node.p12
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/admin.p12:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/admin.p12
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/mqtt/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | mqtt:
4 | image: "eclipse-mosquitto"
5 | # ports:
6 | # - "1883:1883"
7 | # - "9001:9001"
8 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microgateway/add-ons/services/.DS_Store:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/demo-with-live-api-creator/microgateway/add-ons/services/.DS_Store
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/img/ca-microgateway-diagram-demo_draw-io.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/CAAPIM/Microgateway/HEAD/get-started/get-further/demo-with-live-api-creator/img/ca-microgateway-diagram-demo_draw-io.png
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/docker-compose.addons.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | edge-ssg:
4 | image: caapim/edge-ssg:addons
5 | build:
6 | context: ./add-ons
7 | dockerfile: Dockerfile.addon
8 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/eula.env:
--------------------------------------------------------------------------------
1 | # Accept the Live API Creator EULA (see license/CA_Technologies_LiveAPI_License.json
2 | for the EULA text) by setting the value "ENU" to ca_accept_license
3 | ca_accept_license=
4 |
--------------------------------------------------------------------------------
/samples/platforms/openshift/config/postgresql.env:
--------------------------------------------------------------------------------
1 | POSTGRES_USER=causer
2 | POSTGRES_PASSWORD=capassword
3 | POSTGRES_DB=qstr
4 |
5 | QUICKSTART_REST_MODE=true
6 | QUICKSTART_REPOSITORY_TYPE=db
7 | QUICKSTART_REPOSITORY_DB_TYPE=postgresql
8 | QUICKSTART_REPOSITORY_DB_HOST=10.137.227.146
9 | QUICKSTART_REPOSITORY_DB_PORT=5432
--------------------------------------------------------------------------------
/get-started/docker-compose/config/solutionkits/policysdk.env:
--------------------------------------------------------------------------------
1 | SOLUTION_KIT_POLICYSDK_COMPANY=MyCompany
2 | SOLUTION_KIT_POLICYSDK_INGRESS=https://otk.mycompany.com:8443
3 | SOLUTION_KIT_POLICYSDK_MASTER_KEY=5f241df4-4a71-46e3-869b-99ab4df73c87
4 | SOLUTION_KIT_POLICYSDK_ISS=https://${gateway.cluster.hostname}:8443/quickstart/1.0
5 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microgateway/add-ons/services/newyorktimes.json:
--------------------------------------------------------------------------------
1 | { "Service": {
2 | "name": "newyorktimes",
3 | "gatewayUri": "/newyorktimes",
4 | "httpMethods": [ "get" ],
5 | "policy": [
6 | {
7 | "newyorktimes" : {}
8 | }
9 | ]
10 | }
11 | }
12 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/config/solutionkits/policysdk.env:
--------------------------------------------------------------------------------
1 | SOLUTION_KIT_POLICYSDK_COMPANY=MyCompany
2 | SOLUTION_KIT_POLICYSDK_INGRESS=https://otk:8443
3 | SOLUTION_KIT_POLICYSDK_MASTER_KEY=ingressgateway-cluster-oauth-key
4 | SOLUTION_KIT_POLICYSDK_ISS=https://${gateway.cluster.hostname}:8443/quickstart/1.0
5 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microservices/newyorktimes/Gatewayfile:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "newyorktimes",
4 | "gatewayUri": "/newyorktimes",
5 | "httpMethods": [
6 | "get"
7 | ],
8 | "policy": [
9 | {
10 | "newyorktimes": {}
11 | }
12 | ]
13 | }
14 | }
15 |
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | **/.DS_Store
2 | **/bin
3 | **/pkg/*
4 | !**/pkg/README.md
5 | **/src/*
6 | !**/src/client
7 | get-started/get-further/demo-with-live-api-creator/api-live-creator/CA_Technologies_LiveAPI_License.json
8 | get-started/docker-compose/add-ons.orig
9 | get-started/external/otk/customize/license/*
10 | !get-started/external/otk/customize/license/README.md
11 |
--------------------------------------------------------------------------------
/samples/platforms/openshift/config/consul.env:
--------------------------------------------------------------------------------
1 | QUICKSTART_REST_MODE=true
2 | QUICKSTART_REPOSITORY_TYPE=consul
3 | QUICKSTART_REPOSITORY_DB_HOST=microgateway-db-svc
4 | QUICKSTART_REPOSITORY_DB_PORT=8500
5 | QUICKSTART_REPOSITORY_CONSUL_PROTOCOL=http
6 |
7 | DOCKER_REGISTRY=docker.io
8 | DOCKER_CONSUL_IMAGE_NAME=consul
9 | DOCKER_CONSUL_IMAGE_TAG=0.9.2
10 | DOCKER_REGISTRY_INSECURE=false
--------------------------------------------------------------------------------
/get-started/external/mag/config/license.env:
--------------------------------------------------------------------------------
1 | # The initial Product Availability Period for your trial of CA Microgateway
2 | # shall be sixty (60) days from the date of your initial deployment. You
3 | # are permitted only one (1) trial of CA Microgateway per Company, and you
4 | # may not redeploy a new trial of CA Microgateway after the end of the initial
5 | # Product Availability Period.
6 | ACCEPT_LICENSE=false
7 |
--------------------------------------------------------------------------------
/get-started/external/otk/config/license.env:
--------------------------------------------------------------------------------
1 | # The initial Product Availability Period for your trial of CA Microgateway
2 | # shall be sixty (60) days from the date of your initial deployment. You
3 | # are permitted only one (1) trial of CA Microgateway per Company, and you
4 | # may not redeploy a new trial of CA Microgateway after the end of the initial
5 | # Product Availability Period.
6 | ACCEPT_LICENSE=false
7 |
--------------------------------------------------------------------------------
/get-started/docker-compose/config/license-agreement.env:
--------------------------------------------------------------------------------
1 | # The initial Product Availability Period for your trial of CA Microgateway
2 | # shall be sixty (60) days from the date of your initial deployment. You
3 | # are permitted only one (1) trial of CA Microgateway per Company, and you
4 | # may not redeploy a new trial of CA Microgateway after the end of the initial
5 | # Product Availability Period.
6 | ACCEPT_LICENSE=false
7 |
--------------------------------------------------------------------------------
/get-started/external/otk/config/otk-db.env:
--------------------------------------------------------------------------------
1 | # Database settings
2 |
3 | ## OTK DB
4 | BUNDLE_TEMPLATE_OTK_DATABASE_HOST=otk_cassandra
5 | BUNDLE_TEMPLATE_OTK_DATABASE_PORT=9042
6 | BUNDLE_TEMPLATE_OTK_DATABASE_USER=db_admin
7 | BUNDLE_TEMPLATE_OTK_DATABASE_PASSWORD=UTWtziFHF0xgng==
8 | BUNDLE_TEMPLATE_OTK_DATABASE_NAME=otk_db
9 | BUNDLE_TEMPLATE_OTK_DATABASE_TYPE=cassandra
10 | BUNDLE_TEMPLATE_OTK_DATABASE_MYSQL_ENABLED=false
11 |
--------------------------------------------------------------------------------
/get-started/external/mag/solutionkits/README.md:
--------------------------------------------------------------------------------
1 | All solution kits (\*.skmult) in this folder will be installed on the OTK.
2 |
3 | #### Build headless solution kits (.skmult)
4 |
5 | - Copy the solution kit (file .sskar) in the current folder
6 |
7 | - Build the headless solution kit (file .skmult):
8 | - PolicySDK:
9 | ```
10 | ./build.sh PolicySDK PolicySDK-v1.0.0.00.sskar PolicySDK-v1.0.0.00.skmult
11 | ```
12 |
--------------------------------------------------------------------------------
/get-started/external/otk/solutionkits/README.md:
--------------------------------------------------------------------------------
1 | All solution kits (\*.skmult) in this folder will be installed on the OTK.
2 |
3 | #### Build headless solution kits (.skmult)
4 |
5 | - Copy the solution kit (file .sskar) in the current folder
6 |
7 | - Build the headless solution kit (file .skmult):
8 | - PolicySDK:
9 | ```
10 | ./build.sh PolicySDK PolicySDK-v1.0.0.00.sskar PolicySDK-v1.0.0.00.skmult
11 | ```
12 |
--------------------------------------------------------------------------------
/get-started/external/otk/Dockerfile.cassandra:
--------------------------------------------------------------------------------
1 | FROM cassandra:3.11
2 |
3 | # make directory for the get started scripts
4 | RUN mkdir get_started
5 |
6 | # Add cql to setup schema and test data for OTK
7 | ADD ./customize/db/cassandra/db_scripts/*.cql /get_started/db_scripts/
8 |
9 | # Add script to execute cql upon the start up of cassandra container
10 | ADD ./customize/db/cassandra/setupSchemas.sh /get_started/setupSchemas.sh
11 |
--------------------------------------------------------------------------------
/get-started/docker-compose/add-ons/services/sample_service.json:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Google Search Preloaded",
4 | "gatewayUri": "/google-preloaded",
5 | "httpMethods": [ "get" ],
6 | "policy": [
7 | {
8 | "RouteHttp" : {
9 | "targetUrl": "http://www.google.com/search${request.url.query}",
10 | "httpMethod" : "Automatic"
11 | }
12 | }
13 | ]
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/add-ons/services/sample_service.json:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Google Search",
4 | "gatewayUri": "/google",
5 | "httpMethods": [ "get" ],
6 | "policy": [
7 | {
8 | "RouteHttp" : {
9 | "targetUrl": "http://www.google.com/search${request.url.query}",
10 | "httpMethod" : "Automatic"
11 | }
12 | }
13 | ]
14 | }
15 | }
16 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/config/license-agreement.env:
--------------------------------------------------------------------------------
1 | # The initial Product Availability Period for your trial of CA Microgateway
2 | # shall be sixty (60) days from the date of your initial deployment. You
3 | # are permitted only one (1) trial of CA Microgateway per Company, and you
4 | # may not redeploy a new trial of CA Microgateway after the end of the initial
5 | # Product Availability Period.
6 | ACCEPT_LICENSE=false
7 |
--------------------------------------------------------------------------------
/get-started/get-further/operations/platforms/kubernetes-minikube.md:
--------------------------------------------------------------------------------
1 | # Running Kubernetes Locally via Minikube
2 |
3 | Documentation: https://kubernetes.io/docs/getting-started-guides/minikube/
4 |
5 | ## Start single-node cluster in local environment with enough resource
6 | ```
7 | minikube start --cpus 4 --memory 6144
8 | ```
9 |
10 | ## Get the Kubernetes cluster public IP
11 | ```
12 | minikube ip
13 | ```
14 |
15 | ## Kubernetes web dashboard
16 | ```
17 | minikube dashboard
18 | ```
19 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/license/README.md:
--------------------------------------------------------------------------------
1 | If the license of the Live API Creator docker image is expired, please put your
2 | license file in this folder and name it `CA_Technologies_LiveAPI_License.json`.
3 |
4 | For details, please see the [reference documentation](https://docops.ca.com/ca-live-api-creator/4-0/en/installing-and-upgrading/install-as-a-docker-container#InstallasaDockerContainer-BypasstheAdditionalStepatLogintoAccepttheEULAatContainerStartup).
5 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microgateway/customization/docker-compose.solutionkit.policysdk.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | ssg:
4 | environment:
5 | SOLUTION_KIT_POLICYSDK_ENABLED: "true"
6 | SOLUTION_KIT_POLICYSDK_COMPANY: MyCompany
7 | SOLUTION_KIT_POLICYSDK_INGRESS: https://otk:8443
8 | SOLUTION_KIT_POLICYSDK_MASTER_KEY: microgateway-cluster-oauth-key
9 | SOLUTION_KIT_POLICYSDK_ISS: https://$${gateway.cluster.hostname}:8443/quickstart/1.0
10 |
--------------------------------------------------------------------------------
/samples/APIs/Gatewayfile-with-route:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "httpbin",
4 | "gatewayUri": "/httpbin*",
5 | "httpMethods": [ "get", "post", "put", "delete" ],
6 | "policy": [
7 | {
8 | "RouteHttp" : {
9 | "targetUrl": "https://httpbin",
10 | "preserveRequestPath": "true",
11 | "httpMethod": "Automatic"
12 | }
13 | }
14 | ]
15 | }
16 | }
17 |
18 |
--------------------------------------------------------------------------------
/get-started/docker-compose/docker-compose.lb.dockercloud.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | ssg:
4 | environment:
5 | # dockercloud/haproxy configuration
6 | VIRTUAL_HOST: https://gateway.mycompany.com
7 | TCP_PORTS: "8443"
8 | EXCLUDE_PORTS: "2124,8080"
9 |
10 | lb:
11 | image: 'dockercloud/haproxy:latest'
12 | restart: always
13 | # environment:
14 | # - DEBUG="true"
15 | volumes:
16 | - /var/run/docker.sock:/var/run/docker.sock
17 | links:
18 | - ssg
19 | ports:
20 | - '443:8443'
21 |
--------------------------------------------------------------------------------
/get-started/external/mag/config/otk-db.env:
--------------------------------------------------------------------------------
1 | ## OTK DB
2 | MYSQL_USER=db_admin
3 | MYSQL_PASSWORD=UTWtziFHF0xgng==
4 | MYSQL_DATABASE=otk_db
5 | MYSQL_ROOT_PASSWORD=UTWtziFHF0xgng==
6 | # MYSQL_RANDOM_ROOT_PASSWORD=yes
7 |
8 | BUNDLE_TEMPLATE_OTK_DATABASE_USER=root
9 | BUNDLE_TEMPLATE_OTK_DATABASE_PASSWORD=UTWtziFHF0xgng==
10 | BUNDLE_TEMPLATE_OTK_DATABASE_NAME=otk_db
11 |
12 | BUNDLE_TEMPLATE_OTK_DATABASE_TYPE=mysql
13 | BUNDLE_TEMPLATE_OTK_DATABASE_MYSQL_ENABLED=true
14 | BUNDLE_TEMPLATE_OTK_DATABASE_HOST=otk_mysqldb
15 | BUNDLE_TEMPLATE_OTK_DATABASE_PORT=3306
16 |
--------------------------------------------------------------------------------
/get-started/external/mag/solutionkits/build/PolicySDK.skmult.header:
--------------------------------------------------------------------------------
1 | --PolicySDK
2 | Content-Disposition: form-data; name="solutionKitSelect"
3 |
4 | 00e00496-5ed7-4099-aac6-af81541abab1
5 | --PolicySDK
6 | Content-Disposition: form-data; name="solutionKitSelect"
7 |
8 | c69f4620-d1f3-4f37-aaaf-c817858a4a7f
9 | --PolicySDK
10 | Content-Disposition: form-data; name="solutionKitSelect"
11 |
12 | aea40a8d-2e72-4f68-a795-a3267250f2aa
13 | --PolicySDK
14 | Content-Disposition: form-data; name="file"; filename="PolicySDK.sskar"
15 | Content-Type: application/octet-stream
16 |
17 |
--------------------------------------------------------------------------------
/get-started/external/otk/config/otk-hostname.env:
--------------------------------------------------------------------------------
1 | # Sets the hostname
2 | # See documentation: https://github.com/CAAPIM/Docker-MAS#use-a-custom-hostname
3 | OTK_HOSTNAME=otk.mycompany.com
4 | BUNDLE_TEMPLATE_HOSTNAME=otk.mycompany.com
5 | BUNDLE_TEMPLATE_OTK_HOSTNAME=otk.mycompany.com
6 |
7 | #The base64 encoded version of $BUNDLE_TEMPLATE_HOSTNAME
8 | BUNDLE_TEMPLATE_HOSTNAME_ENCODED=b3RrLm15Y29tcGFueS5jb20=
9 | # This is the base64 encoded version of http://$BUNDLE_TEMPLATE_HOSTNAME
10 | BUNDLE_TEMPLATE_PROTOCOL_HOSTNAME_ENCODED=aHR0cDovL290ay5teWNvbXBhbnkuY29t
11 |
12 |
--------------------------------------------------------------------------------
/get-started/docker-compose/liquibase/scalerDbSchemaPostgreSql.sql:
--------------------------------------------------------------------------------
1 | --
2 | -- PostgreSQL version of Quick Start Template Registrar database creation script.
3 | --
4 |
5 | DROP TABLE IF EXISTS template_registrar;
6 |
7 | CREATE TABLE template_registrar (
8 | name varchar(255) NOT NULL, -- same as published_service name field
9 | uri varchar(255) NOT NULL, -- max size is 255 for unique index
10 | time varchar(32) NOT NULL,
11 | template TEXT NOT NULL,
12 | PRIMARY KEY (name)
13 | );
14 |
15 | ALTER TABLE template_registrar ADD CONSTRAINT uri_ID UNIQUE (uri);
16 |
17 |
--------------------------------------------------------------------------------
/get-started/external/otk/solutionkits/build/PolicySDK.skmult.header:
--------------------------------------------------------------------------------
1 | --PolicySDK
2 | Content-Disposition: form-data; name="solutionKitSelect"
3 |
4 | 00e00496-5ed7-4099-aac6-af81541abab1
5 | --PolicySDK
6 | Content-Disposition: form-data; name="solutionKitSelect"
7 |
8 | c69f4620-d1f3-4f37-aaaf-c817858a4a7f
9 | --PolicySDK
10 | Content-Disposition: form-data; name="solutionKitSelect"
11 |
12 | aea40a8d-2e72-4f68-a795-a3267250f2aa
13 | --PolicySDK
14 | Content-Disposition: form-data; name="file"; filename="PolicySDK.sskar"
15 | Content-Type: application/octet-stream
16 |
17 |
--------------------------------------------------------------------------------
/get-started/docker-compose/add-ons/Dockerfile.addon:
--------------------------------------------------------------------------------
1 | FROM caapim/microgateway:1.0.00
2 |
3 | # If one bundle is dependent on another, make sure that the dependent loads later
4 | # The load order is based on the bundle filename following the ASCII sort order
5 | # e.g. a.bundle will load before b.bundle
6 | ADD ./bundles/*.bundle /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/
7 |
8 | # To use loading QuickStart services from JSON files, please change to
9 | # SCALER_ENABLE: "false" and uncomment the following line
10 | ADD ./services/*.json /opt/SecureSpan/Gateway/node/default/etc/bootstrap/qs/
11 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/docker-compose.lb.dockercloud.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | edge-ssg:
4 | environment:
5 | # dockercloud/haproxy configuration
6 | # VIRTUAL_HOST: https://gateway.mycompany.com
7 | TCP_PORTS: "8443"
8 | EXCLUDE_PORTS: "2124,8080"
9 |
10 | edge-lb:
11 | image: 'dockercloud/haproxy:latest'
12 | restart: always
13 | # environment:
14 | # - DEBUG="true"
15 | volumes:
16 | - /var/run/docker.sock:/var/run/docker.sock
17 | links:
18 | - ssg
19 | ports:
20 | - '443:8443'
21 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/liquibase/scalerDbSchemaPostgreSql.sql:
--------------------------------------------------------------------------------
1 | --
2 | -- PostgreSQL version of Quick Start Template Registrar database creation script.
3 | --
4 |
5 | DROP TABLE IF EXISTS template_registrar;
6 |
7 | CREATE TABLE template_registrar (
8 | name varchar(255) NOT NULL, -- same as published_service name field
9 | uri varchar(255) NOT NULL, -- max size is 255 for unique index
10 | time varchar(32) NOT NULL,
11 | template TEXT NOT NULL,
12 | PRIMARY KEY (name)
13 | );
14 |
15 | ALTER TABLE template_registrar ADD CONSTRAINT uri_ID UNIQUE (uri);
16 |
17 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/add-ons/Dockerfile.addon:
--------------------------------------------------------------------------------
1 | FROM caapim/microgateway:1.0.00
2 |
3 | # If one bundle is dependent on another, make sure that the dependent loads later
4 | # The load order is based on the bundle filename following the ASCII sort order
5 | # e.g. a.bundle will load before b.bundle
6 | ADD ./bundles/*.bundle /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/
7 |
8 | # To use loading QuickStart services from JSON files, please change to
9 | # SCALER_ENABLE: "false" and uncomment the following line
10 | ADD ./services/*.json /opt/SecureSpan/Gateway/node/default/etc/bootstrap/qs/
11 |
--------------------------------------------------------------------------------
/get-started/external/otk/config/otk.env:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright (c) 2016 CA. All rights reserved.
3 | #
4 | # This software may be modified and distributed under the terms
5 | # of the MIT license. See the LICENSE file for details.
6 | #
7 | SSG_HTTP_CORE_CONCURRENCY=128 -Dcom.l7tech.server.protectedEntityTracker.enable=false
8 |
9 | # System admin user
10 | SSG_ADMIN_USERNAME=admin
11 | SSG_ADMIN_PASSWORD=password
12 |
13 | # Test Data
14 | ADD_TEST_USERS_GROUPS=true
15 | ADD_TEST_CLIENTS=true
16 |
17 | # System Settings
18 | SSG_JVM_HEAP=2G
19 | SSG_CLUSTER_PASSWORD=7layer
20 |
21 | # Test Data
22 | ADD_TEST_USERS_GROUPS=true
23 | ADD_TEST_CLIENTS=true
24 |
--------------------------------------------------------------------------------
/get-started/external/mag/config/otk-hostname.env:
--------------------------------------------------------------------------------
1 | # Sets the hostname
2 | # See documentation: https://github.com/CAAPIM/Docker-MAS#use-a-custom-hostname
3 | MAS_HOSTNAME=otk.mycompany.com
4 | BUNDLE_TEMPLATE_HOSTNAME=otk.mycompany.com
5 | BUNDLE_TEMPLATE_OTK_HOSTNAME=otk.mycompany.com
6 | MDC_HOSTNAME=otk.mycompany.com
7 |
8 | #The base64 encoded version of $BUNDLE_TEMPLATE_HOSTNAME
9 | BUNDLE_TEMPLATE_HOSTNAME_ENCODED=b3RrLm15Y29tcGFueS5jb20=
10 | # This is the base64 encoded version of http://$BUNDLE_TEMPLATE_HOSTNAME
11 | BUNDLE_TEMPLATE_PROTOCOL_HOSTNAME_ENCODED=aHR0cDovL290ay5teWNvbXBhbnkuY29t
12 |
13 | BUNDLE_TEMPLATE_DEV_CONSOLE_CALLBACK=https://otk.mycompany.com:443
14 |
--------------------------------------------------------------------------------
/samples/platforms/kubernetes/db-postgresql.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # Quickstart configuration when using a database (PostgreSQL)
3 | apiVersion: v1
4 | kind: ConfigMap
5 | metadata:
6 | name: microgateway-quickstartconfig
7 | data:
8 | QUICKSTART_REST_MODE: "true"
9 | QUICKSTART_REPOSITORY_TYPE: "db"
10 | QUICKSTART_REPOSITORY_DB_TYPE: "postgresql"
11 | QUICKSTART_REPOSITORY_DB_HOST: "10.137.227.146" # this IP should be machine IP if Postgres container is running locally
12 | QUICKSTART_REPOSITORY_DB_PORT: "5432"
13 | QUICKSTART_REPOSITORY_DB_NAME: "qstr"
14 | POSTGRES_DB: "qstr"
15 | QUICKSTART_REPOSITORY_DB_USER: "causer"
16 | QUICKSTART_REPOSITORY_DB_PASSWORD: "capassword"
--------------------------------------------------------------------------------
/samples/APIs/Gatewayfile-with-basic-auth-route:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "httpbin",
4 | "gatewayUri": "/httpbin-basic-auth*",
5 | "httpMethods": [ "get", "post", "put", "delete" ],
6 | "policy": [
7 | {
8 | "CredentialSourceHttpBasic": { }
9 | },
10 | {
11 | "RouteHttp" : {
12 | "targetUrl": "https://httpbin",
13 | "preserveRequestPath": "true",
14 | "httpMethod": "Automatic",
15 | "useAuthenticationHeader": "plaintextheader"
16 | }
17 | }
18 | ]
19 | }
20 | }
21 |
22 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microservices/orders/docker-compose.db.yml:
--------------------------------------------------------------------------------
1 | # This docker-compose file will deploy all the base MySQL infrastructure for
2 | # the API that will have the actual API Data initialized for the API project
3 | # that will be deployed into LAC after the admin node has started.
4 | version: '3'
5 | services:
6 | # API Orders Data Source
7 | orders-db:
8 | image: 'mysql:5.7.9'
9 | # networks:
10 | # - demo
11 | environment:
12 | - SERVICE_IGNORE=true
13 | - MYSQL_ROOT_PASSWORD=root
14 | volumes:
15 | - ./db-init-scripts:/docker-entrypoint-initdb.d
16 |
17 | # networks:
18 | # demo:
19 | # external: true
20 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microservices/recommendation/docker-compose.db.yml:
--------------------------------------------------------------------------------
1 | # This docker-compose file will deploy all the base MySQL infrastructure for
2 | # the API that will have the actual API Data initialized for the API project
3 | # that will be deployed into LAC after the admin node has started.
4 | version: '3'
5 | services:
6 | # API Recommendation Data Source
7 | recommendation-db:
8 | image: 'mysql:5.7.9'
9 | # networks:
10 | # - demo
11 | environment:
12 | - SERVICE_IGNORE=true
13 | - MYSQL_ROOT_PASSWORD=root
14 | volumes:
15 | - ./db-init-scripts:/docker-entrypoint-initdb.d
16 |
17 | # networks:
18 | # demo:
19 | # external: true
20 |
--------------------------------------------------------------------------------
/get-started/external/oauth-clients/tiny-oauth-client/README.md:
--------------------------------------------------------------------------------
1 | #### Tiny OAuth client
2 |
3 | ##### Dependencies
4 | - golang (https://golang.org/doc/install)
5 |
6 | ##### Configure
7 | Edit the variable `oauth` in the file `client.go`.
8 |
9 | ##### Run
10 | ```
11 | export GOPATH="$(pwd)"
12 | cd src/client
13 | go get
14 | go run client.go
15 | ```
16 |
17 | ##### What it does:
18 | 1. The client will print the OAuth Authorization url that you will need to open in your browser in order to grant `client.go`
19 | 2. The client will:
20 | - receive the OAuth code from the OAuth server
21 | - exchange the OAuth code with the OAuth token
22 | - HTTP GET the protected resource using the OAuth token and print its body
23 |
--------------------------------------------------------------------------------
/get-started/external/otk/Dockerfile.otk:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright (c) 2017 CA. All rights reserved.
3 | #
4 | # This software may be modified and distributed under the terms
5 | # of the MIT license. See the LICENSE file for details.
6 | #
7 | FROM caapim/oauth-toolkit:4.2.00
8 |
9 | # Enable Restman and Policyman
10 | RUN mkdir -p /opt/docker/rc.d/bootstrap/ && \
11 | touch /opt/docker/rc.d/bootstrap/restman && \
12 | touch /opt/docker/rc.d/bootstrap/policyman
13 |
14 | # Add after start RESTMAN XML files (processed by the scripts below)
15 | ADD ./customize/bundle/after-start/*.xml /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/
16 | ADD ./customize/bundle/after-start/*.bundle /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/
17 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microservices/customer/Gatewayfile:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Customer",
4 | "gatewayUri": "/custSvc/v1/customerNumbers*",
5 | "httpMethods": [
6 | "get"
7 | ],
8 | "policy": [
9 | {
10 | "SetVariable": {
11 | "VariableToSet": "customerName",
12 | "Expression": "${request.http.parameter.customerName}"
13 | }
14 | },
15 | {
16 | "RouteHttp": {
17 | "targetUrl": "https://lac-node:8443/rest/default/svcOrders/v1/custNumFunc?nometa=true&customerName=${customerName}&auth=zFeg53T5ESosM2xqM86s:1",
18 | "preserveRequestPath": "true",
19 | "httpMethod": "Automatic"
20 | }
21 | }
22 | ]
23 | }
24 | }
25 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/docker-compose.db.yml:
--------------------------------------------------------------------------------
1 | # This docker-compose file will deploy all the base infrastructure for the LAC Cluster
2 | # This LAC node will have it's port exposed so that the CLI process (simulating CI/CD)
3 | # in the script will be able to deploy the API and modify it for consumption
4 | version: '3'
5 | # Declare the network to be an external network
6 | networks:
7 | public:
8 | external: true
9 | # List all service containers to start and their configuration
10 | services:
11 | # LAC Admin DB
12 | lac_mysql:
13 | image: 'mysql:5.6.30'
14 | # networks:
15 | # - demo
16 | environment:
17 | - SERVICE_IGNORE=true
18 | - MYSQL_ROOT_PASSWORD=root
19 | - MYSQL_DATABASE=lac_admin
20 | - MYSQL_USER=lac_admin
21 | - MYSQL_PASSWORD=CAdemo123
22 |
--------------------------------------------------------------------------------
/get-started/docker-compose/docker-compose.db.postgresql.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | ssg:
4 | environment:
5 | QUICKSTART_REST_MODE: "true"
6 | QUICKSTART_REPOSITORY_TYPE: "db"
7 | QUICKSTART_REPOSITORY_DB_TYPE: "postgresql"
8 | QUICKSTART_REPOSITORY_DB_HOST: "ssg_db"
9 | QUICKSTART_REPOSITORY_DB_PORT: "5432"
10 | QUICKSTART_REPOSITORY_DB_NAME: "qstr"
11 | QUICKSTART_REPOSITORY_DB_USER: "causer"
12 | QUICKSTART_REPOSITORY_DB_PASSWORD: "capassword"
13 | links:
14 | - ssg_db
15 |
16 | ssg_db:
17 | build:
18 | context: .
19 | dockerfile: Dockerfile.postgresql
20 | restart: always
21 | deploy:
22 | resources:
23 | limits:
24 | memory: 512m
25 | environment:
26 | POSTGRES_DB: "qstr"
27 | POSTGRES_USER: "causer"
28 | POSTGRES_PASSWORD: "capassword"
29 |
--------------------------------------------------------------------------------
/samples/APIs/Gatewayfile-with-oauth-route:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "httpbin",
4 | "gatewayUri": "/httpbin-oauth*",
5 | "httpMethods": [ "get", "post", "put", "delete" ],
6 | "policy": [
7 | {
8 | "RequireOauth2Token": {
9 | "scope_required": "MS_SCOPE",
10 | "scope_fail": "false",
11 | "onetime": "false",
12 | "given_access_token": ""
13 | }
14 | },
15 | {
16 | "RouteHttp" : {
17 | "targetUrl": "https://httpbin",
18 | "preserveRequestPath": "true",
19 | "httpMethod": "Automatic",
20 | "useAuthenticationHeader": "plaintextheader"
21 | }
22 | }
23 | ]
24 | }
25 | }
26 |
27 |
--------------------------------------------------------------------------------
/samples/APIs/README.md:
--------------------------------------------------------------------------------
1 | # Microgateway API samples
2 |
3 | - Gatewayfile-with-route
4 | - route the http request the a microservice
5 |
6 | - Gatewayfile-with-basic-auth-route
7 | - Basic authentication
8 | - **then** route the http request the a microservice
9 |
10 | - Gatewayfile-with-oauth-route
11 | - OAuth
12 | - **then** route the http request the a microservice
13 |
14 | - Gatewayfile-with-frontoauth-orchestrator-oauth-route
15 | - OAuth
16 | - **then** orchestrate two backend microservices
17 | - OAuth at the microservice level
18 | - aggregate their results
19 |
20 | - Gatewayfile-with-frontoauth-orchestrator-oauth-route-with-params
21 | - OAuth
22 | - **then** orchestrate
23 | - OAuth at the microservice level
24 | - one microservice with OAuth and filter its result
25 | - a second microservice using the filtered result of the previous microservice
26 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/docker-compose.db.postgresql.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | edge-ssg:
4 | environment:
5 | QUICKSTART_REST_MODE: "true"
6 | QUICKSTART_REPOSITORY_TYPE: "db"
7 | QUICKSTART_REPOSITORY_DB_TYPE: "postgresql"
8 | QUICKSTART_REPOSITORY_DB_HOST: "edge-ssg_db"
9 | QUICKSTART_REPOSITORY_DB_PORT: "5432"
10 | QUICKSTART_REPOSITORY_DB_NAME: "qstr"
11 | QUICKSTART_REPOSITORY_DB_USER: "causer"
12 | QUICKSTART_REPOSITORY_DB_PASSWORD: "capassword"
13 | links:
14 | - edge-ssg_db
15 |
16 | edge-ssg_db:
17 | build:
18 | context: .
19 | dockerfile: Dockerfile.postgresql
20 | restart: always
21 | deploy:
22 | resources:
23 | limits:
24 | memory: 512m
25 | environment:
26 | POSTGRES_DB: "qstr"
27 | POSTGRES_USER: "causer"
28 | POSTGRES_PASSWORD: "capassword"
29 |
--------------------------------------------------------------------------------
/get-started/external/otk/README.md:
--------------------------------------------------------------------------------
1 | # CA OTK (OAuth)
2 |
3 | ## License agreement
4 | Set `ACCEPT_LICENSE=true` in the file `./config/license.env`.
5 |
6 | ## Deploy
7 | Move to the otk folder which contains the `docker-compose.yml` file.
8 | ```
9 | cd get-started/external/otk
10 | ```
11 | Then run the command below to bring the containers up.
12 | ```
13 | docker-compose --project-name microgateway up --build -d
14 | ```
15 |
16 | Wait for the OAuth server to be healthy:
17 | ```
18 | docker ps --filter "name=otk" --format "table {{.Names}}\t{{.Status}}" --all
19 | ```
20 | Should return:
21 | ```
22 | NAMES STATUS
23 | microgateway_otk_1 Up 5 minutes (healthy)
24 | microgateway_otk_cassandra_1 Up 6 minutes
25 | ```
26 |
27 | You can also verify the logs contains the message `Gateway is now up and running!`
28 | once ready:
29 | ```
30 | docker-compose --project-name microgateway logs -f
31 | ```
32 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/Dockerfile.admin:
--------------------------------------------------------------------------------
1 | FROM caliveapicreator/4.0.00
2 |
3 | # Add health check
4 | HEALTHCHECK CMD curl --fail http://localhost:8080/rest/abl/admin/v2/@heartbeat || exit 1
5 |
6 | # Install lacadmin (Live API Creator CLI)
7 | RUN sh -c 'curl -sL https://deb.nodesource.com/setup_8.x | bash -' && \
8 | apt-get install -y nodejs && \
9 | npm install liveapicreator-admin-cli -g
10 |
11 | # Add the license
12 | # ENV LAC_DEFAULT_LICENSE_FILE /licenses/CA_Technologies_LiveAPI_License.json
13 | # ADD ./etc/license/CA_Technologies_LiveAPI_License.json /licenses/CA_Technologies_LiveAPI_License.json
14 |
15 | # Add the server private and public key (p12)
16 | ADD ./etc/tls/admin.p12 $CATALINA_HOME/conf/server.p12
17 |
18 | # Add the public certificates
19 | ADD ./etc/tls/ca.jks $CATALINA_HOME/conf/ca.jks
20 |
21 | # Customize the Tomcat configuration
22 | ADD ./etc/tomcat/conf/* $CATALINA_HOME/conf/
23 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/Dockerfile.node:
--------------------------------------------------------------------------------
1 | FROM caliveapicreator/4.0.00
2 |
3 | # Add health check
4 | HEALTHCHECK CMD curl --fail http://localhost:8080/rest/abl/admin/v2/@heartbeat || exit 1
5 |
6 | # Install lacadmin (Live API Creator CLI)
7 | RUN sh -c 'curl -sL https://deb.nodesource.com/setup_8.x | bash -' && \
8 | apt-get install -y nodejs && \
9 | npm install liveapicreator-admin-cli -g
10 |
11 | # Add the license
12 | # ENV LAC_DEFAULT_LICENSE_FILE /licenses/CA_Technologies_LiveAPI_License.json
13 | # ADD ./etc/license/CA_Technologies_LiveAPI_License.json /licenses/CA_Technologies_LiveAPI_License.json
14 |
15 | # Add the server private and public key (p12)
16 | ADD ./etc/tls/node.p12 $CATALINA_HOME/conf/server.p12
17 |
18 | # Add the public certificates
19 | ADD ./etc/tls/ca.jks $CATALINA_HOME/conf/ca.jks
20 |
21 | # Customize the Tomcat configuration
22 | ADD ./etc/tomcat/conf/* $CATALINA_HOME/conf/
23 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/docker-compose.yml:
--------------------------------------------------------------------------------
1 | # this lac node will have it's port exposed so that the cli process (simulating ci/cd)
2 | # in the script will be able to deploy the api and modify it for consumption
3 | version: '3'
4 | services:
5 | # Start one node of lac with port exposed to host for admin/ui access
6 | # this node cannot be scaled because of exposed port
7 | lac-admin:
8 | image: caliveapicreator/4.0.00-demo-admin
9 | build:
10 | context: .
11 | dockerfile: Dockerfile.admin
12 | ports:
13 | - '8111:8080'
14 | env_file:
15 | - ./etc/eula.env
16 | - ./etc/db.env
17 |
18 | # Start one node of LAC without port exposed that can be dynamically scaled
19 | lac-node:
20 | image: caliveapicreator/4.0.00-demo-node
21 | build:
22 | context: .
23 | dockerfile: Dockerfile.node
24 | env_file:
25 | - ./etc/eula.env
26 | - ./etc/db.env
27 |
--------------------------------------------------------------------------------
/get-started/get-further/extend-microgateway-with-new-templates.md:
--------------------------------------------------------------------------------
1 | ## Extend Microgateway with new templates
2 | The Quick Start Solution may be extended by importing RESTMAN bundles on startup. This allows us and customers to mix-and-match solutions that they intend to use with the Gateway, producing a smaller, purpose-tailored image.
3 |
4 | * Policy template design functionality requires the Policy Manager, which is available for download [here](https://www-qa.ca.com/us/trials/ca-microgateway.html) (requires trial sign up).
5 |
6 | Instructions:
7 | - Build Your Own QuickStart Templates: https://docops.ca.com/ca-microgateway/1-0/EN/working-with-the-ca-microgateway/build-your-own-quickstart-templates
8 | - Create a Microgateway plugin: https://docops.ca.com/ca-microgateway/1-0/EN/working-with-the-ca-microgateway/create-a-microgateway-plugin
9 | - Create your own Microgateway image: https://docops.ca.com/ca-microgateway/1-0/EN/working-with-the-ca-microgateway/create-your-own-microgateway-image
10 |
--------------------------------------------------------------------------------
/get-started/docker-compose/docker-compose.db.consul.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | ssg:
4 | environment:
5 | QUICKSTART_REST_MODE: "true"
6 | QUICKSTART_REPOSITORY_TYPE: "consul"
7 | QUICKSTART_REPOSITORY_CONSUL_HOST: "consul"
8 | QUICKSTART_REPOSITORY_CONSUL_PORT: "8500"
9 | QUICKSTART_REPOSITORY_CONSUL_PROTOCOL: "http"
10 | # QUICKSTART_REPOSITORY_CONSUL_ACL_TOKEN:
11 | # cert for https mode (uncomment)
12 | #QUICKSTART_REPOSITORY_CONSUL_CERT:
13 | #QUICKSTART_REPOSITORY_CONSUL_CERT_TRUSTED_FOR_SSL: "true"
14 | #QUICKSTART_REPOSITORY_CONSUL_CERT_TRUST_ANCHOR: "true"
15 | #QUICKSTART_REPOSITORY_CONSUL_CERT_VERIFY_HOSTNAME: "false"
16 | links:
17 | - consul
18 |
19 | consul:
20 | image: "consul"
21 | # ports:
22 | # - "8400:8400"
23 | # - "8500:8500"
24 | # - "53:8600/tcp"
25 | # - "53:8600/udp"
26 | command: "agent -server -client=0.0.0.0 -bind=0.0.0.0 -bootstrap-expect 1 -data-dir=/consul/data -ui"
27 | volumes:
28 | - "consul:/consul/data"
29 |
30 | volumes:
31 | consul:
32 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microservices/orders/Gatewayfile:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Orders",
4 | "gatewayUri": "/v1/orders*",
5 | "httpMethods": [ "get" ],
6 | "policy": [
7 | {
8 | "EncodeDecodeJWT" : {
9 | "jwt": "${request.http.header.x-ca-jwt}"
10 | }
11 | },
12 | {
13 | "ValidateJSON" : {
14 | "jsonMsg": "${jwt.payload}",
15 | "jsonPath": "$.ca_otk.['session.scope']"
16 | }
17 | },
18 | {
19 | "ValidateOAuthScopes" : {
20 | "expectedScopes": "orders",
21 | "receivedScopes": "${output}"
22 | }
23 | },
24 | {
25 | "RouteHttp" : {
26 | "targetUrl": "https://lac-node:8443/rest/default/svcOrders/v1/Orders",
27 | "preserveRequestPath": "true",
28 | "httpMethod": "Automatic"
29 | }
30 | }
31 | ]
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/get-started/external/mag/README.md:
--------------------------------------------------------------------------------
1 | # CA OTK (OAuth)
2 |
3 | ## License agreement
4 | Set `ACCEPT_LICENSE=true` in the file `./config/license.env`.
5 |
6 | ## Licenses
7 | Add to the folder `./customize/license/` your license files containing the
8 | following feature sets:
9 | - ``
11 | - ``
15 |
16 | ## Deploy
17 | ```
18 | docker-compose --project-name microgateway up --build -d
19 | ```
20 |
21 | Wait for the OAuth server to be healthy:
22 | ```
23 | docker ps --filter "name=otk" --format "table {{.Names}}\t{{.Status}}" --all
24 | ```
25 | Should return:
26 | ```
27 | NAMES STATUS
28 | microgateway_otk_1 Up 5 minutes (healthy)
29 | microgateway_otk_mysqldb_1 Up 6 minutes
30 | ```
31 |
32 | You can also verify the logs contains the message `Gateway is now up and running!`
33 | once ready:
34 | ```
35 | docker-compose --project-name microgateway logs -f
36 | ```
37 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/docker-compose.db.consul.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | edge-ssg:
4 | environment:
5 | QUICKSTART_REST_MODE: "true"
6 | QUICKSTART_REPOSITORY_TYPE: "consul"
7 | QUICKSTART_REPOSITORY_CONSUL_HOST: "edge-consul"
8 | QUICKSTART_REPOSITORY_CONSUL_PORT: "8500"
9 | QUICKSTART_REPOSITORY_CONSUL_PROTOCOL: "http"
10 | # QUICKSTART_REPOSITORY_CONSUL_ACL_TOKEN:
11 | # cert for https mode (uncomment)
12 | #QUICKSTART_REPOSITORY_CONSUL_CERT:
13 | #QUICKSTART_REPOSITORY_CONSUL_CERT_TRUSTED_FOR_SSL: "true"
14 | #QUICKSTART_REPOSITORY_CONSUL_CERT_TRUST_ANCHOR: "true"
15 | #QUICKSTART_REPOSITORY_CONSUL_CERT_VERIFY_HOSTNAME: "false"
16 | links:
17 | - consul
18 |
19 | edge-consul:
20 | image: "consul"
21 | # ports:
22 | # - "8400:8400"
23 | # - "8500:8500"
24 | # - "53:8600/tcp"
25 | # - "53:8600/udp"
26 | command: "agent -server -client=0.0.0.0 -bind=0.0.0.0 -bootstrap-expect 1 -data-dir=/consul/data -ui"
27 | volumes:
28 | - "consul:/consul/data"
29 |
30 | volumes:
31 | consul:
32 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/node.csr:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE REQUEST-----
2 | MIICxjCCAa4CAQAwgYAxCzAJBgNVBAYTAkNBMRkwFwYDVQQIExBCcml0aXNoIENv
3 | bHVtYmlhMRIwEAYDVQQHEwlWYW5jb3V2ZXIxGDAWBgNVBAoTD0NBIFRlY2hub2xv
4 | Z2llczEVMBMGA1UECxMMQVBJTSBHYXRld2F5MREwDwYDVQQDEwhsYWMtbm9kZTCC
5 | ASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBALH4YFDbYQ2qrxD32iVxHkaC
6 | OBfeszokX9WUrxcabspZI9OYiNsT7yqqeoGsyE2Wxh8p1kLwgUNoA3qQhsRph7Sj
7 | vusjpHhgZbAked67NRvFF6smqJdcVm8pwoxXv28bYDu1AU/u7tUpkifGyVO1nz+/
8 | y8lVx9T3hUlv93VE1/WWIq1ksb8IEH5TSsfJoc3ASRUm5dLFsEwIybBcjvRpg95V
9 | 1gemnV3X317DfOo1M8iuwnksb3PjkpsKhaycyAPDygIhryQKNpuatnJp8slv5fPC
10 | gVIv3EtKZOhjDJxIh2GO+j629q064HwfFtb5WqcSBUA/ME7mdVjtF286MBYLb3EC
11 | AwEAAaAAMA0GCSqGSIb3DQEBBQUAA4IBAQBQYVHCoatPfAg7ZfTP2VXSZJyT+yyr
12 | JgnOTWpFDbc+K0h2EnCz/b1d8EfNJNVtlAKXfojmQQ21FdMDNgFiLW5HA46EV2l4
13 | hul4MmFYlCn2ok7eoCUT5HKE9QgMObd8E6MwawJ1/HeFvd7PDSXjWOv5IEvKLNtM
14 | BSB7Go4SYMKfRV+ETif6r5nfBILlQszkrRF6uNGYp4hragr+4lSxq5Yx47KClwCR
15 | tynrqUWKMaKzCr7m6OZ1U22dhQafq00h9ColIPpRi9aNjZZ2k1v2Jh6M6Cow4l4w
16 | 5WTKvEVOvPuANjIw2ccj0srcw6QmWh/47B4cbTd/YXWPCUjpI4jEPrNW
17 | -----END CERTIFICATE REQUEST-----
18 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/admin.csr:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE REQUEST-----
2 | MIICxzCCAa8CAQAwgYExCzAJBgNVBAYTAkNBMRkwFwYDVQQIExBCcml0aXNoIENv
3 | bHVtYmlhMRIwEAYDVQQHEwlWYW5jb3V2ZXIxGDAWBgNVBAoTD0NBIFRlY2hub2xv
4 | Z2llczEVMBMGA1UECxMMQVBJTSBHYXRld2F5MRIwEAYDVQQDEwlsYWMtYWRtaW4w
5 | ggEiMA0GCSqGSIb3DQEBAQUAA4IBDwAwggEKAoIBAQCrmP0HUAQg7rPhVscOeu13
6 | SwU1MJaoN0puxX8cSxmn7T47BlUQS0gjHgZDodSGmUx8nw63WhIo+zFPQb6dkQFj
7 | 3o/Dgn0kVkt5kj19gsIfVSCDf5gDWj3jD4IOFIQoaE7bbANTHpcT1OMYf+EgP4jC
8 | 3qkE+4DtlNGR6TOruf2lpRGf0f5Iqu58Zr0g4WOcxMkJr5P5grrFkH0Eos7ADAf7
9 | lyUYufAFdD4RZsmmyF2+sSFFoB/mDzd3vgnFE4X6paLjjt7BVCB4q8f7K8UTOQeo
10 | hzoed3DQp/v5qUkJwvCf2snNMNyxCxnsCJNPxgHhURKJ1xqhf0TRLyLGg/W64fzN
11 | AgMBAAGgADANBgkqhkiG9w0BAQUFAAOCAQEAfIxpsGsX7CXIF0qc6ICPGW4KmIz9
12 | OQOLHeElKqEVgqLrAhY8BA0OwLj+VjQAKfAsEpHF9+7Qf7BYtGQpqwU7j+IESAyX
13 | dqj9eVYO6R7h6k52gAYdO13WFyPqVPlE7QwmIVUNC2hv0SAn7Mko4euxyMGieDqe
14 | 0Y9PlxI2I1ixPrOf7s2gCcAk403lkaHiNfzTCZFBJbaqWy8yIPLIY8k9A4dvmC0L
15 | t+NqLLG7T0++B23kEiZlWjwTLJjGaGYAXg6Xb7gukWEnLpVQHb9qYWmK9Ockb59u
16 | WX82xOb2SF47O0n3NjQA8+QJjIkaAo64Qw1DRkCMK0K9R3/d8Z2XXhbgxQ==
17 | -----END CERTIFICATE REQUEST-----
18 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/README.md:
--------------------------------------------------------------------------------
1 | #### Generate a new TLS configuration
2 |
3 | ##### Server:
4 | - Create the private key
5 | ```
6 | openssl genrsa -out server.key 2048
7 | ```
8 | - Create the certificate Signing Request file (CSR)
9 | ```
10 | openssl req -new -key server.key -out server.csr -subj "/C=CA/ST=British Columbia/L=Vancouver/O=CA Technologies/OU=APIM Gateway/CN=lacscale_node"
11 | ```
12 |
13 | - Sign the certificate
14 | ```
15 | openssl x509 -req -in server.csr -CA ../../../../../config/certs/rootCA.pem -CAkey ../../../../../config/certs/rootCA.key -CAcreateserial -out server.crt -days 500 -sha256
16 | ```
17 |
18 | - Archive the private key and signed certificate into a P12
19 | ```
20 | openssl pkcs12 -export -out server.p12 -inkey server.key -in server.crt
21 | ```
22 | With:
23 | - `Enter Export Password:` = password
24 |
25 | ##### Clients:
26 | - Create a Java KeyStore containing the CA Root certificate
27 | ```
28 | keytool -importcert -file ../../../../../config/certs/rootCA.pem -keystore ca.jks
29 | ```
30 | With:
31 | - `Enter keystore password:` = password
32 | - `Trust this certificate?` = yes
33 |
--------------------------------------------------------------------------------
/MAINTAIN.md:
--------------------------------------------------------------------------------
1 | # Maintain
2 |
3 | Guidance to maintain this repository.
4 |
5 | ## Licenses
6 |
7 | The licenses on this repository are trial license, therefore, they need to be renewed regularly.
8 |
9 | - CA Microgateway (variable SSG_LICENSE):
10 | - Docker Compose: [get-started/docker-compose/config/license.env](get-started/docker-compose/config/license.env)
11 | - OpenShift: [samples/platforms/openshift/config/config.env](samples/platforms/openshift/config/config.env)
12 | - Kubernetes: [samples/platforms/kubernetes/config.yml](samples/platforms/kubernetes/config.yml)
13 |
14 | - OTK: license built in the Docker image, see [get-started/external/otk/Dockerfile.otk](get-started/external/otk/Dockerfile.otk)
15 |
16 | - CA World 2017 demo:
17 | - CA Microgateway: [get-started/get-further/demo-with-live-api-creator/gateway/config/license.env](get-started/get-further/demo-with-live-api-creator/gateway/config/license.env)
18 | - CA Live API Creator: [get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/license/CA_Technologies_LiveAPI_License.json](get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/license/CA_Technologies_LiveAPI_License.json)
19 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microservices/recommendation/Gatewayfile:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Recommendation",
4 | "gatewayUri": "/v1/recommendation*",
5 | "httpMethods": [ "get" ],
6 | "policy": [
7 | {
8 | "EncodeDecodeJWT" : {
9 | "jwt": "${request.http.header.x-ca-jwt}"
10 | }
11 | },
12 | {
13 | "ValidateJSON" : {
14 | "jsonMsg": "${jwt.payload}",
15 | "jsonPath": "$.ca_otk.['session.scope']"
16 | }
17 | },
18 | {
19 | "ValidateOAuthScopes" : {
20 | "expectedScopes": "recommendation",
21 | "receivedScopes": "${output}"
22 | }
23 | },
24 | {
25 | "RouteHttp" : {
26 | "targetUrl": "https://lac-node:8443/rest/default/svcRecs/v1/rec_func",
27 | "preserveRequestPath": "true",
28 | "httpMethod": "Automatic"
29 | }
30 | }
31 | ]
32 | }
33 | }
34 |
--------------------------------------------------------------------------------
/get-started/external/mag/solutionkits/build.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | CWD="$(cd "$(dirname "$0")" && pwd)" # Script directory
3 |
4 | # Function: print usage
5 | function usage {
6 | >&2 echo "
7 | Convert a solution kit (.sskar) in a skmult (.skmult)
8 |
9 | $0 SOLUTIONKIT_NAME SSKAR SKMULT
10 |
11 | SOLUTIONKIT_NAME - Name of the solution kit that matches the header and footer
12 | files in the build/ folder
13 | SSKAR - Path of the solution kit to convert (.sskar)
14 | SKMULT - Path of the skmult to create (.skmult)
15 | "
16 | }
17 |
18 | # Function: print an error message and exit 1
19 | function error {
20 | >&2 echo "$1"
21 | exit 1
22 | }
23 |
24 | # Check number of parameters
25 | if [ $# -ne 3 ]; then
26 | >&2 echo "error: expects 3 parameters."
27 | usage; exit 1
28 | fi
29 |
30 | # Get inputs
31 | solutionkit_name="${1}"
32 | in_sskar="${2}"
33 | out_skmult="${3}"
34 |
35 | # Check inputs
36 | if ! test -f "${in_sskar}"; then
37 | error "File not found: ${in_sskar}"
38 | elif ! file "${in_sskar}" | grep --quiet "Zip archive data"; then
39 | error "File not a Zip archive: ${in_sskar}"
40 | fi
41 |
42 | # Build
43 | cat "${CWD}/build/${solutionkit_name}.skmult.header" "${in_sskar}" "${CWD}/build/${solutionkit_name}.skmult.footer" > "${out_skmult}"
44 |
--------------------------------------------------------------------------------
/get-started/external/otk/solutionkits/build.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | CWD="$(cd "$(dirname "$0")" && pwd)" # Script directory
3 |
4 | # Function: print usage
5 | function usage {
6 | >&2 echo "
7 | Convert a solution kit (.sskar) in a skmult (.skmult)
8 |
9 | $0 SOLUTIONKIT_NAME SSKAR SKMULT
10 |
11 | SOLUTIONKIT_NAME - Name of the solution kit that matches the header and footer
12 | files in the build/ folder
13 | SSKAR - Path of the solution kit to convert (.sskar)
14 | SKMULT - Path of the skmult to create (.skmult)
15 | "
16 | }
17 |
18 | # Function: print an error message and exit 1
19 | function error {
20 | >&2 echo "$1"
21 | exit 1
22 | }
23 |
24 | # Check number of parameters
25 | if [ $# -ne 3 ]; then
26 | >&2 echo "error: expects 3 parameters."
27 | usage; exit 1
28 | fi
29 |
30 | # Get inputs
31 | solutionkit_name="${1}"
32 | in_sskar="${2}"
33 | out_skmult="${3}"
34 |
35 | # Check inputs
36 | if ! test -f "${in_sskar}"; then
37 | error "File not found: ${in_sskar}"
38 | elif ! file "${in_sskar}" | grep --quiet "Zip archive data"; then
39 | error "File not a Zip archive: ${in_sskar}"
40 | fi
41 |
42 | # Build
43 | cat "${CWD}/build/${solutionkit_name}.skmult.header" "${in_sskar}" "${CWD}/build/${solutionkit_name}.skmult.footer" > "${out_skmult}"
44 |
--------------------------------------------------------------------------------
/get-started/external/mag/Dockerfile.otk:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright (c) 2017 CA. All rights reserved.
3 | #
4 | # This software may be modified and distributed under the terms
5 | # of the MIT license. See the LICENSE file for details.
6 | #
7 | FROM caapimcollab/mobile-app-services:4.1.00-beta
8 |
9 | # Enable Restman and Policyman
10 | RUN mkdir -p /opt/docker/rc.d/bootstrap/ && \
11 | touch /opt/docker/rc.d/bootstrap/restman && \
12 | touch /opt/docker/rc.d/bootstrap/policyman
13 |
14 | # Add solution kits
15 | ADD ./solutionkits/*.skmult /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/
16 |
17 | # Add MAG bundles
18 | ADD ./customize/bundle/*.bundle /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/
19 |
20 | # Add after start RESTMAN XML files (processed by the scripts below)
21 | ADD ./customize/bundle/after-start/*.xml /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/
22 | ADD ./customize/bundle/after-start/*.bundle /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/
23 |
24 | # Add after start scripts
25 | ADD ./customize/rc.d/*.sh /opt/docker/rc.d/after-start/
26 |
27 | # Add OTK users and OAuth clients automatically
28 | COPY ./customize/db/liquibase/*.xml /db/liquibase/
29 |
30 | # Add licenses
31 | ADD ./customize/license/*.xml /opt/SecureSpan/Gateway/node/default/etc/bootstrap/license/
32 |
--------------------------------------------------------------------------------
/get-started/config/certs/otk.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIDiTCCAnECCQCJSIKlhfuK6zANBgkqhkiG9w0BAQsFADCBkTELMAkGA1UEBhMC
3 | Q0ExGTAXBgNVBAgTEEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZl
4 | cjEYMBYGA1UEChMPQ0EgVGVjaG5vbG9naWVzMRUwEwYDVQQLEwxBUElNIEdhdGV3
5 | YXkxIjAgBgNVBAMTGU1pY3JvZ2F0ZXdheSBUZXN0IFJvb3QgQ0EwHhcNMTcwODI5
6 | MjEwNjI2WhcNMTgwODI5MjEwNjI2WjB7MQswCQYDVQQGEwJDQTEZMBcGA1UECBMQ
7 | QnJpdGlzaCBDb2x1bWJpYTESMBAGA1UEBxMJVmFuY291dmVyMRgwFgYDVQQKEw9D
8 | QSBUZWNobm9sb2dpZXMxFTATBgNVBAsTDEFQSU0gR2F0ZXdheTEMMAoGA1UEAxMD
9 | b3RrMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs3FEeonFpYv4BSeS
10 | 53Jg4Po4wN7oJ5Le53yKYJcvRTtSY+vUwhrms9LSFuCGl9yDZgvqvPWFP31Ha/V4
11 | 9FBvOvhAOLRQxBKBMhhwhtxNMtyxTGo4TYRtZXtnYK2u47P4T0sDEA7s5LtnmZ2z
12 | FRceTYHe9//roInkCyfUXM15azhxvvXbkzU8IxTjpiFZ4uYBYF4dYUuXNidL4jz7
13 | uhjIHehuefmVbQKUwIgRTDvXAuj+YsoH1C9F1uR55VYPmDuXwo26U476K7MMr62r
14 | 4KAlcA+eyPtU0hz9SyqGhuFUo/JtWAvrLhV22FDyfWpZ37nLslQZ82pRVaK2MaA7
15 | kJzFkwIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQB0M0KLTeBdBP/9YzqqAJFdRu89
16 | CojTnj332orOcBVTKhFpCkOgIvtmjEAK2/oiyMl9lbMxbXPN3us+v3XFetErW9Fk
17 | 3z3iDuC0MMlCvk7yoqIsjUXiYU5TyiPsZX9GCBlJGpk+5p3qsdyE/fEEVg34n6BE
18 | wCrgCWtIH3wT0fXHinC1DiWadhYdbgCunymHsco9pIVPzxJ2wLSDPyaX6jqWkHpx
19 | /vnifhpE+WunVs16phPx4sVFctac5lJZGVtlyNdP+/jzKsRsZFpgGFq+3GheQda4
20 | uDixYRSKVdYwBEl/QfN6YI9Kf+Q4WlF8hIbuwfvLQYrzB9zVqstRnIATlz54
21 | -----END CERTIFICATE-----
22 |
--------------------------------------------------------------------------------
/get-started/external/mag/customize/rc.d/z-add-edge-gateway-user.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | echo "add-edge-gateway-user.sh : Call RESTMAN to add an edge gateway user to the OTK identity provider"
4 |
5 | while [ "$(curl --insecure \
6 | --user 'admin:password' \
7 | --url 'https://localhost:8443/restman/1.0/identityProviders' \
8 | \
9 | | grep -A 1 'Gateway as a Client Identity Provider' \
10 | | grep '' \
11 | | grep -o -E '[a-z0-9]{4,}')" != "ada77b26afbc26b56accc9c84c0e3dfd" ]; do
12 |
13 | echo "add-edge-gateway-user.sh : Waiting for the OTK Identity Provider"
14 | sleep 5
15 | done
16 |
17 | RESTMAN_BUNDLE_PATH="/opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/add_edge_gateway_user.bundle
18 | /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/add_microgateway_user.bundle"
19 |
20 | for bundle in ${RESTMAN_BUNDLE_PATH}; do
21 | if curl --insecure \
22 | --request PUT \
23 | --header "Content-Type: application/xml" --data @${bundle} \
24 | --user 'admin:password' \
25 | --url https://localhost:8443/restman/1.0/bundle; then
26 |
27 | echo "add-edge-gateway-user.sh : ${bundle} added"
28 | else
29 | echo "add-edge-gateway-user.sh : ${bundle} failed to load"
30 | fi
31 | done
32 |
--------------------------------------------------------------------------------
/get-started/external/otk/customize/rc.d/z-add-edge-gateway-user.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | echo "add-edge-gateway-user.sh : Call RESTMAN to add an edge gateway user to the OTK identity provider"
4 |
5 | while [ "$(curl --insecure \
6 | --user 'admin:password' \
7 | --url 'https://localhost:8443/restman/1.0/identityProviders' \
8 | \
9 | | grep -A 1 'Gateway as a Client Identity Provider' \
10 | | grep '' \
11 | | grep -o -E '[a-z0-9]{4,}')" != "ada77b26afbc26b56accc9c84c0e3dfd" ]; do
12 |
13 | echo "add-edge-gateway-user.sh : Waiting for the OTK Identity Provider"
14 | sleep 5
15 | done
16 |
17 | RESTMAN_BUNDLE_PATH="/opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/add_edge_gateway_user.bundle
18 | /opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/after-start/add_microgateway_user.bundle"
19 |
20 | for bundle in ${RESTMAN_BUNDLE_PATH}; do
21 | if curl --insecure \
22 | --request PUT \
23 | --header "Content-Type: application/xml" --data @${bundle} \
24 | --user 'admin:password' \
25 | --url https://localhost:8443/restman/1.0/bundle; then
26 |
27 | echo "add-edge-gateway-user.sh : ${bundle} added"
28 | else
29 | echo "add-edge-gateway-user.sh : ${bundle} failed to load"
30 | fi
31 | done
32 |
--------------------------------------------------------------------------------
/get-started/config/certs/microgateway.mycompany.com.crt:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIDoTCCAokCCQDpi+Zy75XpcDANBgkqhkiG9w0BAQsFADCBkTELMAkGA1UEBhMC
3 | Q0ExGTAXBgNVBAgTEEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZl
4 | cjEYMBYGA1UEChMPQ0EgVGVjaG5vbG9naWVzMRUwEwYDVQQLEwxBUElNIEdhdGV3
5 | YXkxIjAgBgNVBAMTGU1pY3JvZ2F0ZXdheSBUZXN0IFJvb3QgQ0EwHhcNMTcxMTE1
6 | MjI1NjA3WhcNMjEwODExMjI1NjA3WjCBkjELMAkGA1UEBhMCQ0ExGTAXBgNVBAgM
7 | EEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcMCVZhbmNvdXZlcjEYMBYGA1UECgwP
8 | Q0EgVGVjaG5vbG9naWVzMRUwEwYDVQQLDAxBUElNIEdhdGV3YXkxIzAhBgNVBAMM
9 | Gm1pY3JvZ2F0ZXdheS5teWNvbXBhbnkuY29tMIIBIjANBgkqhkiG9w0BAQEFAAOC
10 | AQ8AMIIBCgKCAQEAt53coEdRx0IH9/STPunfiL6IJ6fgO+bDom7tr4JQgnfM379Q
11 | uyQ3F96DUtY9D2yiDBnosDoDInaIuxqZy8kJcA8YcaSmwWgvy4RZIW5D7kuBvKL/
12 | ND+vncuA8ZAW/38RuiYbDLTTPQ5ZGA71dI53lqo00gKEq62jPUnxAi0b0BwtGlU5
13 | 6M6YcovaCBPJtnyxxnPw8++OH7nkqTddG3iaM1d6aAGJGl8kr78JnoyAQr/SVBhI
14 | rZG6RYE12FGsSVmhizgQIjx5i/rxbpIPf3taQM00HBtD8rLujhR7w1X65H0nxcCK
15 | VeUI2mD2trZCik52hO+LQ5sivj+px8BfGuYEWwIDAQABMA0GCSqGSIb3DQEBCwUA
16 | A4IBAQA1RmgRGyVxRK1vzc9gzfsJwuZ39Jm2djkPOszilg2y8pbzHR5yM9EghbV2
17 | hG86OBTq597q2iyk9o9NhT8QiggzqJJhSrI4MEK7f4iRHb2/1pgOX5asp4LZ7xcN
18 | H9ekcE8a9H9KfhY6nzPh68Z0f1Jho2FvJxFATPEcikGn25BTdPlJ0Q0/CeelYgF+
19 | myL3VwZOnDDcXM7fl6w0dCQ6OYG88SlzFGZAvU/Y2jKkvfcbjcjbCu8N72iCLZS4
20 | auGR1vG0xqRgMmZDnLzlHv2Kcr7ev9gtAkKEk7C/su0ofz+oCnXWf0nd29UUjyDi
21 | fZJGmB35frG/xfZ+Pz+vkv8DmyrD
22 | -----END CERTIFICATE-----
23 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/node.crt:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIDjzCCAncCCQDWoiD6I5FxXzANBgkqhkiG9w0BAQsFADCBkTELMAkGA1UEBhMC
3 | Q0ExGTAXBgNVBAgTEEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZl
4 | cjEYMBYGA1UEChMPQ0EgVGVjaG5vbG9naWVzMRUwEwYDVQQLEwxBUElNIEdhdGV3
5 | YXkxIjAgBgNVBAMTGU1pY3JvZ2F0ZXdheSBUZXN0IFJvb3QgQ0EwHhcNMTcxMDE2
6 | MjMwNDEzWhcNMTkwMjI4MjMwNDEzWjCBgDELMAkGA1UEBhMCQ0ExGTAXBgNVBAgT
7 | EEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZlcjEYMBYGA1UEChMP
8 | Q0EgVGVjaG5vbG9naWVzMRUwEwYDVQQLEwxBUElNIEdhdGV3YXkxETAPBgNVBAMT
9 | CGxhYy1ub2RlMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsfhgUNth
10 | DaqvEPfaJXEeRoI4F96zOiRf1ZSvFxpuylkj05iI2xPvKqp6gazITZbGHynWQvCB
11 | Q2gDepCGxGmHtKO+6yOkeGBlsCR53rs1G8UXqyaol1xWbynCjFe/bxtgO7UBT+7u
12 | 1SmSJ8bJU7WfP7/LyVXH1PeFSW/3dUTX9ZYirWSxvwgQflNKx8mhzcBJFSbl0sWw
13 | TAjJsFyO9GmD3lXWB6adXdffXsN86jUzyK7CeSxvc+OSmwqFrJzIA8PKAiGvJAo2
14 | m5q2cmnyyW/l88KBUi/cS0pk6GMMnEiHYY76Prb2rTrgfB8W1vlapxIFQD8wTuZ1
15 | WO0XbzowFgtvcQIDAQABMA0GCSqGSIb3DQEBCwUAA4IBAQAKwXWJZ0faFaAoGsCm
16 | JWAo1SlkI2FrK4zXlVscn147ZTLfsTYBQl83o9WATvoMUSGUNVZSKq6VaIMcK0EL
17 | wv5SHfG8c/+Fgs84tfVUVK1Ybpm9Cu+vP8NcuDttSOkRnnD++YWxmJo/u2HYtJ/o
18 | oNnG5dV6DjrhXUzcoCiMQ198bTjr7Gd+6tMXD4z+eSiiXwdSXcLcmIf3ji5oltiU
19 | jbYxqnbobi0y73Vj12vOjF0l9epA85l4AMWZV/P1/Zr5V9E2d+iEZorYCuGGz8u7
20 | BTEVvM48ARShwNoa/cnQJq5zud0ns4h3Qkiru6/F6Ab+RmPRCIKmMBo4XtbZ13uQ
21 | O6A6
22 | -----END CERTIFICATE-----
23 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/admin.crt:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIDkDCCAngCCQDg3LwwFkoHWjANBgkqhkiG9w0BAQsFADCBkTELMAkGA1UEBhMC
3 | Q0ExGTAXBgNVBAgTEEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZl
4 | cjEYMBYGA1UEChMPQ0EgVGVjaG5vbG9naWVzMRUwEwYDVQQLEwxBUElNIEdhdGV3
5 | YXkxIjAgBgNVBAMTGU1pY3JvZ2F0ZXdheSBUZXN0IFJvb3QgQ0EwHhcNMTcxMTEz
6 | MDY1ODQwWhcNMTkwMzI4MDY1ODQwWjCBgTELMAkGA1UEBhMCQ0ExGTAXBgNVBAgT
7 | EEJyaXRpc2ggQ29sdW1iaWExEjAQBgNVBAcTCVZhbmNvdXZlcjEYMBYGA1UEChMP
8 | Q0EgVGVjaG5vbG9naWVzMRUwEwYDVQQLEwxBUElNIEdhdGV3YXkxEjAQBgNVBAMT
9 | CWxhYy1hZG1pbjCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoCggEBAKuY/QdQ
10 | BCDus+FWxw567XdLBTUwlqg3Sm7FfxxLGaftPjsGVRBLSCMeBkOh1IaZTHyfDrda
11 | Eij7MU9Bvp2RAWPej8OCfSRWS3mSPX2Cwh9VIIN/mANaPeMPgg4UhChoTttsA1Me
12 | lxPU4xh/4SA/iMLeqQT7gO2U0ZHpM6u5/aWlEZ/R/kiq7nxmvSDhY5zEyQmvk/mC
13 | usWQfQSizsAMB/uXJRi58AV0PhFmyabIXb6xIUWgH+YPN3e+CcUThfqlouOO3sFU
14 | IHirx/srxRM5B6iHOh53cNCn+/mpSQnC8J/ayc0w3LELGewIk0/GAeFREonXGqF/
15 | RNEvIsaD9brh/M0CAwEAATANBgkqhkiG9w0BAQsFAAOCAQEAcjqBHWctfZxARfsf
16 | t+RLNVr/no7LqsjXslzIdurF5dwR8xgOhB44oPFDZqjiffI3SCL4Wp96cQFsTSCW
17 | lxJfwDaFTbqBEmM1z0U0I1xU0Et6TbHyB9PgZtuU8UNe35ME4PmRv18cGAPDu2QT
18 | udYy+hWq4UGQC+IcqBrEgY3dQH6FdZ3trWxpnpaM1M1CxmIdup83rOYva2c80RI3
19 | ibtyRINOOBa+PYfshWtuU2+q2YeMnZLMIdEkDNTSilim1ZMha2zdyAnI+4Bb9nic
20 | 72fPfyKwiRS6XDox/dEHpHcr0t0JMAksRyb40lRTLoq2HNt2+etV25QMMS1RC7Ng
21 | LU+zoA==
22 | -----END CERTIFICATE-----
23 |
--------------------------------------------------------------------------------
/get-started/get-further/api-with-basic-auth.md:
--------------------------------------------------------------------------------
1 | ## Secure a microservice API with Basic Authentication
2 |
3 | This step will typically be done by a microservice developer.
4 |
5 | - Create a file named Gatewayfile with the following content:
6 |
7 | ```json
8 | {
9 | "Service": {
10 | "name": "Google Search With Basic Auth",
11 | "gatewayUri": "/google-with-basic-auth",
12 | "httpMethods": [ "get" ],
13 | "policy": [
14 | {
15 | "CredentialSourceHttpBasic": { }
16 | },
17 | {
18 | "RouteHttp" : {
19 | "targetUrl" : "http://www.google.com/search${request.url.query}",
20 | "httpMethod" : "Automatic"
21 | }
22 | }
23 | ]
24 | }
25 | }
26 | ```
27 |
28 | - Add your API to the Gateway:
29 |
30 | ```
31 | curl --insecure \
32 | --user "admin:password" \
33 | --url https://localhost/quickstart/1.0/services \
34 | --data @Gatewayfile
35 | ```
36 |
37 | - Verify that your API is exposed:
38 |
39 | ```
40 | curl --insecure --user "admin:password" https://localhost/quickstart/1.0/services
41 | ```
42 | Should return a list containing your Google Search With Basic Auth service.
43 |
44 | - Use your exposed API:
45 |
46 | ```
47 | curl --insecure \
48 | --user "admin:password" \
49 | --header "User-Agent: Mozilla/5.0" \
50 | 'https://localhost/google-with-basic-auth?q=CA'
51 | ```
52 |
--------------------------------------------------------------------------------
/get-started/get-further/operations/system/logging-auditing.md:
--------------------------------------------------------------------------------
1 | ## Logging and auditing
2 |
3 | The logging and auditing cluster properties of the Gateway can be set
4 |
5 | ### Logging
6 | - CLUSTER_PROPERTY_log_levels: choose the log level
7 |
8 | Logging levels can be found at https://docops.ca.com/ca-api-gateway/9-2/en/administer-the-gateway/gateway-logging-levels-and-thresholds
9 |
10 | ### Auditing
11 |
12 | #### Audit levels:
13 | - CLUSTER_PROPERTY_audit_adminThreshold: choose the level of the admin audit log
14 | - CLUSTER_PROPERTY_audit_messageThreshold: choose the level of the message audit log
15 | - CLUSTER_PROPERTY_audit_detailThreshold: choose the level of the audit detail log
16 |
17 | #### Formatting audit logs:
18 | - CLUSTER_PROPERTY_audit_log_service_detailFormat: format for details related to a service audit
19 | - CLUSTER_PROPERTY_audit_log_service_footerFormat: format for the final (summary) log message of a service audit
20 | - CLUSTER_PROPERTY_audit_log_service_headerFormat: format for the first log message of a service audit
21 | - CLUSTER_PROPERTY_audit_log_other_format: format for other (non-service) audit logs
22 | - CLUSTER_PROPERTY_audit_log_other_detailFormat: format for other (non-service) audit details
23 |
24 | Details about:
25 | - auditing: https://docops.ca.com/ca-api-gateway/9-2/en/reference/gateway-cluster-properties/audit-cluster-properties
26 | - audit formatting: https://docops.ca.com/ca-api-gateway/9-2/en/administer-the-gateway/gateway-auditing-threshold-and-format
27 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microgateway/add-ons/services/orders.json:
--------------------------------------------------------------------------------
1 | { "Service": {
2 | "name": "orders",
3 | "gatewayUri": "/recSvc/v1/users/*/orders",
4 | "httpMethods": [ "get", "put" ],
5 | "policy": [
6 | {
7 | "RequireSsl": {
8 | "sslTlsRequirement": "optional"
9 | }
10 | },
11 | {
12 | "RequireOauth2Token": {
13 | "scope_required": "oob",
14 | "scope_fail": "false",
15 | "onetime": "false",
16 | "given_access_token": ""
17 | }
18 | },
19 | {
20 | "Cors" : {}
21 | },
22 | {
23 | "custom_consul" : {
24 | "consul_API1": "http://consul:8500/v1/health/service/lac_admin",
25 | "consul_API2": "http://consul:8500/v1/health/service/orders_recommendations_microservice"
26 | }
27 | },
28 | {
29 | "custom_circuitBreaker" : {
30 | "primaryRoute": "http://${recommendations.result}:8080/rest/default/svcRecs/v1/recommendations",
31 | "secondaryRoute": "http://localhost:8080/newyorktimes"
32 | }
33 | },
34 | {
35 | "custom_orderAPI" : {}
36 | },
37 | {
38 | "custom_recommendationsAPI" : {}
39 | },
40 | {
41 | "RateLimit" : {
42 | "maxRequestsPerSecond": 250,
43 | "hardLimit": true,
44 | "counterName": "RateLimit-${request.clientId}-b0938b7ad6ff"
45 | }
46 | }
47 | ]
48 | }
49 | }
50 |
--------------------------------------------------------------------------------
/get-started/get-further/operations/system/performance.md:
--------------------------------------------------------------------------------
1 | ## Performance tuning
2 |
3 | ### Gateway tuning
4 |
5 | - SSG_HTTP_CORE_CONCURRENCY: "500"
6 |
7 | The initial number of threads
8 |
9 | - SSG_HTTP_MAX_CONCURRENCY: "750"
10 |
11 | The maximum number of threads
12 |
13 | - SSG_JVM_HEAP: "2560m"
14 |
15 | Specifies the maximum size, in bytes, of the memory allocation pool (Java XMX
16 | memory allocation) for the gateway process. See more info at http://docs.oracle.com/javase/7/docs/technotes/tools/solaris/java.html
17 |
18 | ### Tune the Java parameters
19 |
20 | The `JVM_ARGS` environment variable will set custom Java parameters when starting
21 | the Microgateway.
22 |
23 | ### Manage remotely the Gateway resources with JMX (Java Management Extensions)
24 |
25 | The JMX parameters is passed to the `JVM_ARGS` environment variable.
26 | ```
27 | JVM_ARGS: "-Dcom.sun.management.jmxremote -Dcom.sun.management.jmxremote.port=9010 -Dcom.sun.management.jmxremote.ssl=false -Dcom.sun.management.jmxremote.authenticate=false -Dcom.sun.management.jmxremote.rmi.port=9010 -Djava.rmi.server.hostname=apis.mycompany.com"
28 | ```
29 | In the above example, the JMX server will listen on port `9010` with no
30 | authentication and SSL. The option `java.rmi.server.hostname` is the hostname
31 | of your container.
32 |
33 | In production, authentication and ssl should be enabled.
34 |
35 | Details about JMX parameters can be found at
36 | http://docs.oracle.com/javase/7/docs/technotes/guides/management/agent.html
37 |
38 | A good blog post about monitoring JVM apps in Docker at
39 | http://mintbeans.com/jvm-monitoring-docker/
40 |
--------------------------------------------------------------------------------
/TROUBLESHOOT.md:
--------------------------------------------------------------------------------
1 | - If you get an error `Server aborted the SSL handshake`, wait 30 seconds to 1 minute for the ssg container to launch.
2 |
3 | - If you get an error `Failed to connect to otk.mycompany.com port 8443: Connection refused Failed at line X`, then try these commands to remove orphaned containers.
4 |
5 | ```
6 | docker-compose -f docker-compose.yml down --volumes
7 | ```
8 |
9 | And try this again:
10 |
11 | ```
12 | docker-compose up --build
13 | ```
14 |
15 | - If you get an error `Failed to connect to localhost port 443: Connection refused`, then check if `dockercompose_proxy_1` container is running by:
16 |
17 | ```
18 | docker-compose ps
19 | ```
20 |
21 | To run the proxy container, run the following command from get-started/docker-compose directory:
22 |
23 | ```
24 | docker-compose -f docker-compose.yml -f docker-compose.dockercloudproxy.yml up -d --build
25 | ```
26 |
27 | - If you get `Failed to connect to localhost port 8443: Connection refused`, make sure `otk_otk_1` container is running by:
28 |
29 | ```
30 | docker-compose ps
31 | ```
32 |
33 | If the otk container is not running, move to `get-started/external/otk` directory and run:
34 |
35 | ```
36 | docker-compose up --build –d
37 | ```
38 |
39 | You should now be able to access https://localhost:8443/oauth/manager.
40 |
41 | - If the internal docker network conflicts with one of your network's subnets, add the following to `docker-compose.yml` at the same level as `version` and `services`:
42 |
43 | ```yaml
44 | networks:
45 | default:
46 | ipam:
47 | driver: default
48 | config:
49 | - subnet: 172.28.0.0/16 # set this to the CIDR for a subnet that won't conflict
50 | ```
51 |
--------------------------------------------------------------------------------
/get-started/config/certs/rootCA.pem:
--------------------------------------------------------------------------------
1 | -----BEGIN CERTIFICATE-----
2 | MIIEoTCCA4mgAwIBAgIJAM68VHCiW34PMA0GCSqGSIb3DQEBCwUAMIGRMQswCQYD
3 | VQQGEwJDQTEZMBcGA1UECBMQQnJpdGlzaCBDb2x1bWJpYTESMBAGA1UEBxMJVmFu
4 | Y291dmVyMRgwFgYDVQQKEw9DQSBUZWNobm9sb2dpZXMxFTATBgNVBAsTDEFQSU0g
5 | R2F0ZXdheTEiMCAGA1UEAxMZTWljcm9nYXRld2F5IFRlc3QgUm9vdCBDQTAeFw0x
6 | NzA4MDExNjA2MDVaFw0zNDAxMDQxNjA2MDVaMIGRMQswCQYDVQQGEwJDQTEZMBcG
7 | A1UECBMQQnJpdGlzaCBDb2x1bWJpYTESMBAGA1UEBxMJVmFuY291dmVyMRgwFgYD
8 | VQQKEw9DQSBUZWNobm9sb2dpZXMxFTATBgNVBAsTDEFQSU0gR2F0ZXdheTEiMCAG
9 | A1UEAxMZTWljcm9nYXRld2F5IFRlc3QgUm9vdCBDQTCCASIwDQYJKoZIhvcNAQEB
10 | BQADggEPADCCAQoCggEBANQMqOl52wecDL7Zw2gi5JI3jmSDqfH19M+dvlwiuKM1
11 | o98ZbyJ2l1jHBcznkWcGXT79uy6k/7dFLBrzBFvebcxvRXAB/yvX1ZtBcDPAflOo
12 | h63NZLvPe6jHQx3itdbDr4MEIHtZxlYTqWLILqrXu8++E7hrlElCcQPAwmpYOl9/
13 | +Sz/UoAt3GI/q9uRHWnLdvCvwHIymGfW0oNiGwzV9PwoJkq9LLlEz1K64ApMqEcD
14 | wL25QBNNyg909Ly0QvEYSVdStHQgqiIELMBLEgpDN6fVlomhBcLbDfkizgB4X8yC
15 | 5AZsGE6EKf+Zctd1hi6B7Ojdv5o1LCEIbQCmD0yNhecCAwEAAaOB+TCB9jAdBgNV
16 | HQ4EFgQUoosUgVCIDt8TMW5t5E3bCdNwHRIwgcYGA1UdIwSBvjCBu4AUoosUgVCI
17 | Dt8TMW5t5E3bCdNwHRKhgZekgZQwgZExCzAJBgNVBAYTAkNBMRkwFwYDVQQIExBC
18 | cml0aXNoIENvbHVtYmlhMRIwEAYDVQQHEwlWYW5jb3V2ZXIxGDAWBgNVBAoTD0NB
19 | IFRlY2hub2xvZ2llczEVMBMGA1UECxMMQVBJTSBHYXRld2F5MSIwIAYDVQQDExlN
20 | aWNyb2dhdGV3YXkgVGVzdCBSb290IENBggkAzrxUcKJbfg8wDAYDVR0TBAUwAwEB
21 | /zANBgkqhkiG9w0BAQsFAAOCAQEACWWe7S5JEyfFDJz8Zh6qzFZB4G/Qu8aQjh9Y
22 | LeG1A4Um0b7rXqfFF5hMAb1yogtFWqOqJb/AVavrr9EA2Oz7u4C4Ziica8hJgodd
23 | XcWgzvrf/cb7rCHATva+o1bsRwg4dgwmB/KJUPprbupVZ12uNnzDPcrZMGMhUk8B
24 | bzcVgkFn7Ot/OC4TGqdDdON0rJ3Grjlsw/nvlihzoz68mGdkG1hYshOwQBFweAkt
25 | xdEIaaHXlCZdVitHh7cUXG5ad0L6mAY/lRts4XlCzM/hHLTSP4xDrjXjptz53/WQ
26 | a//9F2CjIxW/1viVyE7B9JSsCjcJzvnNc+cLM+VumJ5BjcEYEw==
27 | -----END CERTIFICATE-----
28 |
--------------------------------------------------------------------------------
/get-started/config/certs/otk.key:
--------------------------------------------------------------------------------
1 | -----BEGIN RSA PRIVATE KEY-----
2 | MIIEowIBAAKCAQEAs3FEeonFpYv4BSeS53Jg4Po4wN7oJ5Le53yKYJcvRTtSY+vU
3 | whrms9LSFuCGl9yDZgvqvPWFP31Ha/V49FBvOvhAOLRQxBKBMhhwhtxNMtyxTGo4
4 | TYRtZXtnYK2u47P4T0sDEA7s5LtnmZ2zFRceTYHe9//roInkCyfUXM15azhxvvXb
5 | kzU8IxTjpiFZ4uYBYF4dYUuXNidL4jz7uhjIHehuefmVbQKUwIgRTDvXAuj+YsoH
6 | 1C9F1uR55VYPmDuXwo26U476K7MMr62r4KAlcA+eyPtU0hz9SyqGhuFUo/JtWAvr
7 | LhV22FDyfWpZ37nLslQZ82pRVaK2MaA7kJzFkwIDAQABAoIBAEcDfGZCP8XULsNb
8 | dffCfDSM0gkCLj37EdvqnZi8PCjZ4TFKE1j97G8d76a+FIXk7ttju/Ir+B+4JJvE
9 | +ak2a86akE/gjFYMPLTmlyHH7YVDcaccIkwLLIAM5kyMb7oNbydyODQStA2RXN6e
10 | WlDuZT+nNeZPkaBm8ai4ioJvjq2vbnKB148OGHeC+g9OmA4CHMxBjbnkDjjx8nLi
11 | XglV9qFc6F0DbBa6Tb+SMwrJt47kwqUyrCpbY/k9tovSGVT4y5ONLfq+stJFYSBT
12 | lM/4pPe1Pnk1bg8qTfB1Jj7Oea0M7JPZIydPoMs2jhrKPEsKkqPrNLfncgKnubcc
13 | aNK1hYECgYEA6001Y19YooRxPox9bK6wifBvGxVwtHSVrPPczPfe45ggcM4HRb+A
14 | 2pgrog+eQCVtazQpxg1kSfglBYciwFLvXo/2InTu5cEWKPzeMaSuZf5kClUdD9mh
15 | peQUEGZ2Pz6vMcAxNzsRTlBFVzbBj8B/FOHhFUVRIy0H3g6g1TOepkcCgYEAwzoo
16 | miXohz6qGru/BHPpPS2e12KUNlRIEnx2cPj8xnGwhYyPhFNEaED/jCrNQprfr4K/
17 | q8ZnCEz245zP7C44KUh1JmZRTFAodqwhjITGHHWs8LKG3SrHLNBlCwNQJvg6Szho
18 | 7R1QMwFrN+0wsegz8jWzruUYSvWn/PH60hQL8FUCgYBPy7osPfxf+MwyqxAp2EAU
19 | N05mf+nduJ+9rGGXvQOAaWmu95+tvpjjCLHbXrKLDGZD8ces24PENfvQGRjm4fk9
20 | N1MAMmmFzupF8iMj8LYX7qJcgqq9Yk+YY3WObkDxh79//q5yDXz78urg/be8mUo/
21 | ea6MORqf9DhzzMAsLTpDJwKBgGA1hBbbQamM1zWPeoZOPQ46MkJAwXu4sz/w+Ema
22 | Wq/NDUnzSDLU+ixKg+VmnnsJadzLmXukrdfoXe8zsz/YUzL9E0aWO9BY3GgHUg02
23 | zY7u6wg/YrkRwNAz7uerfU+HGutA5Gyd+oz4UQdhq5KxNRBTKLazDfK690tvUMVA
24 | vdV1AoGBALrqDgtexxQ2MpnH5NvZtuTPK3rmuJlxcBspT9z0DHzusAUIHC+Us2Fd
25 | QbR8v+kEKZgcYbXwr5kE2ALF6veiG/wBl0otrrJpLFHG3/4Vi374l9CzCDLAlucL
26 | mroiyWLxweKK7AAHUlxYi4WcnzIGaunRIsnc3Kd8+r1SqzW5tuZG
27 | -----END RSA PRIVATE KEY-----
28 |
--------------------------------------------------------------------------------
/get-started/config/certs/rootCA.key:
--------------------------------------------------------------------------------
1 | -----BEGIN RSA PRIVATE KEY-----
2 | MIIEowIBAAKCAQEA1Ayo6XnbB5wMvtnDaCLkkjeOZIOp8fX0z52+XCK4ozWj3xlv
3 | InaXWMcFzOeRZwZdPv27LqT/t0UsGvMEW95tzG9FcAH/K9fVm0FwM8B+U6iHrc1k
4 | u897qMdDHeK11sOvgwQge1nGVhOpYsguqte7z74TuGuUSUJxA8DCalg6X3/5LP9S
5 | gC3cYj+r25Edact28K/AcjKYZ9bSg2IbDNX0/CgmSr0suUTPUrrgCkyoRwPAvblA
6 | E03KD3T0vLRC8RhJV1K0dCCqIgQswEsSCkM3p9WWiaEFwtsN+SLOAHhfzILkBmwY
7 | ToQp/5ly13WGLoHs6N2/mjUsIQhtAKYPTI2F5wIDAQABAoIBABllXsF/p5zUsq4U
8 | 1JNfQnLElpgxMKRa6bQH12mfeu+JGBQ7LpU5EM1AINC2lzJ4j6hgqQ9gEYQ4k5yy
9 | qD38eLf4R5+vjYkJs3qBrtdz4W1RjNZi+AKKSewf2Uj2AwMyso2FbAJ58QgUGMBM
10 | 61HovoSV5jS7JapUe8aQSniEEpGnQQU9nsl5aYeuHf3j2YninzAkA/sGiCArAAhQ
11 | McaVIt2rmsmBJ8RVC+OIyeCF/eHu1KLGgL1/yXRnrvegilYM5ewxwFfHpI0rf8yg
12 | UCbEoh/pBOhz3jUwF/Q6q/MaVZdQv94j4k3K5htQDxSPllrCncUK0DwZ+yiwD7K3
13 | JVjobVkCgYEA/ZIdhpeQ4TTrbchTwXMPYxhBPeG36sVUGdFS/e1Zn/fgYEoLJ9mw
14 | aNIIiBZ2hP8tLD5L+8u7LLQlLxpMcZjNXWGYzBrl68sbqKLbRpEa2AqPrVk2Nk8v
15 | luPD9eWKJZxCkX3n+UID8EYvh4UIBSzltMWh+xkH/IXFIgOwHbBAeoMCgYEA1hS2
16 | jBwCSP6zQzIRDaE2FxUGXUiLiR13qIIKnCKvVAtoaCGjmBWY5ObkVHPTDwdd0YjQ
17 | yvMMZyStCmDEL7cZP78Ss9HwulV4tfKTe8ppBWoYMJG/4gp5flBJWDoJX5wqTQZa
18 | 8iXN0kK4WNM0fp0wDHGfVYQz5XMKZhD95mOW+c0CgYADZ6Ld28smOv+uSbJWNqVO
19 | P1Ug75b4oA2xCw6COl2puDpbEKN1tYaY4bkbmrGct5Bzt6Jtjx7ESub06vV70QFw
20 | 746Nrw7HS8LjUMyA9hHWNM4ZFcmUkRuiewx2kM56Es8SBQ7IWgqTf13EBBVHfILZ
21 | Go5CQOPKkEFFY6dJvsQe4QKBgCFMo4Bzst9LzvJ6zTBDjThV6uGDsUCotr4dTC0x
22 | L/hwtdLMuLelVFz2lTmVspS53pwDHgcTezBoAgqFNr79Sg4iWHRkCX/SX65dhxdQ
23 | Srmu4QhdA23Tl0ZQkrgIfwDCN8o3XNohizxTaH1YjOfM53ZoDhKtN61PEaUCq5u0
24 | jf1ZAoGBAOXHo+fhFJr7u8I1SPWEQdjaO816LPM5tpOJ5ZTVLxKjZNJ0jIDNnSiK
25 | GtVmEwm9nW9HT8X40gUnPr413/katRIZ7QwARxWoFs5caLX+LiqlL8G4ddKuDp6r
26 | vKGzbwW5joh31qa+JJulNcqJVPQkTUK8t+zFw9wJoskYe7RxCEfv
27 | -----END RSA PRIVATE KEY-----
28 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/config.sh:
--------------------------------------------------------------------------------
1 | # Configuration
2 |
3 | # The initial Product Availability Period for your trial of CA Microgateway
4 | # shall be sixty (60) days from the date of your initial deployment. You
5 | # are permitted only one (1) trial of CA Microgateway per Company, and you
6 | # may not redeploy a new trial of CA Microgateway after the end of the initial
7 | # Product Availability Period.
8 | ACCEPT_LICENSE=false
9 |
10 | START_TIMEOUT="600"
11 | DOCKER_PROJECT_NAME="demo" # do not change
12 | MICROSERVICE_BASE_PATH="${CWD}/microservices"
13 |
14 | API_LIVE_CREATOR_PATH="${CWD}/live-api-creator"
15 | API_LIVE_CREATOR_USER="admin"
16 | API_LIVE_CREATOR_PASSWORD="Password1"
17 | API_LIVE_CREATOR_HOST="http://localhost:8111"
18 | API_LIVE_CREATOR_NODES="1"
19 | API_LIVE_CREATOR_SERVER_ALIAS="lac_cluster"
20 | API_LIVE_CREATOR_RETRY_TIMEOUT="60" # In seconds
21 |
22 | MICROGATEWAY_PATH="${CWD}/../../docker-compose"
23 | MICROGATEWAY_PATH_ADDONS="${CWD}/microgateway/add-ons"
24 | MICROGATEWAY_PATH_CUSTOMIZATION="${CWD}/microgateway/customization"
25 | MICROGATEWAY_SSG_SCALE="1"
26 | MICROGATEWAY_DB_TYPE="consul" # postgresql or consul or empty (leave empty for the immutable mode)
27 | MICROGATEWAY_USERNAME="admin"
28 | MICROGATEWAY_PASSWORD="password"
29 |
30 | INGRESS_GATEWAY_PATH="${CWD}/gateway"
31 | INGRESS_GATEWAY_DB_TYPE="postgresql" # postgresql or consul or empty (leave empty for the immutable mode)
32 | INGRESS_GATEWAY_USERNAME="admin"
33 | INGRESS_GATEWAY_PASSWORD="password"
34 |
35 | OTK_HOST="localhost:8443"
36 | OTK_USERNAME="admin"
37 | OTK_PASSWORD="password"
38 | OTK_PATH="${CWD}/../../external/mag"
39 |
40 | MQTT_PATH="${CWD}/mqtt"
41 | MQTT_SCALE="0"
42 |
43 | # Required tool version
44 | CHECK_VERSION="true"
45 | DOCKER_COMPOSE_MIN_VERSION="1.16.0"
46 |
47 | DEMO_DEBUG=0
48 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/admin.key:
--------------------------------------------------------------------------------
1 | -----BEGIN RSA PRIVATE KEY-----
2 | MIIEowIBAAKCAQEAq5j9B1AEIO6z4VbHDnrtd0sFNTCWqDdKbsV/HEsZp+0+OwZV
3 | EEtIIx4GQ6HUhplMfJ8Ot1oSKPsxT0G+nZEBY96Pw4J9JFZLeZI9fYLCH1Ugg3+Y
4 | A1o94w+CDhSEKGhO22wDUx6XE9TjGH/hID+Iwt6pBPuA7ZTRkekzq7n9paURn9H+
5 | SKrufGa9IOFjnMTJCa+T+YK6xZB9BKLOwAwH+5clGLnwBXQ+EWbJpshdvrEhRaAf
6 | 5g83d74JxROF+qWi447ewVQgeKvH+yvFEzkHqIc6Hndw0Kf7+alJCcLwn9rJzTDc
7 | sQsZ7AiTT8YB4VESidcaoX9E0S8ixoP1uuH8zQIDAQABAoIBAClL3DkSTKwQRkII
8 | vEcD1npLF6nBU8CP7d3SsdCBUl9TfRJ/Z6FQPMAWzbMhEyCBbCLhtIzzpEMwkKFe
9 | VR1edFMwkLCgirVf/zH2u82k1krsFbMP1emYoiQu60GwNk3zLGcqC3LJfdpL9YtD
10 | 204DfEpJg6urS0/h7L2Mvd6qGBzww9T2BYXuP/ewKAujVPjnR9kiYCGKqodxk5sV
11 | xTZObn+xTY42F4Sr6dMj3CAdDAjq975OFl+jJRXrAmTv/MiTm81IWFS5NK9goSoa
12 | 334MphsA92D8yvqFbGhzU3hgAXFRu86ORAX1VAz3oJ5X6oUzR6+r0G7n9rbW3tTG
13 | VqnRc4ECgYEA3LCFOKj+P/cffTaubq4jQwIN+oFrQYNAwvTCsS3U6Q4msSxrVOcQ
14 | qX9fX8DnCFy9ajfXIXQmPRUCiz8CWVUlP+cssO+IeJRsGkNXJumz5huinRf7NwQW
15 | qRBETVlpfRBRz5/y1SQJJz+OMvpi2UQdRDl2zyqdZwoBGTdDXuLwqWUCgYEAxw2n
16 | oHy/m+upz3e+/ZA5wssFG/hWpQyd2OQHU1P1NWwL7app6U8G9N6tolGB04AX7r0u
17 | 6lrm44PHHFuRPm1FGpRvl6FWHk5ADzD69nIKB8fcMwkk94WIck4ZBaCUw3ZK4/e1
18 | 1usP8G3UmLi21UwERCuSWbQqS+kcJ+KphHeXg0kCgYEAgIAIEkXURUqPe0krqCad
19 | QZcgrIxO94aFXv9FngUhw9IJlYBXvsgMW6Ve01JvM99MK1z4VvJakZZ6NLork/iQ
20 | B/WDgEL5I7zIdUJgrLfHmGTe+rnL/OzUhPyDyMYXNksaV9q6eoDRE5leIzDH/do7
21 | cE5Fb7tQi363xQb4o3dgykECgYAWgyDWMcWp6LlH0Y80Nj+SHEvzod6KxCaGBSQe
22 | 9HvjEtk2g/N+g4WR5C1XEkjQlsgeJB9OOgGq8ZhvSJvgp5MNMoR8ba7Dtq3gCfYY
23 | MUWZI61vyDT6GYwZAWQrEsJAaPyHU9io+eTPmFxW+W0UKojA/PyMUKgH9dFNYYEy
24 | jiQAoQKBgGbhDD7K/Mbmo71j6B4ieaxKxFg2J2OC4IMHc0h1FbCWaHbixBQcTWYI
25 | HEr9Pc46fultQ7P1uQN/8C+SgW+ZP3CmpL/J7OHZR4TcHD7hI79+4YZmT3Ll6m8x
26 | kD2kD22ypqsZo660VopNeeJ90M5e/jznGXhD0zPQCXt0v4kOGYRp
27 | -----END RSA PRIVATE KEY-----
28 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tls/node.key:
--------------------------------------------------------------------------------
1 | -----BEGIN RSA PRIVATE KEY-----
2 | MIIEogIBAAKCAQEAsfhgUNthDaqvEPfaJXEeRoI4F96zOiRf1ZSvFxpuylkj05iI
3 | 2xPvKqp6gazITZbGHynWQvCBQ2gDepCGxGmHtKO+6yOkeGBlsCR53rs1G8UXqyao
4 | l1xWbynCjFe/bxtgO7UBT+7u1SmSJ8bJU7WfP7/LyVXH1PeFSW/3dUTX9ZYirWSx
5 | vwgQflNKx8mhzcBJFSbl0sWwTAjJsFyO9GmD3lXWB6adXdffXsN86jUzyK7CeSxv
6 | c+OSmwqFrJzIA8PKAiGvJAo2m5q2cmnyyW/l88KBUi/cS0pk6GMMnEiHYY76Prb2
7 | rTrgfB8W1vlapxIFQD8wTuZ1WO0XbzowFgtvcQIDAQABAoIBAH2ptkCBltbylSiz
8 | CXp0k/8PRZI9Mmo0cuK5WKREisQgCvcGdmPSgIas11Gm8cwvUPeCMAMWFP/GeuZZ
9 | FH+tUCARmuYnRaOl1Ud5if/mSgqwsRSteE9f6LwXTYKRFt/aAapHFYUeXc9vyf6C
10 | E3gi/y4hPECObEqI97kx8RYBpUeHLKSIPFvfBob68sK1PkEZf2vmE2z5cHo0E66D
11 | u6lVtrvd6ks2uxDmBlYFUw9WqT0xxQ+HjOD32KCWxR5Jw8P/a1LAlxAMSwyYQ9Iw
12 | BTYCKyoYnXWnUzNONUPa9w0wTtseHs6KQ8f978/0cmjyfBlantZ9EDjd27CLbuKW
13 | U8yRz60CgYEA3A8ewLpQLMM4ZcxUGBq6V535DzqbGOxFyjvYTuViNt3xUFQn6b1A
14 | gx0WrrDD56XJSMLYrg/HRyZPmLb6gXm8z0LNm9/zV1IhSdP2vUa/kUqbtIxlPSBG
15 | Bk2BWGP6lKmz8HwCbq1WKmRk4WzZiC4rsbHB7cJmgusaLQk7mix5/w8CgYEAzwl7
16 | N3VpWPZoMlFpe8ojTKe8yukE+GBtk5/1T0hlEJIZqQ/ZMef2AMVuMqVPU6wBSLwH
17 | Bbc4sYhfZHKu4gyQDwhlwGE95Tqpu/VdzvjXnQ73ZFGXCQnqfhf3u8an2GCWDuhH
18 | dSwaMnj1e8rVElHT5dNuckwSbfh7G2bsNhGLqX8CgYBWc+4+AzRKUavPenWzPpTk
19 | pSBa1khmgzRr3hT98eoi6hDK4TUJBBvbJstpd/KPCDfKyRm9UF+W2Ts+IOzLfxsp
20 | RfJnAZWlQZPoYEi4VZofJ3OCfAGuAQbhpQNiyWyBiSYzHVULTDfk0ao8UbooYRMz
21 | bUVl9hC18E1JUi5DRKPtCwKBgBxIhk2wO4EMwHVHS+q+VY4uSAtMRAKOYcnOC1wW
22 | XsAhxWGkKZ64upGmZwSCMtESaWZ/UVJFkngmUinNxPhakP+MvSHH5wW+uttTjMou
23 | kn4BQmixALoaYa9yJMTBQcK8hyNoNgLa0IVeouKTdgI3rYPzG15/5/CgBmla6SAF
24 | y5ePAoGAMI2i0lObwBMGXZBFuylR6rzFvtXQZWfbkxI0d+honDD7XJdGQIKL1dmG
25 | lVLsyB4WA5LcWIovThenFTuhBBSOVLsnyJ1Pz3khjNs6PPHi/J2dMRaGWAR4vg1n
26 | Ze8cnUpNRPf+8qh1zccPm0PpiTlaeVKwqcdtT5VAPWA+bwZa7cI=
27 | -----END RSA PRIVATE KEY-----
28 |
--------------------------------------------------------------------------------
/get-started/config/certs/microgateway.mycompany.com.key:
--------------------------------------------------------------------------------
1 | -----BEGIN PRIVATE KEY-----
2 | MIIEvwIBADANBgkqhkiG9w0BAQEFAASCBKkwggSlAgEAAoIBAQC3ndygR1HHQgf3
3 | 9JM+6d+Ivognp+A75sOibu2vglCCd8zfv1C7JDcX3oNS1j0PbKIMGeiwOgMidoi7
4 | GpnLyQlwDxhxpKbBaC/LhFkhbkPuS4G8ov80P6+dy4DxkBb/fxG6JhsMtNM9DlkY
5 | DvV0jneWqjTSAoSrraM9SfECLRvQHC0aVTnozphyi9oIE8m2fLHGc/Dz744fueSp
6 | N10beJozV3poAYkaXySvvwmejIBCv9JUGEitkbpFgTXYUaxJWaGLOBAiPHmL+vFu
7 | kg9/e1pAzTQcG0Pysu6OFHvDVfrkfSfFwIpV5QjaYPa2tkKKTnaE74tDmyK+P6nH
8 | wF8a5gRbAgMBAAECggEBAKpQZhXRMXymted715yyqCIZwQcvgyFs4ifnxtZWBMGP
9 | x9v+hC6h3+xm+965U7fb5s9ctOXJWaD828TZXrCUkAl+Jwk6VWbuce7PmzEUKzR8
10 | myFS+28GZ6nw2nC2W26v+cx1jf+SNqHaji9vqKNthmWdCROHPHJVxCWUUVXYa4Tz
11 | GW1jzhl5xVsQRrOQqFYWyc8veCjdCXmMN4FqX6E/p1tnlqqo+kyPUxz3a7epMsY+
12 | k8pPNM+JhdGrYHcZprTMGo2qgAd866sjj+lKH7FPRLS7X2SiaF81h5IF+DnG7BUM
13 | 1P5IDIowLtRdD1DPHT7+eyCmeXGacC+Nxy4Nn+2TVdECgYEA79EHIHnS7QYywDqG
14 | KDZhg2Qnw1KSG9tA+IZWhYv1+NG3oygONX0TEtED6aFzBbU++/6CBNOrwuLTesgV
15 | xDcu8Zi0q6gnlJv1LvcvnGJcYBK2HfHP26sjvfcFCd0kVdM1qLqqbnucG+9hOnbv
16 | /KrgD8YMljf4nI1uGJ4uoL50c4MCgYEAxAHysguTf/nfyHIbmits0UOawmnrGq/j
17 | A1EUsgf7PThGIshNBeSSESckTZ8xPtJ6fZ2Xcqo4jWuThfcp6ZoboWX2FpSq7d+q
18 | NdGAdIXQVNYg8MKxiQcy2Y2VKSM7UZdp05Wd06UaB0p8dmFUB2TGQKVEScFTwdOo
19 | GpPSKNe6XEkCgYEA1TtmutmXUmlQdtuSre6shcdoE6Q3hc1N16ybAeOQsczHG6th
20 | 9u1fKDvw3qtPOqQNfMKvmNscvgwxPdrqf60RcH/3JSo/B0Qknb3r94D94e7BP57i
21 | 0s842I/rSvn2dNl3vK89Gz+NbslKClH20RKeZ2gRiP/7bjfSzNDZZNPzd0ECgYBO
22 | NlTIlPPzghq42keHWkKesjJD14335S1ZunXeoG6xPA5IfNK3QkDC1XKYAqjc35H/
23 | I+411BSi4cVJFJpF27egzJXI5uPZ7YD23rU6SdcasyMLzzSWcCfrRaK6epOF+DxD
24 | MJV8yYm8VQ2bEzU7igvN6eR45crtMe8HQ+r9Xy+++QKBgQCeZLM7UHsPZsu/0mrf
25 | WDYMn3my0iXqxAbfCs1b/V2k52GYAwuyjSkItCI/WX4HahHVIlWvYIPT6FwaHOGq
26 | 4EylXFvI7NWKraBDbW7t/apzVGJSQIOEkUX58H5O4jUk/fR5xlayRVQba96bTijd
27 | /WHRDiAp5bKslzlk/BoonOavmg==
28 | -----END PRIVATE KEY-----
29 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/config/otk.env:
--------------------------------------------------------------------------------
1 | OTK_SERVER_HOST=otk
2 | OTK_SERVER_SSL_PORT=8443
3 | OTK_CERTIFICATE=LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tDQpNSUlEbXpDQ0FvT2dBd0lCQWdJSURTR1h3ZXZ4VnM0d0RRWUpLb1pJaHZjTkFRRU1CUUF3Z1pFeEN6QUpCZ05WDQpCQVlUQWtOQk1Sa3dGd1lEVlFRSUV4QkNjbWwwYVhOb0lFTnZiSFZ0WW1saE1SSXdFQVlEVlFRSEV3bFdZVzVqDQpiM1YyWlhJeEdEQVdCZ05WQkFvVEQwTkJJRlJsWTJodWIyeHZaMmxsY3pFVk1CTUdBMVVFQ3hNTVFWQkpUU0JIDQpZWFJsZDJGNU1TSXdJQVlEVlFRREV4bE5hV055YjJkaGRHVjNZWGtnVkdWemRDQlNiMjkwSUVOQk1CNFhEVEUzDQpNRGd3TWpFMU5UUXhObG9YRFRFNU1EZ3dNakUxTlRReE5sb3dKekVsTUNNR0ExVUVBeE1jYzNObkxYTndjaTEwDQphR1ZoZFhSb2IzSnBlbVZ5TG1OaExtTnZiVENDQVNJd0RRWUpLb1pJaHZjTkFRRUJCUUFEZ2dFUEFEQ0NBUW9DDQpnZ0VCQUoydzRQMjZPV3RWU2d0Slo5NmtuVUpwdmEydHhJMmxnV3ZrekpiTGlQV0ljV2VVVVlXRkdPWGp1L0JnDQpOUWRxTWRPZmo3YWtDTXo5L1lXSUFzMmFuYlhNV1Q2bjREMWJJYVJORk5acDRNL3Jmd1M4RjZHZXhOaUg1eHFoDQpBMSs5bU9OS05DTTlTcHpMSTRUbi9CVE4vMHpYOG1TSVZVenJOUzJ6TjFzTmM5QkhjYXYrTUtBQzU2TXp6M0ovDQovaHNvYWVmRjdLbGhFSG5zTkxOUDZicCtpZi9jbENnVzBCWTFlTEZjMmpBWXhSRzNwYk1nUkNJekc3bFVpZzlMDQpYakpjMWdlUjFWLzYxMXJIUmtIUHEyaExVNkhIZmJmU1NQU0IrdDhVd1BJWTUzanJoVzhodVFqT05PcEw5bURTDQp4L3M3OTVmclNtbGt0YVdaM1JpSEtVYlZxT3NDQXdFQUFhTmdNRjR3REFZRFZSMFRBUUgvQkFJd0FEQU9CZ05WDQpIUThCQWY4RUJBTUNCZUF3SFFZRFZSME9CQllFRkpUanJnOVNQVHBINU5YWjlmSWZrKzFHWDhQQk1COEdBMVVkDQpJd1FZTUJhQUZLS0xGSUZRaUE3ZkV6RnViZVJOMnduVGNCMFNNQTBHQ1NxR1NJYjNEUUVCREFVQUE0SUJBUUJPDQpKR294NVRRbWdnTDkyRXA3MlVDcXdEeE8vVmlrZ0w1Y2lBbUNEaGc1ZUZhM3BrQ09zaElyT1Z4LzNQWE9HMnN0DQpCWGxpSjRMMXAzZWozdG5PSGRUZWRRQnR3S0E2UzlBNHRtekp1T0xQcVhMaUxpNndWcVovZ3BuMG1CQVdYQzlCDQpRbWNBUVVGQzhidmdVckNvQzRkemFyS3djYmJ3UHI0ZWFIdU9aZjFTbWpLNUo2VGcyQUUvaEtCL1Vmd1hVdnRBDQpBcUg0V3labFUxSWJOaWFPZ2c4bktqb2Zac0NRcktsdnhGUGpXYXR0dmlXYWZ2RHBoUjNFcU1uRHdwQ3FZT2FIDQplYjIrOHVmanpMbEhzc3hXT3hUcmtPSHhERGlZT2xscERRajJscWFER0pzdmVJWWhnM1BKU2NGZGhwaDAwZ1dmDQpWeUZjS0FETjZpL0x5V0diQk9qVQ0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQ0K
4 |
--------------------------------------------------------------------------------
/samples/platforms/openshift/db-postgres.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Template
3 | metadata:
4 | name: db-postgres-template
5 | labels:
6 | name: db-postgres-template
7 | annotations:
8 | description: Template for Microservices Gateway Postgres
9 | objects:
10 | - apiVersion: v1
11 | kind: ConfigMap
12 | metadata:
13 | name: microgateway-quickstartconfig
14 | data:
15 | QUICKSTART_REST_MODE: ${QUICKSTART_REST_MODE}
16 | QUICKSTART_REPOSITORY_TYPE: ${QUICKSTART_REPOSITORY_TYPE}
17 | QUICKSTART_REPOSITORY_DB_TYPE: ${QUICKSTART_REPOSITORY_DB_TYPE}
18 | QUICKSTART_REPOSITORY_DB_HOST: ${QUICKSTART_REPOSITORY_DB_HOST}
19 | QUICKSTART_REPOSITORY_DB_PORT: ${QUICKSTART_REPOSITORY_DB_PORT}
20 | QUICKSTART_REPOSITORY_DB_NAME: ${POSTGRES_DB}
21 | POSTGRES_DB: ${POSTGRES_DB}
22 | QUICKSTART_REPOSITORY_DB_USER: ${POSTGRES_USER}
23 | QUICKSTART_REPOSITORY_DB_PASSWORD: ${POSTGRES_PASSWORD}
24 | parameters:
25 | - name: POSTGRES_DB
26 | description: Postgres db name
27 | required: true
28 | - name: POSTGRES_USER
29 | description: Postgres username
30 | required: true
31 | - name: POSTGRES_PASSWORD
32 | description: Postgres password
33 | required: true
34 | - name: QUICKSTART_REST_MODE
35 | description: Whether or not the Scaler service should be enabled
36 | required: true
37 | - name: QUICKSTART_REPOSITORY_TYPE
38 | description:
39 | required: true
40 | - name: QUICKSTART_REPOSITORY_DB_TYPE
41 | description: The type of database system to connect to for the Scaler database. The only current valid value is mysql.
42 | required: true
43 | - name: QUICKSTART_REPOSITORY_DB_HOST
44 | description: The FQDN for the database server for the Scaler database.
45 | required: true
46 | - name: QUICKSTART_REPOSITORY_DB_PORT
47 | description: The port number for the database server for the Scaler database.
48 | required: true
--------------------------------------------------------------------------------
/get-started/external/otk/customize/db/cassandra/setupSchemas.sh:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 | # This script is to setup OTK schema and test data in the cassandra docker container.
3 |
4 | set -e
5 | export TERM=xterm
6 |
7 | if ! hash netcat 2>/dev/null; then
8 | apt-get update && apt-get install -y netcat
9 | fi
10 |
11 | bash /docker-entrypoint.sh "cassandra"
12 |
13 | if ! nc -z localhost 9042; then
14 | while ! nc -z localhost 9042; do
15 | sleep 1
16 | done
17 | echo "Cassandra is up and running."
18 | fi
19 |
20 | echo "Checking if product schemas need to be configured..."
21 |
22 | function cqlExecution () {
23 | scriptName=${1}
24 | keyspace=${2}
25 | isRequired=${3}
26 |
27 | if [ -f /get_started/db_scripts/${scriptName} ]; then
28 | cqlsh --keyspace=${keyspace} -f /get_started/db_scripts/${scriptName}
29 | echo "${scriptName} successfully ran."
30 | else
31 | if [[ ${isRequired} == true ]]; then
32 | echo "ERROR: Required script ${scriptName} was not found. Verify that it exists in the mounted directory and try again."
33 | echo "Aborting!"
34 | exit 1;
35 | else
36 | echo "WARNING: ${scriptName} was not found. Set up will continue."
37 | fi
38 | fi
39 | }
40 |
41 | otkKeyspace="${OTK_KEYSPACE,,}"
42 |
43 | if ! cqlsh -e "describe keyspaces" | grep -wq "${otkKeyspace}" || ! cqlsh --keyspace=${otkKeyspace} -e "describe tables" | grep -wq "otk_version" ; then
44 | echo "Setting up OTK schema and test data..."
45 |
46 | cqlsh -e "CREATE KEYSPACE IF NOT EXISTS ${otkKeyspace} WITH REPLICATION = { 'class' : 'SimpleStrategy', 'replication_factor' : 1 };"
47 |
48 | cqlExecution "otk_db_schema_cassandra.cql" "${otkKeyspace}" true
49 | cqlExecution "otk_db_testdata_cassandra.cql" "${otkKeyspace}" false
50 | fi
51 |
52 | echo "All setup complete."
53 |
54 | watch -n 1 -e "tail -n 1 /var/log/cassandra/system.log"
55 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/live-api-creator/etc/tomcat/conf/context.xml:
--------------------------------------------------------------------------------
1 |
2 |
18 |
19 |
20 |
21 |
22 |
23 | WEB-INF/web.xml
24 | ${catalina.base}/conf/web.xml
25 |
26 |
27 |
30 |
31 |
33 |
35 |
36 |
37 |
38 |
39 |
40 |
--------------------------------------------------------------------------------
/get-started/get-further/operations/platforms/img/openshift_draw.io.xml:
--------------------------------------------------------------------------------
1 | 7Vtbk5s2FP41nkke1gPI+PJoe9Om02S6HWfa5lEGGWuCLSrkW359JSMBAnkX7wL2dvCLxdH9fOeicwQ9MN8cf6UwWn8lPgp7juUfe+Cx5/Df2OJ/gnJKKKORmxACiv2EZGeEBf6JJFH2C3bYR7HWkBESMhzpRI9st8hjGg1SSg56sxUJ9VkjGKASYeHBsEz9G/tsnVDHrpXRPyMcrNXMtiVrltD7EVCy28r5eg5YnX9J9QaqsWT7eA19csiRwKcemFNCWFLaHOcoFLxVbEv6/XKhNl03RVtWpYOTdNjDcIfUioch7zpb8kIgCn9EaLtY4xVTNXy0tFLugp0U5857R2J0i1cf1pihRQQ9UXvgssJpa7YJ+ZPNi0EI41g29cgGe7IcM0p+pJznTJnBEAdbXg7RSky7R5RhDtdUkhmJ0sWIOnS8yA875TKXXkQ2iNETb6I6DGQXKbiTQfJ4yKQAuJOEts5LwEByEkrJC9KhM+7zggTADAYwgFFgr5Ct6OI+pTrApWpuXbt/APT928AqMcAeWGUGKI1/y/4HF4XRx3sxtkSbU//dCQ2ZeXxbiGbPmVgWhPgr9igJIEMHeDLLcUo7z9WkdKttyMWD2QqH4ZyEhJ4nAb6Lxv4gVYNczdhZguGwqqQDM9J5JB0DksMakHQ7JFtAUnWwdJU1aGxTOA87nNvD2dFxdlrEedQczo+Q+ysYI76E3//qiQ2Usf7wRGIWULT48wtvwXnrWHOyjXfhx9JwKYEaBOU+hQei8cozCc/QG6Plqp6DDVAHmzbEZfLyQQZt/ak4qAvGCMYJduW5ybdFT/8IFvZd9fhd1R0xy1Xxp++S18k0yC+c7mOyox7SXBODNEBMk+4KzMwxzzXwTtEoCiHDe30RJobKGZ4I5hNnBt3VNR1YI32IZD+yV/50XxjIsQomwy0MlHChNNAZ33TblSC3y5HE9Om3sjbuYmEVCsLAo6BIFHebcOoxIf7pCf8LXKKQqz9mmAgtWhLGyIY3CEXFLA23cmojA65LUUId8cdbFFKFxIbIoiF1tMuBhREbH+1RSKIOIKk8LSJkCn2utZjSKtp5m9gHhZ+sfEIU81UKf3RmaGZu88Y2MbAVjKrS/rxVBeDOzOrDxNXNqkpKXWtWbVsfyB4VRKBGs1qOpD5/+/bEu4m/RUlIuLgzXSwoivFPmREQ4EZiVed1urOe+2g6oBTVcoN9X/SvotIXFa9SbmLw7BnmwerbLhjrLu1toqGakNUqRm8GyxQOvSctBp0WN6PF5fjp/6zFw5e02LGticb7B3BPajx+WY2bzsO66qSeJnXkGvLhG3DKWgbqOI2Y4rc60zo8BthjbnUcy35/8TqyfReNTPH6ZDgCsHKyJxGz6/OzTg0IqzE6hG+BsOwx1DTcLet3Y+jbHfo3R1+FTFdm7WvBv5yrub2DU7eqbTg4401rpwA1K0AiVTdycE3fJXcIP4PwzR1c0/fPGfpOh/4dOrgKiZjmHZwu/mmOtxUH1+CFbWf+UgW4kOhoRcRNSYoO4ZYQvrmDay9Dc+zQvz8HB0z5mwKrq79h0StdFphvISpeI0ityN8iXHH72s4tAhjpugvUdfy1twiDghEATmGg+m4RgCltc8+gu/cG+riA1fi1oIPCQKA50J13Bvrk3kCfFLCavBb0QWGgQXOgN5ifyn3OYXFvzNBz3jzz+R9QP+iBqZg7wnGfu+MIbk/i/2Obrr/RF38ufAOSfu/w0jcQdbwJBEyJq1vqe4lvugkAhncG3Jvoe+rJCyhU1e/iS5fFc9qr1Zs/Zh90Jc2zr+bAp/8A
--------------------------------------------------------------------------------
/get-started/get-further/operations/platforms/img/docker_draw.io.xml:
--------------------------------------------------------------------------------
1 | 7ZtZb+M2EIB/jYH2IQuJ1OXHONntFs0CKbLY7j7SEi0TkUWXoo/sry9pkTrpxkkky2kVIIg0PETNN8Mhh8oE3qz2vzG0Xn6hEU4mwIr2E3g7AcB2oCX+SMlTLvF9NxfEjESqUil4ID+xEqp28YZEOKtV5JQmnKzrwpCmKQ55TYYYo7t6tQVN6k9doxi3BA8hStrSv0jEl7k0cK1S/hmTeKmfbFuqZI7Cx5jRTaqeNwFwcfjJi1dI96XqZ0sU0V1FBD9O4A2jlOdXq/0NTqRutdrydp+OlBbjZjjlpzQAft5ii5IN1kP2EtF2NhcXsbz4gsIlSbGoxTZpStJYKln83tLwETNJGeEVTYt2TDfUEvH4eSk7vDZ/0qo+KAvL4ViieLckHD+sUShLd8K4hGzJV4m4s8VlnKAsU1VDuiKhus44o48FKqHFGUpInIrrBC/kY7eYcSL4Xisxp+tiMLIM748q0C6wCHPHdIU5exJVVAPoqybK0m0A8/tdaTfAmuayZdVmHKDsVdlqXPRd8hIXCpkZH7QN+BoKlua4PvqmyoPQXFe3XqoBxwZ1DbjTlgZsx2prILDergAQHLXfiGxl5wq4kP69kV41C8V7SbPV901rLe2ehIzGiOMdejKbciE7PKtPA9evoQYPZwuSJDc0oezwEBi5OIicwhMqJQGYQ8871djhEdZVlsDA0uuC5XRkeQ6WuoVVd1ur7bV9kdbLg5H0WUiDOmlwTtKgP9K3SIQtlImFyac/vk3kG7Rp/3JPMx4z/PDnnahB5WrlhqbZJvm11d2p65cLMh+Eg0VoMh8vDPB80c0Kx9FrCm0+hvDem/nA/sznjqJI9CC0jNLw0OKd4V8ssBca8Uf+dG5Z3eC3p149Tnjn5O88v77FaXQtt3xSU1KTUn9V9Yr3ZE/fpU4/uPr2hy7bE14pEnc/lPLzx+CotU9s6E0MhW5YiOu+wRGLsZ6cwbNLKtegPi1jOEGcbOvDMOlUPeGeEjHAcu6H9f0JhF69i3z4qlV1p9jsKKh3BIJGR/k7tzo6IC5e+zTqbpfUq8xLzt8rFlCWvI66nqWq1HNLGIq63YAF9Q70xdQb5gPcRkcdUvda1D9//Xovmsk/Dy0LEFMarzNnOCM/1U5WYl/LUR3G6c4m7q1pSm3mBVYkimT7WYLmOJkV2ZzatHvI5/zL5HrKnjq38aOz7pX1QUy0wduMQVehi0WG34ynnSm6vv+9HTU3mYylDVbZEq3l5WaVXIecVjV/JxUtVmmEEyoJzCnndHUaAXNWp4t8UQeBs+GCttVODMG+wmY7K2JkFeEtTuh6BGYCVkzrZwDmmrZJL414xqgGGz+q8B4zIkYp58AyQh4Jl68Mir5hKQSHDIpXtlMD7FjO64KibTdce9pbUNTZ5f9HUHSPLJUrQdHVc5v20gsKka5pt/rOvTgYvbgDL25P7/9lLz5iH6UXi8XQtKb7K3hJbmw6E20Q6vtQzWtMc7beh1WzLjq5WvUy2MVqxJR16TI9L7YIWxLKE2X7/aXdsB252Del3aaeD9HJSfvczF5+1Aa6IGzKsIyEz0RY+3jNw922f/dGv51pGemfm37zq4kTD+U64W/6aGLoABcEZwxwfX9pMDpAYWbDBDidlBkJD0F46ADnmT6L64c+GOlfXoDz2vvtAQKcX3t/4LTTyb0FOK/H7ybG6U8bQG5mAwW4cY8+IOHBA9z59u/7kf4FBrgTdnAX9YWMeufqMUKehRjqGMFx6+HZ0cfzLz1GcK16R9BtdNTdMYJn2ra+M+re8/9g0Cd1r0Hdfi11u0Hd6426b9rKvjfqR752OhN1v0EdvJY6aFD3u6Iubst/+surl/9ZCT/+Aw==
--------------------------------------------------------------------------------
/get-started/docker-compose/config/certificates.env:
--------------------------------------------------------------------------------
1 | # CA Root certificate
2 | CERT_0=LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVvVENDQTRtZ0F3SUJBZ0lKQU02OFZIQ2lXMzRQTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdSTVFzd0NRWUQKVlFRR0V3SkRRVEVaTUJjR0ExVUVDQk1RUW5KcGRHbHphQ0JEYjJ4MWJXSnBZVEVTTUJBR0ExVUVCeE1KVm1GdQpZMjkxZG1WeU1SZ3dGZ1lEVlFRS0V3OURRU0JVWldOb2JtOXNiMmRwWlhNeEZUQVRCZ05WQkFzVERFRlFTVTBnClIyRjBaWGRoZVRFaU1DQUdBMVVFQXhNWlRXbGpjbTluWVhSbGQyRjVJRlJsYzNRZ1VtOXZkQ0JEUVRBZUZ3MHgKTnpBNE1ERXhOakEyTURWYUZ3MHpOREF4TURReE5qQTJNRFZhTUlHUk1Rc3dDUVlEVlFRR0V3SkRRVEVaTUJjRwpBMVVFQ0JNUVFuSnBkR2x6YUNCRGIyeDFiV0pwWVRFU01CQUdBMVVFQnhNSlZtRnVZMjkxZG1WeU1SZ3dGZ1lEClZRUUtFdzlEUVNCVVpXTm9ibTlzYjJkcFpYTXhGVEFUQmdOVkJBc1RERUZRU1UwZ1IyRjBaWGRoZVRFaU1DQUcKQTFVRUF4TVpUV2xqY205bllYUmxkMkY1SUZSbGMzUWdVbTl2ZENCRFFUQ0NBU0l3RFFZSktvWklodmNOQVFFQgpCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOUU1xT2w1MndlY0RMN1p3MmdpNUpJM2ptU0RxZkgxOU0rZHZsd2l1S00xCm85OFpieUoybDFqSEJjem5rV2NHWFQ3OXV5NmsvN2RGTEJyekJGdmViY3h2UlhBQi95dlgxWnRCY0RQQWZsT28KaDYzTlpMdlBlNmpIUXgzaXRkYkRyNE1FSUh0WnhsWVRxV0xJTHFyWHU4KytFN2hybEVsQ2NRUEF3bXBZT2w5LworU3ovVW9BdDNHSS9xOXVSSFduTGR2Q3Z3SEl5bUdmVzBvTmlHd3pWOVB3b0prcTlMTGxFejFLNjRBcE1xRWNECndMMjVRQk5OeWc5MDlMeTBRdkVZU1ZkU3RIUWdxaUlFTE1CTEVncERONmZWbG9taEJjTGJEZmtpemdCNFg4eUMKNUFac0dFNkVLZitaY3RkMWhpNkI3T2pkdjVvMUxDRUliUUNtRDB5TmhlY0NBd0VBQWFPQitUQ0I5akFkQmdOVgpIUTRFRmdRVW9vc1VnVkNJRHQ4VE1XNXQ1RTNiQ2ROd0hSSXdnY1lHQTFVZEl3U0J2akNCdTRBVW9vc1VnVkNJCkR0OFRNVzV0NUUzYkNkTndIUktoZ1pla2daUXdnWkV4Q3pBSkJnTlZCQVlUQWtOQk1Sa3dGd1lEVlFRSUV4QkMKY21sMGFYTm9JRU52YkhWdFltbGhNUkl3RUFZRFZRUUhFd2xXWVc1amIzVjJaWEl4R0RBV0JnTlZCQW9URDBOQgpJRlJsWTJodWIyeHZaMmxsY3pFVk1CTUdBMVVFQ3hNTVFWQkpUU0JIWVhSbGQyRjVNU0l3SUFZRFZRUURFeGxOCmFXTnliMmRoZEdWM1lYa2dWR1Z6ZENCU2IyOTBJRU5CZ2drQXpyeFVjS0piZmc4d0RBWURWUjBUQkFVd0F3RUIKL3pBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQUNXV2U3UzVKRXlmRkRKejhaaDZxekZaQjRHL1F1OGFRamg5WQpMZUcxQTRVbTBiN3JYcWZGRjVoTUFiMXlvZ3RGV3FPcUpiL0FWYXZycjlFQTJPejd1NEM0WmlpY2E4aEpnb2RkClhjV2d6dnJmL2NiN3JDSEFUdmErbzFic1J3ZzRkZ3dtQi9LSlVQcHJidXBWWjEydU5uekRQY3JaTUdNaFVrOEIKYnpjVmdrRm43T3QvT0M0VEdxZERkT04wckozR3JqbHN3L252bGloem96NjhtR2RrRzFoWXNoT3dRQkZ3ZUFrdAp4ZEVJYWFIWGxDWmRWaXRIaDdjVVhHNWFkMEw2bUFZL2xSdHM0WGxDek0vaEhMVFNQNHhEcmpYanB0ejUzL1dRCmEvLzlGMkNqSXhXLzF2aVZ5RTdCOUpTc0NqY0p6dm5OYytjTE0rVnVtSjVCamNFWUV3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
3 | CERT_0_TRUST_ANCHOR=true
4 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/config/certificates.env:
--------------------------------------------------------------------------------
1 | # CA Root certificate
2 | CERT_0=LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVvVENDQTRtZ0F3SUJBZ0lKQU02OFZIQ2lXMzRQTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdSTVFzd0NRWUQKVlFRR0V3SkRRVEVaTUJjR0ExVUVDQk1RUW5KcGRHbHphQ0JEYjJ4MWJXSnBZVEVTTUJBR0ExVUVCeE1KVm1GdQpZMjkxZG1WeU1SZ3dGZ1lEVlFRS0V3OURRU0JVWldOb2JtOXNiMmRwWlhNeEZUQVRCZ05WQkFzVERFRlFTVTBnClIyRjBaWGRoZVRFaU1DQUdBMVVFQXhNWlRXbGpjbTluWVhSbGQyRjVJRlJsYzNRZ1VtOXZkQ0JEUVRBZUZ3MHgKTnpBNE1ERXhOakEyTURWYUZ3MHpOREF4TURReE5qQTJNRFZhTUlHUk1Rc3dDUVlEVlFRR0V3SkRRVEVaTUJjRwpBMVVFQ0JNUVFuSnBkR2x6YUNCRGIyeDFiV0pwWVRFU01CQUdBMVVFQnhNSlZtRnVZMjkxZG1WeU1SZ3dGZ1lEClZRUUtFdzlEUVNCVVpXTm9ibTlzYjJkcFpYTXhGVEFUQmdOVkJBc1RERUZRU1UwZ1IyRjBaWGRoZVRFaU1DQUcKQTFVRUF4TVpUV2xqY205bllYUmxkMkY1SUZSbGMzUWdVbTl2ZENCRFFUQ0NBU0l3RFFZSktvWklodmNOQVFFQgpCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOUU1xT2w1MndlY0RMN1p3MmdpNUpJM2ptU0RxZkgxOU0rZHZsd2l1S00xCm85OFpieUoybDFqSEJjem5rV2NHWFQ3OXV5NmsvN2RGTEJyekJGdmViY3h2UlhBQi95dlgxWnRCY0RQQWZsT28KaDYzTlpMdlBlNmpIUXgzaXRkYkRyNE1FSUh0WnhsWVRxV0xJTHFyWHU4KytFN2hybEVsQ2NRUEF3bXBZT2w5LworU3ovVW9BdDNHSS9xOXVSSFduTGR2Q3Z3SEl5bUdmVzBvTmlHd3pWOVB3b0prcTlMTGxFejFLNjRBcE1xRWNECndMMjVRQk5OeWc5MDlMeTBRdkVZU1ZkU3RIUWdxaUlFTE1CTEVncERONmZWbG9taEJjTGJEZmtpemdCNFg4eUMKNUFac0dFNkVLZitaY3RkMWhpNkI3T2pkdjVvMUxDRUliUUNtRDB5TmhlY0NBd0VBQWFPQitUQ0I5akFkQmdOVgpIUTRFRmdRVW9vc1VnVkNJRHQ4VE1XNXQ1RTNiQ2ROd0hSSXdnY1lHQTFVZEl3U0J2akNCdTRBVW9vc1VnVkNJCkR0OFRNVzV0NUUzYkNkTndIUktoZ1pla2daUXdnWkV4Q3pBSkJnTlZCQVlUQWtOQk1Sa3dGd1lEVlFRSUV4QkMKY21sMGFYTm9JRU52YkhWdFltbGhNUkl3RUFZRFZRUUhFd2xXWVc1amIzVjJaWEl4R0RBV0JnTlZCQW9URDBOQgpJRlJsWTJodWIyeHZaMmxsY3pFVk1CTUdBMVVFQ3hNTVFWQkpUU0JIWVhSbGQyRjVNU0l3SUFZRFZRUURFeGxOCmFXTnliMmRoZEdWM1lYa2dWR1Z6ZENCU2IyOTBJRU5CZ2drQXpyeFVjS0piZmc4d0RBWURWUjBUQkFVd0F3RUIKL3pBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQUNXV2U3UzVKRXlmRkRKejhaaDZxekZaQjRHL1F1OGFRamg5WQpMZUcxQTRVbTBiN3JYcWZGRjVoTUFiMXlvZ3RGV3FPcUpiL0FWYXZycjlFQTJPejd1NEM0WmlpY2E4aEpnb2RkClhjV2d6dnJmL2NiN3JDSEFUdmErbzFic1J3ZzRkZ3dtQi9LSlVQcHJidXBWWjEydU5uekRQY3JaTUdNaFVrOEIKYnpjVmdrRm43T3QvT0M0VEdxZERkT04wckozR3JqbHN3L252bGloem96NjhtR2RrRzFoWXNoT3dRQkZ3ZUFrdAp4ZEVJYWFIWGxDWmRWaXRIaDdjVVhHNWFkMEw2bUFZL2xSdHM0WGxDek0vaEhMVFNQNHhEcmpYanB0ejUzL1dRCmEvLzlGMkNqSXhXLzF2aVZ5RTdCOUpTc0NqY0p6dm5OYytjTE0rVnVtSjVCamNFWUV3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
3 | CERT_0_TRUST_ANCHOR=true
4 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/img/ca-microgateway-diagram-demo_draw-io.xml:
--------------------------------------------------------------------------------
1 | 7Vtbc9o4FP41PJaxLd94TEib7k46zWw60+YpI2wBmhqLlUVI+utXsiVjSYaCwQnNhgewj64+36dzjo7MAIwXT9cULudfSIqygeekTwNwNfA813Ud/iMkz5UkdL1KMKM4lZU2gjv8C0mhbDdb4RQVWkVGSMbwUhcmJM9RwjQZpJSs9WpTkumjLuEMWYK7BGa29DtO2bySxoGzkX9GeDZXI7uOLJnA5OeMklUuxxt4YFp+quIFVH3J+sUcpmTdEIGPAzCmhLDqavE0RpnQrVJb1e7TltJ63hTlbJ8GftXgEWYrpGYcZrzpZYofhTIzPMvLgvDflZjUZcJ7RnRzz69m4vdjylXqOeML/nVx+xf/voYMreGz6nBCVVUl4dMqR1HSUiHsWYGQwmKOxDwdXjpni4xfuvyS62wpqiyeZoJ9Q7guwDBZFYwsEH2YyVHB5RRn2ZhkhJbdgU9BHACfy3mrFPOnUGU5yZEQZ7Ao5GgJWeBEXmdwgrLLGlejVcEo+VmTxBPDkk3XfFin/HC5UqVUILh8RJRhzrkLWcDIUg13SwrMMGmtfmNUmBDGn7xWYBN7SQfREj01RJIL14hrjFGOkCNLPTCqmsh16/pgGFSS9WYdhLLSvLEEIrnAoVx5s7rvDfv4hSRgOxmDFjIew4lVgWhhE+HKuwJX4PWJkKEpOw1svqOh5gMbstCGLATHQxaeGLIFmeAMPSQZLrXx9qELPA06L7Cx8x21Bk+NXnRq9GDOPeOCa+OBe+aCiE7ePoS+a9jM2F5+oB8A498DaAKV4CIhwwIlK4rZ83CKKXeXYoAmuhrqBoAOCONRVOu8USIjnTY0fuu82p1hNzK8HPRuGBjYhxb2Xou3DKPjsVex8glitzJo+4ITSmbvMdufFrOBOH7FmM11W1hokALl6YXYlAnNCMAETE1ybNM+esLsh6wjru8FusPID+T9LaKYT1houkSd65A+/2jeVC0CdWs22Kr9gqxogrSolEE6Q0wzuyjVdpE2Qg39q61jU/9KRlEGGX7U955toMgRbgnm890YoUiP/lzDsVQPIxs194JGP6HeDzAdVKUBq5+SIfVD70ca76VJ87KUic6dMiOgmwyVvjiUMm6sc8YdGR2dkDPgbXMmPHvOeLuhPkfO2OmtrxcrrquTEedQKhzGtO5xxZ6By17MjG1m+mfFzA+uTs3OHhDokVSfHtDOdbVlTh1JV+cbIdlPzCziHhRvPy7zPyjU7k7+A7nePT0K4peMtPfI1hxvxzam616ZqV12bGO77hslZu2ape6+Nse3bY5aMmdidIBjbLtCv6PRGemk8o3cwAmNzh7pojP1hJ1J45wXaVyDNFFH0viOTpqgN9L4dor/7+/fLN5wC8p0plBU4F9wUlYQEC7FZMrpBZeD4OrA7IrtYZoJx22sPDYxY7mG+shZPtigPsnVuBnvdCMfnKF3HJ1UFTKdFuhYhEGfKRxlFtwDzUJfjkUZhHP2LLqN8KKwm40w8oL1FvP0NgLscQwoFu/yuFW1c1H5hht1VbzUAM31W1BzVYbvmOAM2BmtMp6/ETSQYb2ZUh9TBBlfMUfF9DgvGMyTloO2/0lA30KmJmkqau5cyv2xwrMta3nKUiD6iDlmFiW+0lS8stATI1KI4mnyGtBbR4VhEqPJtNVo18Zk/1M44xDOPkKvX0hrQuw7J0DYXve7Ef4HcYUvuDuFJcnfkT4G6dA+ae8NaWBvntRqNTHm2MJN2GFCrKBMnjOcp6XS1nPM0N0SlkHKmgOsgz8REKH0ZqIEJ0NVZ81vw+neTbrFnnrovYz9bvJEjv6a1Mg+qwfR9qjuKPKMLPKYhuBNkGjPFzBeNyQ4jCVt7qQvmvi2N7GQP+szLmMH1Wk3VoXSr7X58lUkr1K8XY+5/NjoyHRCJ0zR2IcJi283dxZ13nM0DTb6W2jWyNGAWH+z78M5ZW38Ps/Dt6z+qGPe9lCzUP/no2kWtuTUXsYshCq5rJL0Xc1CGOmvXgC3P7PQ9ueOnhkSvBRDvBaGjF6VIUBniBt2ZEjk6gGI6xtz6cwQfrv5Z1FVffP3LfDxPw==
--------------------------------------------------------------------------------
/get-started/external/mag/config/otk.env:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright (c) 2016 CA. All rights reserved.
3 | #
4 | # This software may be modified and distributed under the terms
5 | # of the MIT license. See the LICENSE file for details.
6 | #
7 | SSG_HTTP_CORE_CONCURRENCY=128 -Dcom.l7tech.server.protectedEntityTracker.enable=false
8 |
9 | MAS_PORT=8443
10 | MDC_PORT=443
11 |
12 | # System Settings
13 | SSG_JVM_HEAP=2G
14 | SSG_CLUSTER_PASSWORD=7layer
15 |
16 | # MQTT Configuration
17 | BUNDLE_TEMPLATE_MESSAGING_BROKER_HOST=mqtt
18 | BUNDLE_TEMPLATE_MESSAGING_BROKER_PORT=1883
19 |
20 | # Test Data
21 | ADD_TEST_USERS_GROUPS=true
22 | ADD_TEST_CLIENTS=false
23 |
24 | # Database settings
25 | ## SSG DB
26 | SSG_DATABASE_TYPE=derby
27 | SSG_DATABASE_DERBY_IN_MEMORY=false
28 |
29 | ## MAG DB
30 | BUNDLE_TEMPLATE_MAG_DATABASE_HOST=otk_mysqldb
31 | BUNDLE_TEMPLATE_MAG_DATABASE_PORT=3306
32 | BUNDLE_TEMPLATE_MAG_DATABASE_USER=root
33 | BUNDLE_TEMPLATE_MAG_DATABASE_PASSWORD=UTWtziFHF0xgng==
34 | BUNDLE_TEMPLATE_MAG_DATABASE_NAME=otk_db
35 | BUNDLE_TEMPLATE_MAG_DATABASE_TYPE=mysql
36 | BUNDLE_TEMPLATE_MAG_DATABASE_MYSQL_ENABLED=true
37 |
38 | ## Identity DB
39 | BUNDLE_TEMPLATE_IDENTITY_DATABASE_HOST=otk_mysqldb
40 | BUNDLE_TEMPLATE_IDENTITY_DATABASE_PORT=3306
41 | BUNDLE_TEMPLATE_IDENTITY_DATABASE_USER=root
42 | BUNDLE_TEMPLATE_IDENTITY_DATABASE_PASSWORD=UTWtziFHF0xgng==
43 | BUNDLE_TEMPLATE_IDENTITY_DATABASE_NAME=ssg
44 | BUNDLE_TEMPLATE_IDENTITY_DATABASE_TYPE=mysql
45 | BUNDLE_TEMPLATE_IDENTITY_DATABASE_MYSQL_ENABLED=true
46 |
47 | ## Storage DB
48 | BUNDLE_TEMPLATE_STORAGE_DATABASE_HOST=otk_mysqldb
49 | BUNDLE_TEMPLATE_STORAGE_DATABASE_PORT=3306
50 | BUNDLE_TEMPLATE_STORAGE_DATABASE_USER=root
51 | BUNDLE_TEMPLATE_STORAGE_DATABASE_PASSWORD=UTWtziFHF0xgng==
52 | BUNDLE_TEMPLATE_STORAGE_DATABASE_NAME=mas_cs
53 | BUNDLE_TEMPLATE_STORAGE_DATABASE_TYPE=mysql
54 | BUNDLE_TEMPLATE_STORAGE_DATABASE_MYSQL_ENABLED=true
55 |
56 | ## Dev Console DB
57 | BUNDLE_TEMPLATE_DEV_CONSOLE_DATABASE_HOST=otk_mysqldb
58 | BUNDLE_TEMPLATE_DEV_CONSOLE_DATABASE_PORT=3306
59 | BUNDLE_TEMPLATE_DEV_CONSOLE_DATABASE_USER=root
60 | BUNDLE_TEMPLATE_DEV_CONSOLE_DATABASE_PASSWORD=UTWtziFHF0xgng==
61 | BUNDLE_TEMPLATE_DEV_CONSOLE_DATABASE_NAME=otk_db
62 | BUNDLE_TEMPLATE_DEV_CONSOLE_DATABASE_TYPE=mysql
63 | BUNDLE_TEMPLATE_DEV_CONSOLE_DATABASE_MYSQL_ENABLED=true
64 |
65 | # Add test OAuth clients
66 | ADD_TEST_CLIENTS=true
67 |
--------------------------------------------------------------------------------
/CHANGELOG.md:
--------------------------------------------------------------------------------
1 | # Changelog
2 |
3 | - [1.0.0-CR01 (2018-03-26)](#1.0.0-CR01)
4 | - [1.0.0 (2017-09-21)](#1.0.0)
5 |
6 | ## 1.0.0-CR01 (2018-03-26)
7 |
8 | ### Templates for API policies
9 |
10 | - API Authentication
11 | - Require client TLS certificate ([documentation](https://docops.ca.com/ca-microgateway/1-0/EN/working-with-the-ca-microgateway/quickstart-templates/requireclienttlscertificate))
12 |
13 | ### Platform support
14 |
15 | - Kubernetes ([documentation](https://docops.ca.com/ca-microgateway/1-0/EN/getting-started-with-the-ca-microgateway/run-the-ca-microgateway-in-kubernetes))
16 |
17 | ### Signed SSL/TLS certificate provisioning
18 | - Auto-provisioning of signed SSL/TLS certificates of CA API Gateway, CA Microgateway and microservices
19 |
20 | - Enable Mutual TLS authentication between CA API Gateway, CA Microgateway and microservices
21 | - Protect API traffic flow with a JWT from CA Edge API Gateway, to CA Microgateway to microservices
22 | - Management of CA Microgateway nodes from a web console
23 |
24 | ### Container
25 |
26 | - Based on API Gateway 9.3 ([documentation](https://docops.ca.com/ca-api-gateway/9-3/en))
27 | - *Note: Please update Policy Manager to v.9.3.00 as described in the [prerequisites](https://docops.ca.com/ca-microgateway/1-0/EN/introduction-to-the-ca-microgateway/prerequisites-for-ca-microgateway). It can be downloaded from the trial page*
28 | - Health Check API opened to any load balancers ([documentation](https://docops.ca.com/ca-microgateway/1-0/EN/getting-started-with-the-ca-microgateway/get-the-ca-microgateway-health))
29 | - Run custom provisioning scripts before the CA Microgateway starts ([documentation](https://docops.ca.com/ca-microgateway/1-0/EN/working-with-the-ca-microgateway/create-your-own-microgateway-image))
30 |
31 |
32 | ## 1.0.0 (2017-09-21)
33 |
34 | ### Templates for API policies
35 |
36 | - API Authentication
37 | - Basic authentication
38 | - OAuth
39 | - JWT
40 | - LDAP
41 |
42 | - API Security
43 | - CORS
44 | - Code injection protection
45 | - TLS enforcement
46 |
47 | - API Traffic Control
48 | - Circuit breaker
49 | - Rate limit
50 |
51 | - API Aggregation/Orchestration
52 | - JSON to JSON transformation using JOLT
53 | - HTTP routes
54 |
55 | ### Logging and Auditing
56 |
57 | ### Plugin support
58 |
59 | - Load bundle files to add new templates
60 |
61 | ### Platform support
62 |
63 | - Docker
64 | - OpenShift
65 |
--------------------------------------------------------------------------------
/samples/APIs/Gatewayfile-with-orchestrator-oauth-route:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Headers-oauth",
4 | "gatewayUri": "/Headers-oauth",
5 | "httpMethods": [ "get", "post", "put", "delete" ],
6 | "policy": [
7 | {
8 | "RouteOrchestrator": {
9 | "rule": {
10 | "orchestrator": [
11 | {
12 | "aggregator": [
13 | {
14 | "RouteHttp": {
15 | "targetUrl": "https://microgateway.mycompany.com:443/httpbin-oauth/headers",
16 | "httpMethod": "GET",
17 | "parameters": [],
18 | "headers": [
19 | {
20 | "Authorization": "Bearer ac3b9d27-a762-411e-bbef-67a5a7c4f5c5"
21 | }
22 | ],
23 | "requestTransform": [],
24 | "responseTransform": []
25 | }
26 | },
27 | {
28 | "RouteHttp": {
29 | "targetUrl": "https://microgateway.mycompany.com:443/httpbin-oauth/headers",
30 | "httpMethod": "GET",
31 | "parameters": [],
32 | "headers": [
33 | {
34 | "Content-Type": "application/json"
35 | }
36 | ],
37 | "requestTransform": [],
38 | "responseTransform": []
39 | }
40 | }
41 | ]
42 | }
43 | ]
44 | }
45 | }
46 | }
47 | ]
48 | }
49 | }
50 |
51 |
--------------------------------------------------------------------------------
/get-started/get-further/build-microgateway-with-custom-templates-and-services.md:
--------------------------------------------------------------------------------
1 | ## Build a Microgateway image with APIs preloaded from JSON file
2 |
3 | This step will typically be done by a devops engineer.
4 |
5 | - **_Accept the license_**
6 |
7 | By passing the value "true" to the environment variable `ACCEPT_LICENSE` in
8 | the file `get-started/docker-compose/config/license.env`, you are expressing
9 | your acceptance of the [CA Trial and Demonstration Agreement](../../LICENSE.md).
10 |
11 | The initial Product Availability Period for your trial of CA Microgateway
12 | shall be sixty (60) days from the date of your initial deployment. You are
13 | permitted only one (1) trial of CA Microgateway per Company, and you may not
14 | redeploy a new trial of CA Microgateway after the end of the initial Product
15 | Availability Period.
16 |
17 | - Build a new Microgateway container image with a sample service:
18 |
19 | - _A sample service json is under `get-started/docker-compose/add-ons/services`_
20 | - _Run the following command to build a new image with the sample template and service and start the Microgateway_
21 |
22 | ```
23 | cd get-started/docker-compose
24 |
25 | docker-compose --project-name microgateway \
26 | --file docker-compose.yml \
27 | --file docker-compose.lb.dockercloud.yml \
28 | --file docker-compose.addons.yml \
29 | up -d --build
30 | ```
31 |
32 | - Verify that your API is exposed:
33 |
34 | ```
35 | curl --insecure --user "admin:password" https://localhost/quickstart/1.0/services
36 | ```
37 | Should return a list containing your Google Search Preloaded service.
38 |
39 | - Use your exposed API:
40 |
41 | ```
42 | curl --insecure \
43 | --header "User-Agent: Mozilla/5.0" \
44 | 'https://localhost/google-preloaded?q=CA'
45 | ```
46 | - Find your new microgateway image
47 |
48 | ```
49 | docker images caapim/microgateway:addons
50 | ```
51 |
52 | Underneath the hood:
53 |
54 | - When setting `SCALER_ENABLE: "false"`, microgateway will load quickstart services from json files under /opt/SecureSpan/Gateway/node/default/etc/bootstrap/qs inside the container. The user could choose to bake the quickstart json files using a Dockerfile (e.g. `get-started/docker-compose/add-ons/Dockerfile.addon`) into the container or map the docker volume to a folder.
55 |
56 | Integration to CI/CD:
57 |
58 | - The devops engineer could incorporate the docker container build process to overall CI/CD infrastructure by storing the quickstart .json files in a (git) repository and use docker build tools such as https://wiki.jenkins.io/display/JENKINS/Docker+build+step+plugin to build new container image
59 |
--------------------------------------------------------------------------------
/samples/APIs/Gatewayfile-with-frontoauth-orchestrator-oauth-route:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Headers-frontoauth-backoauth",
4 | "gatewayUri": "/Headers-frontoauth-backoauth",
5 | "httpMethods": [ "get", "post", "put", "delete" ],
6 | "policy": [
7 |
8 | {
9 | "RequireOauth2Token": {
10 | "scope_required": "READ_HEADERS",
11 | "scope_fail": "false",
12 | "onetime": "false",
13 | "given_access_token": ""
14 | }
15 | },
16 |
17 | {
18 | "RouteOrchestrator": {
19 | "rule": {
20 | "orchestrator": [
21 | {
22 | "aggregator": [
23 | {
24 | "RouteHttp": {
25 | "targetUrl": "https://microgateway.mycompany.com:443/httpbin-oauth/headers",
26 | "httpMethod": "GET",
27 | "parameters": [],
28 | "headers": [
29 | {
30 | "Authorization": "Bearer ac3b9d27-a762-411e-bbef-67a5a7c4f5c5"
31 | }
32 | ],
33 | "requestTransform": [],
34 | "responseTransform": []
35 | }
36 | },
37 | {
38 | "RouteHttp": {
39 | "targetUrl": "https://microgateway.mycompany.com:443/httpbin-oauth/headers",
40 | "httpMethod": "GET",
41 | "parameters": [],
42 | "headers": [
43 | {
44 | "Content-Type": "application/json"
45 | }
46 | ],
47 | "requestTransform": [],
48 | "responseTransform": []
49 | }
50 | }
51 | ]
52 | }
53 | ]
54 | }
55 | }
56 | }
57 | ]
58 | }
59 | }
60 |
61 |
--------------------------------------------------------------------------------
/get-started/external/mag/customize/bundle/after-start/add_edge_gateway_user.bundle:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | 118ff2af84d24e05a8a6c21565a00c8d
6 | USER
7 |
8 |
9 | edge-gateway
10 |
11 | cn=edge-ssg,ou=apim gateway,o=ca technologies,l=vancouver,st=british columbia,c=ca
12 |
13 |
14 | edge-gateway
15 |
16 |
17 |
18 |
19 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURqekNDQW5jQ0NRQzY0T3J5Z0VQVHdqQU5CZ2txaGtpRzl3MEJBUXNGQURDQmtURUxNQWtHQTFVRUJoTUMKUTBFeEdUQVhCZ05WQkFnVEVFSnlhWFJwYzJnZ1EyOXNkVzFpYVdFeEVqQVFCZ05WQkFjVENWWmhibU52ZFhabApjakVZTUJZR0ExVUVDaE1QUTBFZ1ZHVmphRzV2Ykc5bmFXVnpNUlV3RXdZRFZRUUxFd3hCVUVsTklFZGhkR1YzCllYa3hJakFnQmdOVkJBTVRHVTFwWTNKdloyRjBaWGRoZVNCVVpYTjBJRkp2YjNRZ1EwRXdIaGNOTVRjeE1ETXgKTWpBd09ETTVXaGNOTkRZd016RTRNakF3T0RNNVdqQ0JnREVMTUFrR0ExVUVCaE1DUTBFeEdUQVhCZ05WQkFnVApFRUp5YVhScGMyZ2dRMjlzZFcxaWFXRXhFakFRQmdOVkJBY1RDVlpoYm1OdmRYWmxjakVZTUJZR0ExVUVDaE1QClEwRWdWR1ZqYUc1dmJHOW5hV1Z6TVJVd0V3WURWUVFMRXd4QlVFbE5JRWRoZEdWM1lYa3hFVEFQQmdOVkJBTVQKQ0dWa1oyVXRjM05uTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFxcVRyMUV3cgprU0JQbzNhMDNabVIvZ3ljbHJENWZoSXh1d2gxT1RBbityMmo5elM3NzdhbnA3cSt3TDRoVER0WVcyc08zdnVOClNZRG8zQ2dmYTlmTGhBM0dZaHYycmRWWG5TTzd6TlNPODBDYWk0Q05PemlnMytuYWZ5TXRwSk1pL2pUdjNPWU4KV1lXRXk2aWJNVCtxME1BOGFhVlJmV0xEalg5dEltUE5sWGRwQ1M1NWVOUmVScEFtQnZrNW1QWVNwbFY4Tm9nOApvK2h1V3k0dGI2cHdmM1hScnVrNU82dng5bzBPU1NTSmJXUUs4MUk2SkFDeGh2L0lnVHE4SzkyMFVER1FIMHRVCnJWcmhwd09UZ25lS1RGdy9URGNFUUZ0ZGZlUjErcEFkV0FzYStYZUliQ0pNaVRyWWZzSkdSUmJJUjBzSnZ4S2EKYzZRcWNvbmpQd1RQUXdJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUMxd1JZK2M0Rm1pOVZnd2ZUWQpMazlLQ295UWhFaWovTlBhc3hiUk5YRHRRazdqSVZ3dlNNSXJhUW5PVldRQ3Zqdm9jTW5CNjZFL3ZZWm14RlFiCktlQUx3QnpBUXhTdDB4MlVwNjcrRFBrK2tVSUlsVEg0bzZHdHorTlBtWnNHRnhvU3BXSGlqOTdGQTlrb2JuUlUKWERBb3pZLzVpZ21vM0ZnekhEaDNsczNocUo2SG40d1A5Vi9PZE1JWUZ2MXJDSkIzempsa1pVS0VUVWtGdjcybQpNMDBwMVVBRFVPVXFqcWVwb0JjVVpqUmxVNnBhZXpzcGpBTUZyajBvREt0eE15MVdFN0dUdndob2pQcEVoaVcvCjl1TTdZSDluN3o0UDNDbVY4dkd0RFVXai9zUkh0T2lHbDdZMEFsNDJlQW5FZ3hMZjRWRG1TZExYR0F6aTZReFIKV1JvVgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/get-started/external/otk/customize/bundle/after-start/add_edge_gateway_user.bundle:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | 118ff2af84d24e05a8a6c21565a00c8d
6 | USER
7 |
8 |
9 | edge-gateway
10 |
11 | cn=edge-ssg,ou=apim gateway,o=ca technologies,l=vancouver,st=british columbia,c=ca
12 |
13 |
14 | edge-gateway
15 |
16 |
17 |
18 |
19 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURqekNDQW5jQ0NRQzY0T3J5Z0VQVHdqQU5CZ2txaGtpRzl3MEJBUXNGQURDQmtURUxNQWtHQTFVRUJoTUMKUTBFeEdUQVhCZ05WQkFnVEVFSnlhWFJwYzJnZ1EyOXNkVzFpYVdFeEVqQVFCZ05WQkFjVENWWmhibU52ZFhabApjakVZTUJZR0ExVUVDaE1QUTBFZ1ZHVmphRzV2Ykc5bmFXVnpNUlV3RXdZRFZRUUxFd3hCVUVsTklFZGhkR1YzCllYa3hJakFnQmdOVkJBTVRHVTFwWTNKdloyRjBaWGRoZVNCVVpYTjBJRkp2YjNRZ1EwRXdIaGNOTVRjeE1ETXgKTWpBd09ETTVXaGNOTkRZd016RTRNakF3T0RNNVdqQ0JnREVMTUFrR0ExVUVCaE1DUTBFeEdUQVhCZ05WQkFnVApFRUp5YVhScGMyZ2dRMjlzZFcxaWFXRXhFakFRQmdOVkJBY1RDVlpoYm1OdmRYWmxjakVZTUJZR0ExVUVDaE1QClEwRWdWR1ZqYUc1dmJHOW5hV1Z6TVJVd0V3WURWUVFMRXd4QlVFbE5JRWRoZEdWM1lYa3hFVEFQQmdOVkJBTVQKQ0dWa1oyVXRjM05uTUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQ0FROEFNSUlCQ2dLQ0FRRUFxcVRyMUV3cgprU0JQbzNhMDNabVIvZ3ljbHJENWZoSXh1d2gxT1RBbityMmo5elM3NzdhbnA3cSt3TDRoVER0WVcyc08zdnVOClNZRG8zQ2dmYTlmTGhBM0dZaHYycmRWWG5TTzd6TlNPODBDYWk0Q05PemlnMytuYWZ5TXRwSk1pL2pUdjNPWU4KV1lXRXk2aWJNVCtxME1BOGFhVlJmV0xEalg5dEltUE5sWGRwQ1M1NWVOUmVScEFtQnZrNW1QWVNwbFY4Tm9nOApvK2h1V3k0dGI2cHdmM1hScnVrNU82dng5bzBPU1NTSmJXUUs4MUk2SkFDeGh2L0lnVHE4SzkyMFVER1FIMHRVCnJWcmhwd09UZ25lS1RGdy9URGNFUUZ0ZGZlUjErcEFkV0FzYStYZUliQ0pNaVRyWWZzSkdSUmJJUjBzSnZ4S2EKYzZRcWNvbmpQd1RQUXdJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQUE0SUJBUUMxd1JZK2M0Rm1pOVZnd2ZUWQpMazlLQ295UWhFaWovTlBhc3hiUk5YRHRRazdqSVZ3dlNNSXJhUW5PVldRQ3Zqdm9jTW5CNjZFL3ZZWm14RlFiCktlQUx3QnpBUXhTdDB4MlVwNjcrRFBrK2tVSUlsVEg0bzZHdHorTlBtWnNHRnhvU3BXSGlqOTdGQTlrb2JuUlUKWERBb3pZLzVpZ21vM0ZnekhEaDNsczNocUo2SG40d1A5Vi9PZE1JWUZ2MXJDSkIzempsa1pVS0VUVWtGdjcybQpNMDBwMVVBRFVPVXFqcWVwb0JjVVpqUmxVNnBhZXpzcGpBTUZyajBvREt0eE15MVdFN0dUdndob2pQcEVoaVcvCjl1TTdZSDluN3o0UDNDbVY4dkd0RFVXai9zUkh0T2lHbDdZMEFsNDJlQW5FZ3hMZjRWRG1TZExYR0F6aTZReFIKV1JvVgotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/get-started/external/mag/customize/bundle/after-start/add_microgateway_user.bundle:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | fa7165ba208f4061b3d99b7646cccde1
6 | USER
7 |
8 |
9 | microgateway.mycompany.com
10 |
11 | cn=microgateway.mycompany.com,ou=apim gateway,o=ca technologies,l=vancouver,st=british columbia,c=ca
12 |
13 |
14 | microgateway.mycompany.com
15 |
16 |
17 |
18 |
19 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURvVENDQW9rQ0NRRHBpK1p5NzVYcGNEQU5CZ2txaGtpRzl3MEJBUXNGQURDQmtURUxNQWtHQTFVRUJoTUMKUTBFeEdUQVhCZ05WQkFnVEVFSnlhWFJwYzJnZ1EyOXNkVzFpYVdFeEVqQVFCZ05WQkFjVENWWmhibU52ZFhabApjakVZTUJZR0ExVUVDaE1QUTBFZ1ZHVmphRzV2Ykc5bmFXVnpNUlV3RXdZRFZRUUxFd3hCVUVsTklFZGhkR1YzCllYa3hJakFnQmdOVkJBTVRHVTFwWTNKdloyRjBaWGRoZVNCVVpYTjBJRkp2YjNRZ1EwRXdIaGNOTVRjeE1URTEKTWpJMU5qQTNXaGNOTWpFd09ERXhNakkxTmpBM1dqQ0JrakVMTUFrR0ExVUVCaE1DUTBFeEdUQVhCZ05WQkFnTQpFRUp5YVhScGMyZ2dRMjlzZFcxaWFXRXhFakFRQmdOVkJBY01DVlpoYm1OdmRYWmxjakVZTUJZR0ExVUVDZ3dQClEwRWdWR1ZqYUc1dmJHOW5hV1Z6TVJVd0V3WURWUVFMREF4QlVFbE5JRWRoZEdWM1lYa3hJekFoQmdOVkJBTU0KR20xcFkzSnZaMkYwWlhkaGVTNXRlV052YlhCaGJua3VZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQwpBUThBTUlJQkNnS0NBUUVBdDUzY29FZFJ4MElIOS9TVFB1bmZpTDZJSjZmZ08rYkRvbTd0cjRKUWduZk0zNzlRCnV5UTNGOTZEVXRZOUQyeWlEQm5vc0RvREluYUl1eHFaeThrSmNBOFljYVNtd1dndnk0UlpJVzVEN2t1QnZLTC8KTkQrdm5jdUE4WkFXLzM4UnVpWWJETFRUUFE1WkdBNzFkSTUzbHFvMDBnS0VxNjJqUFVueEFpMGIwQnd0R2xVNQo2TTZZY292YUNCUEp0bnl4eG5QdzgrK09IN25rcVRkZEczaWFNMWQ2YUFHSkdsOGtyNzhKbm95QVFyL1NWQmhJCnJaRzZSWUUxMkZHc1NWbWhpemdRSWp4NWkvcnhicElQZjN0YVFNMDBIQnREOHJMdWpoUjd3MVg2NUgwbnhjQ0sKVmVVSTJtRDJ0clpDaWs1MmhPK0xRNXNpdmorcHg4QmZHdVlFV3dJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQQpBNElCQVFBMVJtZ1JHeVZ4UksxdnpjOWd6ZnNKd3VaMzlKbTJkamtQT3N6aWxnMnk4cGJ6SFI1eU05RWdoYlYyCmhHODZPQlRxNTk3cTJpeWs5bzlOaFQ4UWlnZ3pxSkpoU3JJNE1FSzdmNGlSSGIyLzFwZ09YNWFzcDRMWjd4Y04KSDlla2NFOGE5SDlLZmhZNm56UGg2OFowZjFKaG8yRnZKeEZBVFBFY2lrR24yNUJUZFBsSjBRMC9DZWVsWWdGKwpteUwzVndaT25ERGNYTTdmbDZ3MGRDUTZPWUc4OFNsekZHWkF2VS9ZMmpLa3ZmY2JqY2piQ3U4TjcyaUNMWlM0CmF1R1IxdkcweHFSZ01tWkRuTHpsSHYyS2NyN2V2OWd0QWtLRWs3Qy9zdTBvZnorb0NuWFdmMG5kMjlVVWp5RGkKZlpKR21CMzVmckcveGZaK1B6K3ZrdjhEbXlyRAotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/get-started/external/otk/customize/bundle/after-start/add_microgateway_user.bundle:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
5 | fa7165ba208f4061b3d99b7646cccde1
6 | USER
7 |
8 |
9 | microgateway.mycompany.com
10 |
11 | cn=microgateway.mycompany.com,ou=apim gateway,o=ca technologies,l=vancouver,st=british columbia,c=ca
12 |
13 |
14 | microgateway.mycompany.com
15 |
16 |
17 |
18 |
19 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSURvVENDQW9rQ0NRRHBpK1p5NzVYcGNEQU5CZ2txaGtpRzl3MEJBUXNGQURDQmtURUxNQWtHQTFVRUJoTUMKUTBFeEdUQVhCZ05WQkFnVEVFSnlhWFJwYzJnZ1EyOXNkVzFpYVdFeEVqQVFCZ05WQkFjVENWWmhibU52ZFhabApjakVZTUJZR0ExVUVDaE1QUTBFZ1ZHVmphRzV2Ykc5bmFXVnpNUlV3RXdZRFZRUUxFd3hCVUVsTklFZGhkR1YzCllYa3hJakFnQmdOVkJBTVRHVTFwWTNKdloyRjBaWGRoZVNCVVpYTjBJRkp2YjNRZ1EwRXdIaGNOTVRjeE1URTEKTWpJMU5qQTNXaGNOTWpFd09ERXhNakkxTmpBM1dqQ0JrakVMTUFrR0ExVUVCaE1DUTBFeEdUQVhCZ05WQkFnTQpFRUp5YVhScGMyZ2dRMjlzZFcxaWFXRXhFakFRQmdOVkJBY01DVlpoYm1OdmRYWmxjakVZTUJZR0ExVUVDZ3dQClEwRWdWR1ZqYUc1dmJHOW5hV1Z6TVJVd0V3WURWUVFMREF4QlVFbE5JRWRoZEdWM1lYa3hJekFoQmdOVkJBTU0KR20xcFkzSnZaMkYwWlhkaGVTNXRlV052YlhCaGJua3VZMjl0TUlJQklqQU5CZ2txaGtpRzl3MEJBUUVGQUFPQwpBUThBTUlJQkNnS0NBUUVBdDUzY29FZFJ4MElIOS9TVFB1bmZpTDZJSjZmZ08rYkRvbTd0cjRKUWduZk0zNzlRCnV5UTNGOTZEVXRZOUQyeWlEQm5vc0RvREluYUl1eHFaeThrSmNBOFljYVNtd1dndnk0UlpJVzVEN2t1QnZLTC8KTkQrdm5jdUE4WkFXLzM4UnVpWWJETFRUUFE1WkdBNzFkSTUzbHFvMDBnS0VxNjJqUFVueEFpMGIwQnd0R2xVNQo2TTZZY292YUNCUEp0bnl4eG5QdzgrK09IN25rcVRkZEczaWFNMWQ2YUFHSkdsOGtyNzhKbm95QVFyL1NWQmhJCnJaRzZSWUUxMkZHc1NWbWhpemdRSWp4NWkvcnhicElQZjN0YVFNMDBIQnREOHJMdWpoUjd3MVg2NUgwbnhjQ0sKVmVVSTJtRDJ0clpDaWs1MmhPK0xRNXNpdmorcHg4QmZHdVlFV3dJREFRQUJNQTBHQ1NxR1NJYjNEUUVCQ3dVQQpBNElCQVFBMVJtZ1JHeVZ4UksxdnpjOWd6ZnNKd3VaMzlKbTJkamtQT3N6aWxnMnk4cGJ6SFI1eU05RWdoYlYyCmhHODZPQlRxNTk3cTJpeWs5bzlOaFQ4UWlnZ3pxSkpoU3JJNE1FSzdmNGlSSGIyLzFwZ09YNWFzcDRMWjd4Y04KSDlla2NFOGE5SDlLZmhZNm56UGg2OFowZjFKaG8yRnZKeEZBVFBFY2lrR24yNUJUZFBsSjBRMC9DZWVsWWdGKwpteUwzVndaT25ERGNYTTdmbDZ3MGRDUTZPWUc4OFNsekZHWkF2VS9ZMmpLa3ZmY2JqY2piQ3U4TjcyaUNMWlM0CmF1R1IxdkcweHFSZ01tWkRuTHpsSHYyS2NyN2V2OWd0QWtLRWs3Qy9zdTBvZnorb0NuWFdmMG5kMjlVVWp5RGkKZlpKR21CMzVmckcveGZaK1B6K3ZrdjhEbXlyRAotLS0tLUVORCBDRVJUSUZJQ0FURS0tLS0tCg==
20 |
21 |
22 |
23 |
24 |
25 |
26 |
27 |
28 |
29 |
30 |
--------------------------------------------------------------------------------
/img/ca-microgateway-diagram_draw-io.xml:
--------------------------------------------------------------------------------
1 |
2 | 7Vxdc6M2FP01fowHEGD86DjxdmeybabZmXafMjLItrqAKMiJ019fCSQMEjjYhsS7mzwkcBGS0D0690NSRmAe7T6lMNl8IQEKR5YR7EbgZmRZpgFs9odLXgqJa7qFYJ3iQBTaCx7wf0i+KaRbHKCsVpASElKc1IU+iWPk05oMpil5rhdbkbDeagLXSBM8+DDUpX/hgG4KqecYe/lvCK83smXTEE+W0P++Tsk2Fu2NLLDKf4rHEZR1ifLZBgbkuSICtyMwTwmhxVW0m6OQj60ctuK9RcvTst8pimmXFxyveOMJhlsku5x3jL7IwUBxMONjyu78EGYZ9kfgekOjkAlMdrkiMZ2TkKR5cWDkP0yOdpj+zWTG2BF33/gdv45p+lJ5xG+/idrym3uU4ghRlIoXij6hQNPa/juFKCPb1BelbIFCCtM1EsUAKEeZoRcR1kr6wso879UstbypaFjKUhRCip/q3YACbeuyurKFe4JZBy1jVwKleEXMC3ti1Ksoui/equpNrchVKrKUiopv1ipiF5XP3otyWLRAZNoAETekQvM1rLj/bol8cJXl03rGCphGsts/ZFdr/vd+uwxxthnxrhf1LVP5TEpY54pGpFjBJkU7Wkdjili7cJkX4NBJ+BDkg+Jcj5wbJoEhXscczAw7HGHXTyilmE3+mXgQ4SDg71+HcInC63JKS5DHJEYHcC+Gi1WKdjWcCLYSnduTQBXGxYTU8SlqujLGxsSdngdGgRnTqb9BVqsMnYsW22xCC4wSNjDxMksK3b7zvTH764H3mel/nbIhJLEGrFzhKBAget5gih4SmDPLM7N5dcytOS2Koj6JOEHm14fxk9GUfC/tS86kOAw7gkwDcd7WPclw/jkN6L5TCpQoV+G/JJSS6BCQNd5txatrTmo8ZUnCq/Ct6Xo64ZrAaMdzDZ8HwNjBuDEDnPDLaLfmrszYx5lPxhnytymmL+MVTtEz5A1U9R3AbFNio6o0riHgetNJqd7KE+EIqIq3DuioVIWqI0qSk3H3GqRCtNpzbYOJ1QDRqn1LalYyzhRo2remuvLdyfm6N+0BPZvSf6l6LxVnRvVfpCtkVh2h0i1q9nZecW68Bt/GavST3svZmUzrLop7oq8DQN3XYTUP5etIk1gBzWxLuYuSofQJs7FXIVSjggp0VF6BzxkYPyXx4xpSxigvOnEsHM9hcROb1SkMMNojT0zbPoyMNahFeYWteiAUFQqeM3Y0RnEbGGVi9cAok7dglI4R0YHgqoFRSpSah/RQ5RI5Ey6ES4DrKJZEqaIrmdjTOoKm9mBcMmBo3clCSHOgh7+Xo9Zp3UZo1N5ZrZNXKupPr5Ye4XzBfkpKC2HMzrMSOM4ojH2km4gAIm/lv4ct0JxZ1/fQctUPq6tBginvKyCcNoCwjxBBTsp2bepJhw9tHqVN1347bQJNm3OegLrjFMUm5v1n9nueIkjZl3+o9Ry1WqalqdWU49+7XnW/fADX6/2COWmWq6bauixT7XhKFGafmrq26kCyncFS15b7C8LmspIAGmzME2HjKrAB3nCwGXJR7FJhY14WbGwlc3gq26iwGS7eA00rH32jxjwSNX2mB16D0IWlDByZAT43ZWCqseUEDIYhPRq55aPJnNZZ6b9+EhlEFVzNSxmb7TJ7hHEgE4/ZeI1ipn+/kon8ZZY2Sld51Oz9HrO0peYiTRnUVFORrg7vid2O5K7+MNDjHLliHuAnXrn44P2qu/h0bRVevpclMK7hSRbcb2m58ouh5VCkKYwzMVhanTlY8zBaYuzQAn/RsibOP6Rl2f8D6m8KdS27ZoCGvLtt6WC3e1jJA3re/Q5GywBqsDgqgg/zOh5X29gv9KRiwGHOwnwxupwFmWb4nL5MA7Ok2Dy3wjs+bL0s+EsTJqHiuRpQQMMCjX3AvncGiu63P4DzQJIBHRe3hmPZ4IJw0fdC3SC48FRc6FsBGnHRB4HoO9g+k6/nAYP9esTFXrcLZ40fAR0TjTXeDh0ysjwUtx0FDT8k20AHxsWt7w8yza26pwAmevIfOLoiLdCDIvXgSVPkuXuZu2VhDiV5Rk0x8knxtv2u4bWphD9aGrdzeK1kCG1jsMSe3BDeutinRikBekIhSXjc1BKB4Cg/SlDFUDNtvsq2h+d53s5MzlijafqKrtxsKOXHJGZ8pKyFH8T2GPskXuE4QOmYUQsPriBl7vOCyzP2l1XGoqQMUevxPl4zAV+zW2zZuJjjhAna2anfTaw9MJDtGeP6XhFgdnNBpewsDuqw4sD1m7R+aZdN4odHQD1kYHqm9v1eAzGo+bFTvr/DOt1RtpRDMNNt6Y11A24uwAVv3Spb4qD7XlmrG0h78Hg6YPQoJUVkiUP06Ic4//4LV1aL23Oi9qTR0qeYdGmbbO852uuwC/E47cGY2Y2IffwjtwYkPxNw2SrsY75JjZUnsd7ORrzJPlLd8zzzZF3V9Ww5pPRGnqfX06ZB7RDdgJ5n05JyH4fo5mzKbiOxuSn7kY/NpYRC4ROffYqumGKtc//KGAPbUnYU94LN+mLzlcIW/ZywazqP2XOY+25Hdh1HJ5vCkL4b26hHdk+Oc9+ObZymlFavR3Z/pvO6vRLP9DXisSb1nS1XVi8wldXIf7gwAPE4evYExgETRCTVD0bpmq4vpUql6NmC7vpuOpZbP7jb79pqKzSOSJBO6n4ncPQEqdvAZur5/pPivi5HIhlhP4hbktINWZMYhrd7qTLANf3ClEqzQ1gjUrbAvEt58X8QpS/i/33ALSVMtG/ljvBMWYeDL0Nalc7zsHNKRM+J5DTqj8SGHpVL/3iOf/6E45+f7+4+z37/yq6h77P2Kc4Tj0n+2+QRxgLtkL/luvjRcpDABu+Yg3R16z/PUzNZu91u2zWUB9yaG3DFSR/6Gxyjhjr50yxi8z7ZkNYC+QJsp70+H4akOctr1N1Ja6JnMMoytcP1x+8/Y7f7f0lUeA77//sEbv8H
--------------------------------------------------------------------------------
/get-started/get-further/register-google-tls-certificate.md:
--------------------------------------------------------------------------------
1 | ## Register the Google Root TLS certificate in the Gateway
2 |
3 | 1. Open the Docker Compose file of the Gateway: `get-started/docker-compose/docker-compose.yml`
4 | 2. Add the following environment variables to the `ssg` service under the `environment` section:
5 | ```
6 | CERT_0: "LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVYRENDQTBTZ0F3SUJBZ0lOQWVPcE1CejhjZ1k0UDVwVEhUQU5CZ2txaGtpRzl3MEJBUXNGQURCTU1TQXcKSGdZRFZRUUxFeGRIYkc5aVlXeFRhV2R1SUZKdmIzUWdRMEVnTFNCU01qRVRNQkVHQTFVRUNoTUtSMnh2WW1GcwpVMmxuYmpFVE1CRUdBMVVFQXhNS1IyeHZZbUZzVTJsbmJqQWVGdzB4TnpBMk1UVXdNREF3TkRKYUZ3MHlNVEV5Ck1UVXdNREF3TkRKYU1GUXhDekFKQmdOVkJBWVRBbFZUTVI0d0hBWURWUVFLRXhWSGIyOW5iR1VnVkhKMWMzUWcKVTJWeWRtbGpaWE14SlRBakJnTlZCQU1USEVkdmIyZHNaU0JKYm5SbGNtNWxkQ0JCZFhSb2IzSnBkSGtnUnpNdwpnZ0VpTUEwR0NTcUdTSWIzRFFFQkFRVUFBNElCRHdBd2dnRUtBb0lCQVFES1VrdnFIdi9PSkd1bzJuSVlhTlZXClhRNUlXaTAxQ1haYXo2VElITEdwL2xPSis2MDAvNGhibjd2bjZBQUIzRFZ6ZFFPdHM3RzVwSDBySm5uT0ZVQUsKNzFHNG56S01mSENHVWtzVy9tb25hK1kyZW1KUTJOK2FpY3dKS2V0UEtSU0lnQXVQT0I2QWFoaDhIYjJYTzNoOQpSVWsyVDBITm91QjJWenhvTVhsa3lXN1hVUjVtdzZKa0xIbkE1MlhEVm9SVFdrTnR5NW9DSU5MdkdtblJzSjF6Cm91QXFZR1ZRTWMvN3N5Ky9FWWhBTHJWSkVBOEtidHlYK3I4c253VTVDMWhVcndhVzZNV09BUmE4cUJwTlFjV1QKa2FJZW9Zdnkvc0dJSkVtalIwdkZFd0hkcDFjU2FXSXI2LzRnNzJuN09xWHdmaW51N1pZVzk3RWZvT1NRSmVBegpBZ01CQUFHamdnRXpNSUlCTHpBT0JnTlZIUThCQWY4RUJBTUNBWVl3SFFZRFZSMGxCQll3RkFZSUt3WUJCUVVICkF3RUdDQ3NHQVFVRkJ3TUNNQklHQTFVZEV3RUIvd1FJTUFZQkFmOENBUUF3SFFZRFZSME9CQllFRkhmQ3VGQ2EKWjNaMnNTM0NodENEb0g2bWZycExNQjhHQTFVZEl3UVlNQmFBRkp2aUIxZG5IQjdBYWdiZVdiU2FMZC9jR1lZdQpNRFVHQ0NzR0FRVUZCd0VCQkNrd0p6QWxCZ2dyQmdFRkJRY3dBWVlaYUhSMGNEb3ZMMjlqYzNBdWNHdHBMbWR2CmIyY3ZaM055TWpBeUJnTlZIUjhFS3pBcE1DZWdKYUFqaGlGb2RIUndPaTh2WTNKc0xuQnJhUzVuYjI5bkwyZHoKY2pJdlozTnlNaTVqY213d1B3WURWUjBnQkRnd05qQTBCZ1puZ1F3QkFnSXdLakFvQmdnckJnRUZCUWNDQVJZYwphSFIwY0hNNkx5OXdhMmt1WjI5dlp5OXlaWEJ2YzJsMGIzSjVMekFOQmdrcWhraUc5dzBCQVFzRkFBT0NBUUVBCkhMZUpsdVJUN2J2czI2Z3lBWjhzbzgxdHJVSVNkN080NXNrRFVtQWdlMWNueGhHMVAyY05tU3hiV3NvaUN0MmUKdXg5TFNEK1BBajJMSVlSRkhXMzEvNnhvaWMxazR0YldYa0RDamlyMzd4VFROcVJBTVBVeUZSV1NkdnQrbmxQcQp3bmI4T2EySS9tYVNKdWtjeERqTlNmcERoL0JkMWxaTmdkZC84Y0xkc0UzK3d5cHVmSjl1WE8xaVFwbmg5emJ1CkZJd3NJT05HbDFwM0E4Q2d4a3FJL1VBaWgzSmFHT3FjcGNkYUNJemtCYVI5dVlRMVg0azJWZzVBUFJMb3V6VnkKN2E4SVZrNnd1eTZwbStUN0hUNExZOGliUzVGRVpsZkFGTFNXOE53c1Z6OVNCSzJWcW4xTjBQSU1uNXhBNk5aVgpjN284MzVETEFGc2hFV2ZDN1RJZTNnPT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo="
7 | CERT_0_TRUST_ANCHOR: "true"
8 | CERT_0_TRUSTED_FOR_SIGNING_SERVER_CERTS: "true"
9 | CERT_0_VERIFY_HOSTNAME: "false"
10 | ```
11 |
12 | *Note: CERT_0 contains the Google Internet Authority G3 certificate encoded in base64*
13 |
14 | *Note 2: the certificate will expire on December 14, 2021. You can download a
15 | newer version from https://pki.goog/
16 |
17 | *Note 3: use below command to extract fingerprint of newly downloaded certificate
18 | ```
19 | cat .pem | base64
20 | ```
21 | Replace the fingerprint extracted under CERT_0 key
22 |
23 | 3. Update the Gateway with the new configuration:
24 | ```
25 | docker-compose --project-name microgateway \
26 | --file docker-compose.yml \
27 | --file docker-compose.db.consul.yml \
28 | --file docker-compose.lb.dockercloud.yml \
29 | up -d --build
30 | ```
31 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/microgateway/add-ons/bundles/README.md:
--------------------------------------------------------------------------------
1 | ## Extending Quick Start Templates with Bundles
2 | The Quick Start Solution may be extended by importing RESTMAN bundles on startup. This allows us and customers to mix-and-match solutions that they intend to use with the Gateway, producing a smaller, purpose-tailored image.
3 |
4 | _Template design functionality is limited to CA customers for Beta due to access of other tools such as Policy Manager. If you are a CA customer and wish to design Quick Start templates, please sign up on https://validate.ca.com for project "CA API Management (APIM)/Beta Releases - CA Microgateway - supporting tools"_
5 |
6 | Instructions: https://docops.ca.com/ca-api-gateway/9-2/en/ca-microgateway-beta/add-functionality-to-the-ca-microgateway
7 |
8 | ### How Does it Work?
9 | On startup, the Gateway will look in the directory `/opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/` for files ending in `.bundle`, and loads them in natural order. For this reason, we generally name them with numbers indicating the order in which they shoulud be loaded, e.g. `60_consul.bundle`.
10 |
11 | * Drop your templates under ./get-started/docker-compose/add-ons/bundles
12 | * Run a Docker build using `docker build -f ./get-started/docker-compose/add-ons/Dockerfile.addon` or use `./get-started/docker-compose-build-ssg.yml`
13 |
14 | ## Bundle-Specific Information ##
15 |
16 | ### consul.bundle ###
17 | Consul Service Discovery Support
18 | This bundle contains an encass (ConsulLookup) to support service discovery via Consul.
19 | It retrieves a list of nodes providing a particular service, and performs routing.
20 |
21 | Baking container image with consul template:
22 | * The consul bundle is located under `get-started/docker-compose/add-ons/bundles`
23 | ```
24 | cd get-started/docker-compose
25 | docker-compose -f docker-compose-build-ssg.yml -f docker-compose.dockercloudproxy.yml up -d --build
26 | ```
27 |
28 | Caveats:
29 | The bundle may be modified to include the address of the Consul agent against which lookups should be performed. To make this modification, open consul.bundle as text, find the string literal CONSUL_ADDRESS_GOES_HERE (line 23 at the time of writing), and replace it with the address of the local Consul agent (e.g. http://localhost:8500).
30 |
31 | Inputs:
32 | * Service name (serviceName) - the name of the service in Consul
33 | * URL scheme (scheme) - the scheme that should be used in accessing the service (e.g. http:// for HTTP connections, https:// for HTTPS connections). This string will be prepended to the selected node's address.
34 | * (optional) Path prefix (pathPrefix) - the URL prefix that should be appended to the node's address to form the service's base URL (e.g. for Consul's v1 API, this value would be /v1).
35 | * Routing strategy (routingStrategy) - a string specifying what routing strategy should be used. Currently, the only supported value is roundRobin.
36 | * (optional) Consul agent address (consul.agentAddr) - the URL of the Consul agent (excluding the /v1 prefix) which should be used for service lookup. This takes prescedence over the cluster property of the same name, but the cluster property should be preferred in general. (ex: http://10.10.0.100:8500)
37 | * (optional) Consul ACL token (consul.token) - a Consul ACL token to be used in discovering service instances. The token used should have the node:read and service:read permissions.
38 | Outputs:
39 | * Service base URL (service.baseUrl) - A usable address that can be thought of as analogous to the targetUrlinput of the RouteHttp encass. It will include the scheme and pathPrefix from the input options (e.g. given scheme=http://, pathPrefix=/v2, service.baseUrl may be http://172.16.0.9:5400/v2).
40 |
--------------------------------------------------------------------------------
/get-started/external/oauth-clients/tiny-oauth-client/src/client/client.go:
--------------------------------------------------------------------------------
1 | package main
2 |
3 | import (
4 | "context"
5 | "crypto/tls"
6 | "io/ioutil"
7 | "log"
8 | "net/http"
9 | "net/url"
10 | "time"
11 |
12 | "golang.org/x/oauth2"
13 | )
14 |
15 | // OAuthClient configure the OAuth2 client
16 | type OAuthClient struct {
17 | config *oauth2.Config
18 | state string
19 | token *oauth2.Token
20 | client *http.Client
21 | resource string
22 | }
23 |
24 | // validateState returns true if the received state passed in argument
25 | // matches the state configured in OAuthClient
26 | func (c *OAuthClient) validateState(state string) bool {
27 | return (c.state == state)
28 | }
29 |
30 | var oauth = OAuthClient{
31 | config: &oauth2.Config{
32 | ClientID: "f7c232ef-0da1-4de0-a14e-23704b0bc177",
33 | ClientSecret: "4f15ba20-caf5-4732-9a53-afd5ad542146",
34 | Scopes: []string{"HOTELS_INVENTORY_READ"},
35 | RedirectURL: "http://IP:8081/callback",
36 | Endpoint: oauth2.Endpoint{
37 | AuthURL: "https://otk.mycompany.com:8443/auth/oauth/v2/authorize",
38 | TokenURL: "https://otk.mycompany.com:8443/auth/oauth/v2/token",
39 | },
40 | },
41 | state: "state_oauth",
42 | client: &http.Client{
43 | Timeout: time.Second * 10,
44 | Transport: &http.Transport{
45 | TLSClientConfig: &tls.Config{InsecureSkipVerify: true},
46 | },
47 | },
48 | resource: "https://gateway.mycompany.com/hotels/inventory?inDate=a&outDate=b",
49 | }
50 |
51 | // Handle the authorize callback endpoint
52 | //TODO:
53 | // - check errors sent by the OAuth server to this callback
54 | // - check the OAuth code is not empty
55 | func oauthCallbackHandler(w http.ResponseWriter, r *http.Request) {
56 | // Set the HTTP context
57 | var ctx = context.WithValue(context.Background(), oauth2.HTTPClient, oauth.client)
58 |
59 | // Parse the HTTP inputs
60 | r.ParseForm()
61 |
62 | // Validate the OAuth state
63 | if !oauth.validateState(r.FormValue("state")) {
64 | http.Error(w, "Received OAuth state mismatched", http.StatusBadRequest)
65 | return
66 | }
67 |
68 | // Get the OAuth token
69 | oauthCode := r.FormValue("code")
70 | log.Println("OAuth code: ", oauthCode)
71 |
72 | token, err := oauth.config.Exchange(ctx, oauthCode)
73 | if err != nil {
74 | log.Println(err)
75 | http.Error(w, "Failed to retrieve the OAuth token", http.StatusBadRequest)
76 | return
77 | }
78 | oauth.token = token
79 | log.Println("OAuth token: ", oauth.token)
80 |
81 | // Get the http client
82 | oauth.client = oauth.config.Client(ctx, oauth.token)
83 | }
84 |
85 | // Authorize callback server
86 | func oauthCallbackServer() {
87 | redirectURL, err := url.Parse(oauth.config.RedirectURL)
88 | if err != nil {
89 | log.Fatal(err)
90 | }
91 | http.HandleFunc(redirectURL.EscapedPath(), oauthCallbackHandler)
92 | log.Fatal(http.ListenAndServe(":"+redirectURL.Port(), nil))
93 | }
94 |
95 | func main() {
96 | go oauthCallbackServer()
97 |
98 | if oauth.token == nil {
99 | url := oauth.config.AuthCodeURL(oauth.state, oauth2.AccessTypeOffline)
100 | log.Printf("Visit the URL for the auth dialog: \n%v\n", url)
101 | }
102 |
103 | log.Println("Waiting for the OAuth token from ", oauth.config.Endpoint.AuthURL)
104 | for oauth.token == nil {
105 | time.Sleep(1 * time.Second)
106 | }
107 |
108 | log.Println("Getting resource")
109 | resp, err := oauth.client.Get(oauth.resource)
110 | if err != nil {
111 | log.Fatal("Error getting the resource: ", err)
112 | }
113 |
114 | log.Println(resp)
115 | body, _ := ioutil.ReadAll(resp.Body)
116 | log.Println("Response headers: ", resp.Header)
117 | log.Printf("Response body: %s", body)
118 | }
119 |
--------------------------------------------------------------------------------
/get-started/external/mag/customize/bundle/after-start/ca_msso_cert.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | ca_msso
4 |
5 | CN=ca_msso
6 | CN=ca_msso
7 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVvVENDQTRtZ0F3SUJBZ0lKQU02OFZIQ2lXMzRQTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdSTVFzd0NRWUQKVlFRR0V3SkRRVEVaTUJjR0ExVUVDQk1RUW5KcGRHbHphQ0JEYjJ4MWJXSnBZVEVTTUJBR0ExVUVCeE1KVm1GdQpZMjkxZG1WeU1SZ3dGZ1lEVlFRS0V3OURRU0JVWldOb2JtOXNiMmRwWlhNeEZUQVRCZ05WQkFzVERFRlFTVTBnClIyRjBaWGRoZVRFaU1DQUdBMVVFQXhNWlRXbGpjbTluWVhSbGQyRjVJRlJsYzNRZ1VtOXZkQ0JEUVRBZUZ3MHgKTnpBNE1ERXhOakEyTURWYUZ3MHpOREF4TURReE5qQTJNRFZhTUlHUk1Rc3dDUVlEVlFRR0V3SkRRVEVaTUJjRwpBMVVFQ0JNUVFuSnBkR2x6YUNCRGIyeDFiV0pwWVRFU01CQUdBMVVFQnhNSlZtRnVZMjkxZG1WeU1SZ3dGZ1lEClZRUUtFdzlEUVNCVVpXTm9ibTlzYjJkcFpYTXhGVEFUQmdOVkJBc1RERUZRU1UwZ1IyRjBaWGRoZVRFaU1DQUcKQTFVRUF4TVpUV2xqY205bllYUmxkMkY1SUZSbGMzUWdVbTl2ZENCRFFUQ0NBU0l3RFFZSktvWklodmNOQVFFQgpCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOUU1xT2w1MndlY0RMN1p3MmdpNUpJM2ptU0RxZkgxOU0rZHZsd2l1S00xCm85OFpieUoybDFqSEJjem5rV2NHWFQ3OXV5NmsvN2RGTEJyekJGdmViY3h2UlhBQi95dlgxWnRCY0RQQWZsT28KaDYzTlpMdlBlNmpIUXgzaXRkYkRyNE1FSUh0WnhsWVRxV0xJTHFyWHU4KytFN2hybEVsQ2NRUEF3bXBZT2w5LworU3ovVW9BdDNHSS9xOXVSSFduTGR2Q3Z3SEl5bUdmVzBvTmlHd3pWOVB3b0prcTlMTGxFejFLNjRBcE1xRWNECndMMjVRQk5OeWc5MDlMeTBRdkVZU1ZkU3RIUWdxaUlFTE1CTEVncERONmZWbG9taEJjTGJEZmtpemdCNFg4eUMKNUFac0dFNkVLZitaY3RkMWhpNkI3T2pkdjVvMUxDRUliUUNtRDB5TmhlY0NBd0VBQWFPQitUQ0I5akFkQmdOVgpIUTRFRmdRVW9vc1VnVkNJRHQ4VE1XNXQ1RTNiQ2ROd0hSSXdnY1lHQTFVZEl3U0J2akNCdTRBVW9vc1VnVkNJCkR0OFRNVzV0NUUzYkNkTndIUktoZ1pla2daUXdnWkV4Q3pBSkJnTlZCQVlUQWtOQk1Sa3dGd1lEVlFRSUV4QkMKY21sMGFYTm9JRU52YkhWdFltbGhNUkl3RUFZRFZRUUhFd2xXWVc1amIzVjJaWEl4R0RBV0JnTlZCQW9URDBOQgpJRlJsWTJodWIyeHZaMmxsY3pFVk1CTUdBMVVFQ3hNTVFWQkpUU0JIWVhSbGQyRjVNU0l3SUFZRFZRUURFeGxOCmFXTnliMmRoZEdWM1lYa2dWR1Z6ZENCU2IyOTBJRU5CZ2drQXpyeFVjS0piZmc4d0RBWURWUjBUQkFVd0F3RUIKL3pBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQUNXV2U3UzVKRXlmRkRKejhaaDZxekZaQjRHL1F1OGFRamg5WQpMZUcxQTRVbTBiN3JYcWZGRjVoTUFiMXlvZ3RGV3FPcUpiL0FWYXZycjlFQTJPejd1NEM0WmlpY2E4aEpnb2RkClhjV2d6dnJmL2NiN3JDSEFUdmErbzFic1J3ZzRkZ3dtQi9LSlVQcHJidXBWWjEydU5uekRQY3JaTUdNaFVrOEIKYnpjVmdrRm43T3QvT0M0VEdxZERkT04wckozR3JqbHN3L252bGloem96NjhtR2RrRzFoWXNoT3dRQkZ3ZUFrdAp4ZEVJYWFIWGxDWmRWaXRIaDdjVVhHNWFkMEw2bUFZL2xSdHM0WGxDek0vaEhMVFNQNHhEcmpYanB0ejUzL1dRCmEvLzlGMkNqSXhXLzF2aVZ5RTdCOUpTc0NqY0p6dm5OYytjTE0rVnVtSjVCamNFWUV3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
8 |
9 |
10 |
11 | true
12 |
13 |
14 | true
15 |
16 |
17 | true
18 |
19 |
20 | true
21 |
22 |
23 | true
24 |
25 |
26 | true
27 |
28 |
29 | true
30 |
31 |
32 | false
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/get-started/external/otk/customize/bundle/after-start/ca_msso_cert.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | ca_msso
4 |
5 | CN=ca_msso
6 | CN=ca_msso
7 | LS0tLS1CRUdJTiBDRVJUSUZJQ0FURS0tLS0tCk1JSUVvVENDQTRtZ0F3SUJBZ0lKQU02OFZIQ2lXMzRQTUEwR0NTcUdTSWIzRFFFQkN3VUFNSUdSTVFzd0NRWUQKVlFRR0V3SkRRVEVaTUJjR0ExVUVDQk1RUW5KcGRHbHphQ0JEYjJ4MWJXSnBZVEVTTUJBR0ExVUVCeE1KVm1GdQpZMjkxZG1WeU1SZ3dGZ1lEVlFRS0V3OURRU0JVWldOb2JtOXNiMmRwWlhNeEZUQVRCZ05WQkFzVERFRlFTVTBnClIyRjBaWGRoZVRFaU1DQUdBMVVFQXhNWlRXbGpjbTluWVhSbGQyRjVJRlJsYzNRZ1VtOXZkQ0JEUVRBZUZ3MHgKTnpBNE1ERXhOakEyTURWYUZ3MHpOREF4TURReE5qQTJNRFZhTUlHUk1Rc3dDUVlEVlFRR0V3SkRRVEVaTUJjRwpBMVVFQ0JNUVFuSnBkR2x6YUNCRGIyeDFiV0pwWVRFU01CQUdBMVVFQnhNSlZtRnVZMjkxZG1WeU1SZ3dGZ1lEClZRUUtFdzlEUVNCVVpXTm9ibTlzYjJkcFpYTXhGVEFUQmdOVkJBc1RERUZRU1UwZ1IyRjBaWGRoZVRFaU1DQUcKQTFVRUF4TVpUV2xqY205bllYUmxkMkY1SUZSbGMzUWdVbTl2ZENCRFFUQ0NBU0l3RFFZSktvWklodmNOQVFFQgpCUUFEZ2dFUEFEQ0NBUW9DZ2dFQkFOUU1xT2w1MndlY0RMN1p3MmdpNUpJM2ptU0RxZkgxOU0rZHZsd2l1S00xCm85OFpieUoybDFqSEJjem5rV2NHWFQ3OXV5NmsvN2RGTEJyekJGdmViY3h2UlhBQi95dlgxWnRCY0RQQWZsT28KaDYzTlpMdlBlNmpIUXgzaXRkYkRyNE1FSUh0WnhsWVRxV0xJTHFyWHU4KytFN2hybEVsQ2NRUEF3bXBZT2w5LworU3ovVW9BdDNHSS9xOXVSSFduTGR2Q3Z3SEl5bUdmVzBvTmlHd3pWOVB3b0prcTlMTGxFejFLNjRBcE1xRWNECndMMjVRQk5OeWc5MDlMeTBRdkVZU1ZkU3RIUWdxaUlFTE1CTEVncERONmZWbG9taEJjTGJEZmtpemdCNFg4eUMKNUFac0dFNkVLZitaY3RkMWhpNkI3T2pkdjVvMUxDRUliUUNtRDB5TmhlY0NBd0VBQWFPQitUQ0I5akFkQmdOVgpIUTRFRmdRVW9vc1VnVkNJRHQ4VE1XNXQ1RTNiQ2ROd0hSSXdnY1lHQTFVZEl3U0J2akNCdTRBVW9vc1VnVkNJCkR0OFRNVzV0NUUzYkNkTndIUktoZ1pla2daUXdnWkV4Q3pBSkJnTlZCQVlUQWtOQk1Sa3dGd1lEVlFRSUV4QkMKY21sMGFYTm9JRU52YkhWdFltbGhNUkl3RUFZRFZRUUhFd2xXWVc1amIzVjJaWEl4R0RBV0JnTlZCQW9URDBOQgpJRlJsWTJodWIyeHZaMmxsY3pFVk1CTUdBMVVFQ3hNTVFWQkpUU0JIWVhSbGQyRjVNU0l3SUFZRFZRUURFeGxOCmFXTnliMmRoZEdWM1lYa2dWR1Z6ZENCU2IyOTBJRU5CZ2drQXpyeFVjS0piZmc4d0RBWURWUjBUQkFVd0F3RUIKL3pBTkJna3Foa2lHOXcwQkFRc0ZBQU9DQVFFQUNXV2U3UzVKRXlmRkRKejhaaDZxekZaQjRHL1F1OGFRamg5WQpMZUcxQTRVbTBiN3JYcWZGRjVoTUFiMXlvZ3RGV3FPcUpiL0FWYXZycjlFQTJPejd1NEM0WmlpY2E4aEpnb2RkClhjV2d6dnJmL2NiN3JDSEFUdmErbzFic1J3ZzRkZ3dtQi9LSlVQcHJidXBWWjEydU5uekRQY3JaTUdNaFVrOEIKYnpjVmdrRm43T3QvT0M0VEdxZERkT04wckozR3JqbHN3L252bGloem96NjhtR2RrRzFoWXNoT3dRQkZ3ZUFrdAp4ZEVJYWFIWGxDWmRWaXRIaDdjVVhHNWFkMEw2bUFZL2xSdHM0WGxDek0vaEhMVFNQNHhEcmpYanB0ejUzL1dRCmEvLzlGMkNqSXhXLzF2aVZ5RTdCOUpTc0NqY0p6dm5OYytjTE0rVnVtSjVCamNFWUV3PT0KLS0tLS1FTkQgQ0VSVElGSUNBVEUtLS0tLQo=
8 |
9 |
10 |
11 | true
12 |
13 |
14 | true
15 |
16 |
17 | true
18 |
19 |
20 | true
21 |
22 |
23 | true
24 |
25 |
26 | true
27 |
28 |
29 | true
30 |
31 |
32 | false
33 |
34 |
35 |
36 |
--------------------------------------------------------------------------------
/get-started/external/mag/customize/bundle/after-start/ca_msso_key.xml:
--------------------------------------------------------------------------------
1 |
2 | MIIK4QIBAzCCCqcGCSqGSIb3DQEHAaCCCpgEggqUMIIKkDCCBUcGCSqGSIb3DQEHBqCCBTgwggU0AgEAMIIFLQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIRqNPAHzoSxwCAggAgIIFAIbeQT5657oJIxUiuk/g8B5WutgBUgcuW58ODy6PXUK6I7W024TgsfxQ/o4WOWIl6djZBU5Xsyp5u/7pgzQ21nYn8qoZzRXewkLKYQ3rQxhDzgk8F918X1zUGDyNHeI5ANhmKVv83spz41PAc7jeSgnpTBc4DvpBkXClle9Ju2gnktx4Ab79xB+YnaPOaEzPLdOvNcboVdv8MS2BoL0x1p/FGogWPGQmqecV3ekix4HjHdlqonO7UN/4oHuaZZ6l9RBrl9wmWOtpuUPUTsYlrVc1G2XtrPoljZWqSU2CdCFAr1YVOeUOYRXtGF6xsFVtOUw506lpck4O9Po++MZorXv94i/YGYKSWsI5JUpwAYu54lEyoXsIRdpn5u+xNy3jgpxtILvpelZFWFOV0btKxLcqVNOTewVSL0k4/VbZsTaXvIXjuGGgBNAGb/RWU5WQO6C/VLUZ2FDKOIYDPN0wCFdMAQj3I4i8YGxRaLVs95uZLfb4JO+Dfcq5eR0InXtIJUTcu8G+Xz2u4cC8VazzRFjrcydEDYfeVVa9RqmhjFSTp89QbUBl+FVtzbIteC/HmZvAeybMxqAUeEkI8BOQABbnnOMqgz29EziUY35kTa/Twwl0uS81y6Kl+HIriYo3GkMsoSyuNh6Mkk/oJXQ9TqEUYB0YCetv8S51JkHgPL/+4HwWhqV0pWVE4zMBtUwR0BVk4yBsqYEd7pwJeoTDj2wjvkqVe9OfvtY1dJ+6IlaAu+ql1OA5GM8tJnpaEGa3h4go+j35TC7DhlIOkOjBSEhxVKyiMjgjvnMPDQ+2jMlbcNSY2qc58q7QiqBfc25xou4LGripgxDfSQ22xV56CmGAD39O5RPEKzW1jNH94DTO1G4Uig3cD3Nh4VlLdVYJDHZw56QVStG/f/RURVcq46dJEQnFi7CCul7adwvKoJVxoTPEQufOcLBJzz09T8O+MvWm5blXmFGqhRLYRXYYGhqpL4wBOqKzxZQlgArofcK2v738eBKRQRK2vgyitFe6Ct+lPbhmHXH52mPThu3eBcjfFmifbdqa8XMN/+Sca9NuhoO0YTA/cLw+ZABynTna2coU0ABdAcsPx9q9llm416IdZ1+h2oCUehRuIpJ+Zo2dydwED04GPoVax9hmNmHRA8aiz1j0fmFi09bTMtYgR6WpV0hgGPZc9aKfffuEFKEu/SW2221wTUsflqrxV5KMwkPhwjm46U7JKzFZ0MYQt3PtYRU8EKT64m2nKp+WvRn9jdR7HBmBJh5YvvJydIIKUAXgOzsK4iZRvked3XVOUQpPJ8bTehqQgNCkBFSSNHrKnaFzZxBS1/JkC33riXXHBTX+2s/LlZzvjWk/k+LmQQapDtQSE35h/uxgZxDt8WFeNa0dN/K5V88xveXUcfxSOS6ETCzhO8RMgOshmivHkdhai5KU4vai9fUoev5IRR94oCiu44bCxyLAxyTMfNVj5/t8bz/Mx+GAEQhqpIjJohua8NJrMZTi5m0OHxYbv29VQ2qQ2cWX6YAQiNWRwEiV/qqhqSD6lyA2RRV+BC3cYXVrVeXPcX9Pl27EUZ2LMyONZvljylm4NmuHU1TtJz7PrtobOHnyoTeIH/eQDxt59gDr/3U4fXDYpjZDf8usK+wPdBeN7Vmc51LzDkEL218upEbgwsUBPE1n0ZbhiMl6b+iiAQ0y2nqr/+xLznsiXiV8MIIFQQYJKoZIhvcNAQcBoIIFMgSCBS4wggUqMIIFJgYLKoZIhvcNAQwKAQKgggTuMIIE6jAcBgoqhkiG9w0BDAEDMA4ECFebRJU9nW1OAgIIAASCBMizSqDqjq1S4riSeenGnqcafFnfgfBJvkbd7R23eORe7nY/yKW63xCRfdcLZsFwkQnVDZcpDUovWCfej6qoW8JgSKwQofvFzp7+6DBm2IsDo1U9bJ6oYfpl+NZglFT0BYCrHXpePkdjJscaop9fYKJBYeOeOgosGdvaEuAaJ/4WHqYQVHfCg9gih12VnJkxw6nLhhmUrP3UGPLAH46+ORGNSbRNCMZD1stN5NWDGbWWx7KG/IuMNgKP3YkT45M2NoeCIsUH6pT4WBPT8f4bgp4G5ODKl1ZMsXIQqlAQ6/UKWmPfGbFCsNQPAhU9Cm14HQwHUaoscMr4xTu6QF6JLxCG4VRuIL6UpP/uPK2Lt09XLF/5c2rsXaAe6x2ZjGcWso+HKC8kHoHZZ/wLHoZrEBEgAHFM9Y6h9UXXMeSXUdjSUbGUdd1hu5GyI7m/dFIyP93uzceMOxL6pASvymiFGt0gazPp6tE8lFdEDyR8PklSNW9HD+bfa0HS/+6E81VTPmCZl/sJIwvrCmwfJRafdt9nt45HzFJyimTBqOYJVmBXef9jCUGsBuYrRhQKUavO2F/VDEPwcAgQCw5nud7DnMLeBnNMHHGE6V/SFoy+HM+1GwPoROGcPv8wbjPNY9mc9V4SAzCUjqA3oh3j6wckcyC3+KnQB3W9ALS7/jTobuvUs7nE9p53m63Q8hTwZ/+Uf5HgXBdzH+wwdszX/ZWCb6/j1sQZ4aZMMPLSHfNfDJv4UI8XC51EIaILDZC/4TVn+nI6WVVCDtY8N03wrbo+hPbVg9r9/J2tTIsMh9ijaoURJUPZzBmcgoyN7FrbpMI10d2jUSM5bIsQN+yBbNOAyWHmNnRs51syzRafDgBuWGxHaRrhW/iRJPuAlLKXmP+7/PNjCzeMH3OVvuLFgv9Xh9553XxhMtUQjZ/SQioOhIMkExSbdPcbAALZhx48wF8eM7jMbKpuT4LTMQsVmsO/obWSkHjl4Nf0Lu0aUnuxIS9jV/VRO146UwNqEGy09b8Q97WpRayaVy9Vc0immf4TvqAJwKtYFi7iKtZk67br/7mGwVIZPiZ9SNtjqK9Y6gYCm2Qx1MdKJYJbbYr9a2Cx2wF+Uu4KBIM13KCCBWfdv9MYj1+y+UIC3Yvvx2QLoFAYjFudTI5z+HmUA4yLt3MNfVB8Hbu/5xI/yJL6Mrm83jtFUnd39KPDxXGUi5jMt8TfCh/Lc5QI19m+0q0Vs5zqn04uIo0vkglJaFMBjFwo3mpaqj6g/4C3szokT1yL2sKAWgkDUk7qr+GrbaieMGkXuVdDZTgSi3I/wNvI1aMzVDemN+rKsrDLtuiSMjxUDevqgZ60Uul1YQ0qqDqJ0cqUQvBCGTeyr9lAflnNUmeMm2jSPwfuMvjWq42enhGkwCfQPGI3q1DU5QbEi7mDM/Du22chhDKX7Nb8xIyyM9XzAp7PEguZgdvPjudlscMdRdHfj+F2+oqdb6QPNLeIHGmJLXdY9jJ19ZSNlqK1/wkvR9hW5c6RUQA9nKjAbhUMQf30kFXQNJzbSF/WFTf+ILEPloErBD6oGy+ZncpXcXLuA/BdeFoB36aR/2+A3yH27xEbdZ8/DTxAz11yjwobHgyrChnb+Wfje+gJAAAxJTAjBgkqhkiG9w0BCRUxFgQUyerX5qjmNsZX5DikLU9eGm8mpGgwMTAhMAkGBSsOAwIaBQAEFBi9QNLCU+ASveN+nUA4eXshhk3rBAjSkBc6+GziEQICCAA=
3 |
4 |
5 |
--------------------------------------------------------------------------------
/get-started/external/otk/customize/bundle/after-start/ca_msso_key.xml:
--------------------------------------------------------------------------------
1 |
2 | MIIK4QIBAzCCCqcGCSqGSIb3DQEHAaCCCpgEggqUMIIKkDCCBUcGCSqGSIb3DQEHBqCCBTgwggU0AgEAMIIFLQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIRqNPAHzoSxwCAggAgIIFAIbeQT5657oJIxUiuk/g8B5WutgBUgcuW58ODy6PXUK6I7W024TgsfxQ/o4WOWIl6djZBU5Xsyp5u/7pgzQ21nYn8qoZzRXewkLKYQ3rQxhDzgk8F918X1zUGDyNHeI5ANhmKVv83spz41PAc7jeSgnpTBc4DvpBkXClle9Ju2gnktx4Ab79xB+YnaPOaEzPLdOvNcboVdv8MS2BoL0x1p/FGogWPGQmqecV3ekix4HjHdlqonO7UN/4oHuaZZ6l9RBrl9wmWOtpuUPUTsYlrVc1G2XtrPoljZWqSU2CdCFAr1YVOeUOYRXtGF6xsFVtOUw506lpck4O9Po++MZorXv94i/YGYKSWsI5JUpwAYu54lEyoXsIRdpn5u+xNy3jgpxtILvpelZFWFOV0btKxLcqVNOTewVSL0k4/VbZsTaXvIXjuGGgBNAGb/RWU5WQO6C/VLUZ2FDKOIYDPN0wCFdMAQj3I4i8YGxRaLVs95uZLfb4JO+Dfcq5eR0InXtIJUTcu8G+Xz2u4cC8VazzRFjrcydEDYfeVVa9RqmhjFSTp89QbUBl+FVtzbIteC/HmZvAeybMxqAUeEkI8BOQABbnnOMqgz29EziUY35kTa/Twwl0uS81y6Kl+HIriYo3GkMsoSyuNh6Mkk/oJXQ9TqEUYB0YCetv8S51JkHgPL/+4HwWhqV0pWVE4zMBtUwR0BVk4yBsqYEd7pwJeoTDj2wjvkqVe9OfvtY1dJ+6IlaAu+ql1OA5GM8tJnpaEGa3h4go+j35TC7DhlIOkOjBSEhxVKyiMjgjvnMPDQ+2jMlbcNSY2qc58q7QiqBfc25xou4LGripgxDfSQ22xV56CmGAD39O5RPEKzW1jNH94DTO1G4Uig3cD3Nh4VlLdVYJDHZw56QVStG/f/RURVcq46dJEQnFi7CCul7adwvKoJVxoTPEQufOcLBJzz09T8O+MvWm5blXmFGqhRLYRXYYGhqpL4wBOqKzxZQlgArofcK2v738eBKRQRK2vgyitFe6Ct+lPbhmHXH52mPThu3eBcjfFmifbdqa8XMN/+Sca9NuhoO0YTA/cLw+ZABynTna2coU0ABdAcsPx9q9llm416IdZ1+h2oCUehRuIpJ+Zo2dydwED04GPoVax9hmNmHRA8aiz1j0fmFi09bTMtYgR6WpV0hgGPZc9aKfffuEFKEu/SW2221wTUsflqrxV5KMwkPhwjm46U7JKzFZ0MYQt3PtYRU8EKT64m2nKp+WvRn9jdR7HBmBJh5YvvJydIIKUAXgOzsK4iZRvked3XVOUQpPJ8bTehqQgNCkBFSSNHrKnaFzZxBS1/JkC33riXXHBTX+2s/LlZzvjWk/k+LmQQapDtQSE35h/uxgZxDt8WFeNa0dN/K5V88xveXUcfxSOS6ETCzhO8RMgOshmivHkdhai5KU4vai9fUoev5IRR94oCiu44bCxyLAxyTMfNVj5/t8bz/Mx+GAEQhqpIjJohua8NJrMZTi5m0OHxYbv29VQ2qQ2cWX6YAQiNWRwEiV/qqhqSD6lyA2RRV+BC3cYXVrVeXPcX9Pl27EUZ2LMyONZvljylm4NmuHU1TtJz7PrtobOHnyoTeIH/eQDxt59gDr/3U4fXDYpjZDf8usK+wPdBeN7Vmc51LzDkEL218upEbgwsUBPE1n0ZbhiMl6b+iiAQ0y2nqr/+xLznsiXiV8MIIFQQYJKoZIhvcNAQcBoIIFMgSCBS4wggUqMIIFJgYLKoZIhvcNAQwKAQKgggTuMIIE6jAcBgoqhkiG9w0BDAEDMA4ECFebRJU9nW1OAgIIAASCBMizSqDqjq1S4riSeenGnqcafFnfgfBJvkbd7R23eORe7nY/yKW63xCRfdcLZsFwkQnVDZcpDUovWCfej6qoW8JgSKwQofvFzp7+6DBm2IsDo1U9bJ6oYfpl+NZglFT0BYCrHXpePkdjJscaop9fYKJBYeOeOgosGdvaEuAaJ/4WHqYQVHfCg9gih12VnJkxw6nLhhmUrP3UGPLAH46+ORGNSbRNCMZD1stN5NWDGbWWx7KG/IuMNgKP3YkT45M2NoeCIsUH6pT4WBPT8f4bgp4G5ODKl1ZMsXIQqlAQ6/UKWmPfGbFCsNQPAhU9Cm14HQwHUaoscMr4xTu6QF6JLxCG4VRuIL6UpP/uPK2Lt09XLF/5c2rsXaAe6x2ZjGcWso+HKC8kHoHZZ/wLHoZrEBEgAHFM9Y6h9UXXMeSXUdjSUbGUdd1hu5GyI7m/dFIyP93uzceMOxL6pASvymiFGt0gazPp6tE8lFdEDyR8PklSNW9HD+bfa0HS/+6E81VTPmCZl/sJIwvrCmwfJRafdt9nt45HzFJyimTBqOYJVmBXef9jCUGsBuYrRhQKUavO2F/VDEPwcAgQCw5nud7DnMLeBnNMHHGE6V/SFoy+HM+1GwPoROGcPv8wbjPNY9mc9V4SAzCUjqA3oh3j6wckcyC3+KnQB3W9ALS7/jTobuvUs7nE9p53m63Q8hTwZ/+Uf5HgXBdzH+wwdszX/ZWCb6/j1sQZ4aZMMPLSHfNfDJv4UI8XC51EIaILDZC/4TVn+nI6WVVCDtY8N03wrbo+hPbVg9r9/J2tTIsMh9ijaoURJUPZzBmcgoyN7FrbpMI10d2jUSM5bIsQN+yBbNOAyWHmNnRs51syzRafDgBuWGxHaRrhW/iRJPuAlLKXmP+7/PNjCzeMH3OVvuLFgv9Xh9553XxhMtUQjZ/SQioOhIMkExSbdPcbAALZhx48wF8eM7jMbKpuT4LTMQsVmsO/obWSkHjl4Nf0Lu0aUnuxIS9jV/VRO146UwNqEGy09b8Q97WpRayaVy9Vc0immf4TvqAJwKtYFi7iKtZk67br/7mGwVIZPiZ9SNtjqK9Y6gYCm2Qx1MdKJYJbbYr9a2Cx2wF+Uu4KBIM13KCCBWfdv9MYj1+y+UIC3Yvvx2QLoFAYjFudTI5z+HmUA4yLt3MNfVB8Hbu/5xI/yJL6Mrm83jtFUnd39KPDxXGUi5jMt8TfCh/Lc5QI19m+0q0Vs5zqn04uIo0vkglJaFMBjFwo3mpaqj6g/4C3szokT1yL2sKAWgkDUk7qr+GrbaieMGkXuVdDZTgSi3I/wNvI1aMzVDemN+rKsrDLtuiSMjxUDevqgZ60Uul1YQ0qqDqJ0cqUQvBCGTeyr9lAflnNUmeMm2jSPwfuMvjWq42enhGkwCfQPGI3q1DU5QbEi7mDM/Du22chhDKX7Nb8xIyyM9XzAp7PEguZgdvPjudlscMdRdHfj+F2+oqdb6QPNLeIHGmJLXdY9jJ19ZSNlqK1/wkvR9hW5c6RUQA9nKjAbhUMQf30kFXQNJzbSF/WFTf+ILEPloErBD6oGy+ZncpXcXLuA/BdeFoB36aR/2+A3yH27xEbdZ8/DTxAz11yjwobHgyrChnb+Wfje+gJAAAxJTAjBgkqhkiG9w0BCRUxFgQUyerX5qjmNsZX5DikLU9eGm8mpGgwMTAhMAkGBSsOAwIaBQAEFBi9QNLCU+ASveN+nUA4eXshhk3rBAjSkBc6+GziEQICCAA=
3 |
4 |
5 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/add-ons/bundles/README.md:
--------------------------------------------------------------------------------
1 | ## Extending Quick Start Templates with Bundles
2 | The Quick Start Solution may be extended by importing RESTMAN bundles on startup. This allows us and customers to mix-and-match solutions that they intend to use with the Gateway, producing a smaller, purpose-tailored image.
3 |
4 | _Template design functionality is limited to CA customers for Beta due to access of other tools such as Policy Manager. If you are a CA customer and wish to design Quick Start templates, please sign up on https://validate.ca.com for project "CA API Management (APIM)/Beta Releases - CA Microgateway - supporting tools"_
5 |
6 | Instructions: https://docops.ca.com/ca-api-gateway/9-2/en/ca-microgateway-beta/add-functionality-to-the-ca-microgateway
7 |
8 | ### How Does it Work?
9 | On startup, the Gateway will look in the directory `/opt/SecureSpan/Gateway/node/default/etc/bootstrap/bundle/` for files ending in `.bundle`, and loads them in natural order. For this reason, we generally name them with numbers indicating the order in which they shoulud be loaded, e.g. `60_consul.bundle`.
10 |
11 | * Drop your templates under ./get-started/docker-compose/add-ons/bundles
12 | * Run a Docker build using `docker build -f ./get-started/docker-compose/add-ons/Dockerfile.addon` or use `./get-started/docker-compose-build-ssg.yml`
13 |
14 | ## Bundle-Specific Information ##
15 |
16 | ### consul.bundle ###
17 | Consul Service Discovery Support
18 | This bundle contains an encass (ConsulLookup) to support service discovery via Consul.
19 | It retrieves a list of nodes providing a particular service, and performs routing.
20 |
21 | Baking container image with consul template:
22 | * The consul bundle is located under `get-started/docker-compose/add-ons/bundles`
23 | ```
24 | cd get-started/docker-compose
25 |
26 | docker-compose --project-name microgateway \
27 | --file docker-compose.yml \
28 | --file docker-compose.db.consul.yml \
29 | --file docker-compose.lb.dockercloud.yml \
30 | --file docker-compose.addons.yml \
31 | up -d --build
32 | ```
33 |
34 | Caveats:
35 | The bundle may be modified to include the address of the Consul agent against which lookups should be performed. To make this modification, open consul.bundle as text, find the string literal CONSUL_ADDRESS_GOES_HERE (line 23 at the time of writing), and replace it with the address of the local Consul agent (e.g. http://localhost:8500).
36 |
37 | Inputs:
38 | * Service name (serviceName) - the name of the service in Consul
39 | * URL scheme (scheme) - the scheme that should be used in accessing the service (e.g. http:// for HTTP connections, https:// for HTTPS connections). This string will be prepended to the selected node's address.
40 | * (optional) Path prefix (pathPrefix) - the URL prefix that should be appended to the node's address to form the service's base URL (e.g. for Consul's v1 API, this value would be /v1).
41 | * Routing strategy (routingStrategy) - a string specifying what routing strategy should be used. Currently, the only supported value is roundRobin.
42 | * (optional) Consul agent address (consul.agentAddr) - the URL of the Consul agent (excluding the /v1 prefix) which should be used for service lookup. This takes prescedence over the cluster property of the same name, but the cluster property should be preferred in general. (ex: http://10.10.0.100:8500)
43 | * (optional) Consul ACL token (consul.token) - a Consul ACL token to be used in discovering service instances. The token used should have the node:read and service:read permissions.
44 | Outputs:
45 | * Service base URL (service.baseUrl) - A usable address that can be thought of as analogous to the targetUrlinput of the RouteHttp encass. It will include the scheme and pathPrefix from the input options (e.g. given scheme=http://, pathPrefix=/v2, service.baseUrl may be http://172.16.0.9:5400/v2).
46 |
--------------------------------------------------------------------------------
/get-started/docker-compose/add-ons/bundles/dummy.bundle:
--------------------------------------------------------------------------------
1 |
2 |
3 | Bundle
4 | BUNDLE
5 | 2017-11-09T21:20:39.809Z
6 |
7 |
8 |
9 |
10 |
11 | Sample API: Get Remote IP
12 | 03152494f697c7f248440a089f7709ed
13 | SERVICE
14 | 2017-11-09T21:20:39.809Z
15 |
16 |
17 |
18 | Sample API: Get Remote IP
19 | true
20 |
21 |
22 | /ip
23 |
24 | GET
25 | POST
26 | PUT
27 | DELETE
28 |
29 |
30 |
31 |
32 |
33 | false
34 |
35 |
36 | 4
37 |
38 |
39 | false
40 |
41 |
42 | false
43 |
44 |
45 | false
46 |
47 |
48 |
49 |
50 |
51 | <?xml version="1.0" encoding="UTF-8"?>
52 | <wsp:Policy xmlns:L7p="http://www.layer7tech.com/ws/policy" xmlns:wsp="http://schemas.xmlsoap.org/ws/2002/12/policy">
53 | <wsp:All wsp:Usage="Required">
54 | <L7p:HardcodedResponse>
55 | <L7p:Base64ResponseBody stringValue="JHtyZXF1ZXN0LnRjcC5yZW1vdGVJUH0="/>
56 | <L7p:ResponseContentType stringValue="text/plain; charset=UTF-8"/>
57 | </L7p:HardcodedResponse>
58 | </wsp:All>
59 | </wsp:Policy>
60 |
61 |
62 |
63 |
64 |
65 |
66 |
67 |
68 |
69 |
70 |
71 | true
72 |
73 |
74 |
75 |
76 |
77 |
78 |
79 |
80 |
--------------------------------------------------------------------------------
/samples/platforms/kubernetes/microgateway.yml:
--------------------------------------------------------------------------------
1 | ---
2 | apiVersion: v1
3 | kind: Service
4 | metadata:
5 | labels:
6 | name: microgateway
7 | service: microgateway-svc
8 | name: microgateway-svc
9 | annotations:
10 | description: "The Microservices Gateway service"
11 | spec:
12 | selector:
13 | app: microgateway
14 | type: NodePort
15 | ports:
16 | - protocol: TCP
17 | port: 8080
18 | targetPort: 8080
19 | nodePort: 30080
20 | name: microgateway-http-port
21 | - protocol: TCP
22 | port: 8443
23 | targetPort: 8443
24 | nodePort: 30443
25 | name: microgateway-https-port
26 | - protocol: TCP
27 | port: 9443
28 | targetPort: 9443
29 | nodePort: 30444
30 | name: microgateway-pm-port
31 |
32 | ---
33 | apiVersion: extensions/v1beta1
34 | kind: Ingress
35 | metadata:
36 | annotations:
37 | ingress.kubernetes.io/ssl-redirect: "false"
38 | ingress.kubernetes.io/ssl-passthrough: "true"
39 | description: "The route to expose the Microservices Gateway's HTTPS port"
40 | name: microgateway-pm-route
41 | spec:
42 | tls:
43 | - hosts:
44 | - microgateway.mycompany.com
45 | rules:
46 | - host: microgateway.mycompany.com
47 | http:
48 | paths:
49 | - path: /
50 | backend:
51 | serviceName: microgateway-svc
52 | servicePort: 8443 # named ports won't work in kube at the time of authoring the template(https://github.com/kubernetes/ingress-nginx/issues/1459)
53 |
54 | ---
55 | apiVersion: autoscaling/v1
56 | kind: HorizontalPodAutoscaler
57 | metadata:
58 | name: microgateway-hpa
59 | spec:
60 | scaleTargetRef:
61 | kind: Deployment
62 | name: microgateway-dc
63 | minReplicas: 1
64 | maxReplicas: 1
65 | targetCPUUtilizationPercentage: 75
66 |
67 | ---
68 | apiVersion: extensions/v1beta1
69 | kind: Deployment
70 | metadata:
71 | name: microgateway-dc
72 | labels:
73 | app: microgateway
74 | spec:
75 | replicas: 1
76 | template:
77 | metadata:
78 | labels:
79 | app: microgateway
80 | spec:
81 | containers:
82 | - name: microgateway
83 | image: caapim/microgateway:1.0.0-CR01
84 | imagePullPolicy: Always
85 | resources:
86 | limits:
87 | cpu: 2400m
88 | memory: 2560Mi
89 | requests:
90 | cpu: 1500m
91 | memory: 2048Mi
92 | terminationMessagePath: /dev/termination-log
93 | ports:
94 | - containerPort: 8080
95 | - containerPort: 8443
96 | - containerPort: 9443
97 |
98 | envFrom:
99 | - configMapRef:
100 | name: microgateway-core
101 | - configMapRef:
102 | name: microgateway-license
103 | - secretRef:
104 | name: microgateway-secret
105 | - configMapRef:
106 | name: microgateway-quickstartconfig
107 | - configMapRef:
108 | name: microgateway-otk
109 | - configMapRef:
110 | name: microgateway-certificates
111 | - configMapRef:
112 | name: microgateway-jwt
113 | - configMapRef:
114 | name: microgateway-feature-flags
115 | - configMapRef:
116 | name: microgateway-policysdk
117 |
118 | livenessProbe:
119 | exec:
120 | command:
121 | - /opt/docker/rc.d/diagnostic/health_check.sh
122 | initialDelaySeconds: 480
123 | periodSeconds: 15
124 | timeoutSeconds: 1
125 | successThreshold: 1
126 |
127 | readinessProbe:
128 | exec:
129 | command:
130 | - /opt/docker/rc.d/diagnostic/health_check.sh
131 | initialDelaySeconds: 90
132 | periodSeconds: 15
133 | timeoutSeconds: 1
134 | successThreshold: 1
135 |
--------------------------------------------------------------------------------
/samples/platforms/openshift/config.yaml:
--------------------------------------------------------------------------------
1 | apiVersion: v1
2 | kind: Template
3 | metadata:
4 | name: microgateway-template
5 | labels:
6 | name: microgateway-template
7 | annotations:
8 | description: Template for the Microservices Gateway
9 | objects:
10 |
11 | # Secret
12 | - apiVersion: v1
13 | kind: Secret
14 | metadata:
15 | name: msgw-secrets
16 | stringData:
17 | SSG_ADMIN_USERNAME: ${SSG_ADMIN_USERNAME}
18 | SSG_ADMIN_PASSWORD: ${SSG_ADMIN_PASSWORD}
19 | SSG_LICENSE: "${SSG_LICENSE}"
20 | SSG_SSL_KEY_PASS: ${SSG_SSL_KEY_PASS}
21 | SSG_SSL_KEY: "${SSG_SSL_KEY}"
22 |
23 | # Core
24 | - apiVersion: v1
25 | kind: ConfigMap
26 | metadata:
27 | name: microgateway-core
28 | annotations:
29 | description: CA Microgateway core properties
30 | data:
31 | # Hostname of the Gateway cluster, usually the hostname used by the load balancer
32 | CLUSTER_PROPERTY_cluster_hostname: ${CLUSTER_PROPERTY_CLUSTER_HOSTNAME}
33 | SSG_JVM_HEAP: ${SSG_JVM_HEAP}
34 | SSG_INTERNAL_SERVICES: ${SSG_INTERNAL_SERVICES}
35 |
36 | # License
37 | - apiVersion: v1
38 | kind: ConfigMap
39 | metadata:
40 | name: microgateway-license
41 | annotations:
42 | description: CA Microgateway license
43 | data:
44 | ACCEPT_LICENSE: ${ACCEPT_LICENSE}
45 |
46 | # OTK
47 | - apiVersion: v1
48 | kind: ConfigMap
49 | metadata:
50 | name: microgateway-otk
51 | annotations:
52 | description: CA Microgateway connection to OTK
53 | data:
54 | OTK_SERVER_HOST: ${OTK_SERVER_HOST}
55 | OTK_SERVER_SSL_PORT: ${OTK_SERVER_SSL_PORT}
56 |
57 | # PolicySDK
58 | - apiVersion: v1
59 | kind: ConfigMap
60 | metadata:
61 | name: microgateway-policysdk
62 | data:
63 | CLUSTER_PROPERTY_CLUSTER_HOSTNAME:
64 | SOLUTION_KIT_POLICYSDK_INGRESS: ${SOLUTION_KIT_POLICYSDK_INGRESS}
65 | SOLUTION_KIT_POLICYSDK_MASTER_KEY: ${SOLUTION_KIT_POLICYSDK_MASTER_KEY}
66 | SOLUTION_KIT_POLICYSDK_ISS: ${SOLUTION_KIT_POLICYSDK_ISS}
67 | parameters:
68 | - name: SSG_ADMIN_USERNAME
69 | description: credential you need to access the Gateway API
70 | required: true
71 | - name: SSG_ADMIN_PASSWORD
72 | description: credential you need to access the Gateway API
73 | required: true
74 | - name: SSG_SSL_KEY_PASS
75 | description: SSG_SSL_KEY_PASS
76 | required: true
77 | - name: SSG_SSL_KEY
78 | description: SSG_SSL_KEY
79 | required: true
80 |
81 | - name: SSG_LICENSE
82 | description: Microgateway license
83 | required: true
84 |
85 | - name: SSG_JVM_HEAP
86 | value: 1024m
87 | required: false
88 | - name: SSG_INTERNAL_SERVICES
89 | description: Which Gateway internal services should be enabled, as a space separated string.
90 | value: ""
91 | required: false
92 |
93 | - name: ACCEPT_LICENSE
94 | description: Indicate whether you are accepting the CA Microservices Gateway Pre-Release Agreement inside the LICENSE.md file within this repository
95 | required: true
96 |
97 | - name: OTK_SERVER_HOST
98 | description: The OTK server to use
99 | required: true
100 | - name: OTK_SERVER_SSL_PORT
101 | description: The port of the OTK server to use
102 | required: true
103 |
104 | - name: CLUSTER_PROPERTY_CLUSTER_HOSTNAME
105 | description: CLUSTER_PROPERTY_CLUSTER_HOSTNAME
106 | required: true
107 |
108 | - name: SOLUTION_KIT_POLICYSDK_COMPANY
109 | description: SOLUTION_KIT_POLICYSDK_COMPANY
110 | required: true
111 | - name: SOLUTION_KIT_POLICYSDK_INGRESS
112 | description: SOLUTION_KIT_POLICYSDK_INGRESS
113 | required: true
114 | - name: SOLUTION_KIT_POLICYSDK_MASTER_KEY
115 | description: SOLUTION_KIT_POLICYSDK_MASTER_KEY
116 | required: true
117 | - name: SOLUTION_KIT_POLICYSDK_ISS
118 | description: SOLUTION_KIT_POLICYSDK_ISS
119 | required: true
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/gateway/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | edge-ssg:
4 | image: caapim/microgateway:1.0.00
5 | deploy:
6 | resources:
7 | limits:
8 | memory: 2048m
9 | ports:
10 | - '9443:8443'
11 | env_file:
12 | - ./config/core.env
13 | - ./config/license-agreement.env
14 | - ./config/license.env
15 | - ./config/certificates.env
16 | - ./config/otk.env
17 | - ./config/jwt.env
18 | - ./config/feature-flags.env
19 | - ./config/solutionkits/policysdk.env
20 | environment:
21 | SSG_ADMIN_USERNAME: "admin"
22 | SSG_ADMIN_PASSWORD: "password"
23 | SSG_SSL_KEY: MIIJ0QIBAzCCCZcGCSqGSIb3DQEHAaCCCYgEggmEMIIJgDCCBDcGCSqGSIb3DQEHBqCCBCgwggQkAgEAMIIEHQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIRmft0KmSJ50CAggAgIID8IjtZqEvN09aIV0AikNl4n+uvNuaCa1VUIWVtmvySPYJGqZrDJUb3g2x3+jZTIxCAoNLtzyMOHnHFc3jeV0y4vwmAoGurb9UjERZW3Ntn8hO5uqBtuypAPtGIWlKBIhkbM3RRRtT3S/t6r04PRNXL6HPfbG0BOiQuTtaVI5ENravLKegzx9OGXo8hPPHhikx/l3jgqBU0ePoXkMQ0YEBA6xPng9HHd9LPzoSDOsKb1a+OGeZGnfuLW4rPunBzsv8ZRWC9dioBL+Mme2O0ofGeHU4WBInjZt6R+D4L3hOM3H2BZWR7lIdTekFX8P5j9+kwT4kg9gohjVzZAcozYrsKgeH//sK7Q7Y6yVpezk++OKjIdrkaa4Sbrf1g3Cgmg3h6fw+f05kiI8rBeQaYLzPREIE+coP/qdzQGhuRhiu5WqQ26k6RF+vqJGBitqjCQd6kLQmIBjxmu8WEpk3aaFOe7kLKmUUD5Daa+qN5/IY+AehZ3HtJ3M3sRWXCsOubutFBOO9EAXWyhEtX50EE9/bJ5a/bYhjM4IDg3E7IvYzA+3daoHn3XT8f6REYDRiobOUIcppIJhnhWwEdCCnC4V0dJM+w1SwI+CdvB9cgrh7SSUKfoPNNy6EMaH9vvEryPBHcM+r+ZSDHQfamb40tc7/BAukm/CWhx+P97XPX7Z7OsvytzvPwN6bp3cDKkdCGBdRBrz2jOG72ELoiW2YEyV3on8bHwf7XB4Zv30Ym0tXujpzHole62cxRLAlP8ZjB6LbLPvU80YGGDHsAxk2GtzEKl3vkmC2L836x9ldN/LlIpyikP21mA35K8ALsVhdfu8Kh3WaYdv5AOLOaxZ36wz+H5/Q2MNwp0mfPZipVg/thu0EjBHmJuvqk62UnVfoCD+M0T/C2sEoiFXfZlAR6pDsU6+7OZ9Ct5gsnrS8nDQ+xgMQHdDO8+itaJxJjrOv9xbCkJKRv64C5ZkgHsI/K85Y4fS/ShGUP+hnhcBtYIdPVXUWqQahDzgG7zV/3Oqda6xKxHEJ18ptDgIZ6cmx0mCWTVqyFSvHDBohIsFpkmmGRRHO4PoR4mOHp2lMf/VOHWOquBMmLtsa2WxyWJQttZBN6eyhaGum3t6HQj3qBWT+OB2uuJHrD3Mm4tUKe96fEe684CvE7Gfd+oqqYwHmGRdLlVCMERconwzln36SkqR4gi1UFpyUS2ScmhCJYC+c7BGxfdZjnu3dJzHwKpCTxuWiLhN0OGeNul3CbPDv9/Chf0S0DzzpwjmWYHuSizpiw54o5uZFVtvnMCkM0OYJ7TqITwFV4SRl24fv5poyWScotjrHmpNJBdjytILX32ZGaeoXbjCCBUEGCSqGSIb3DQEHAaCCBTIEggUuMIIFKjCCBSYGCyqGSIb3DQEMCgECoIIE7jCCBOowHAYKKoZIhvcNAQwBAzAOBAj60JTior4PNQICCAAEggTIFsC6IFkU875Ca80WqkRWm3VUu5OIFWXACDEaNdeO2p2AQA9N717lEgpqCVyXUFvNm9cbXdf689P6WuXiKUJJyFkBfdp1ZBNYUWQV6Z7bE1uMKlU7W6iEbvGZGMC7kDGI8r4ZDJJoBnqKDEd9SosPQBJscPIHDBJlEtag/F9PAL2me60BcekHzxQz7xfEqrHrPkC6lTZehXyW9FRjqr1Mct4vO/NwYp402AIor0pR3MdoRcMD08LfbGXfbT0lE60rheiqxj2ysqElcM5R/wZoqil5M44IyyfJt3r6RZXHh7ikg78+G981UCoNYvdwJOGZ//KxxlnBVrTzjJf+co9Ic+E+Gco2TzAg1wiGz7Q3HC94vqIHu46vlHIrBoaUO1VeasL2fXJNysJd3fuUMvf3hekDTILtGpFwdgryfv+UPcXk+YthjgTZcBPqazqRRofykN/kc1ZfjgdAhcRE/dtvWsaXOPMcrvBh0eTteM6//WEQMiMrfiW5LuIF87/ktPx0NcLByBAWvReHvnhSXHgA4CQ3E4OlfzWrzCeEOxxvqZ8hQQs07TFCc+lx5zRQ/3PPShrXAhSE2zcPAgInO5ahsohVK19sAohWO/Al7spVrSx0F+t1vrtsDS+uTyBC+HHjO7lYUudUbla2Y9Ld0TyQsKahGdb95SxoJwCeo1WbzmOvD/UyZ0QbdIGCV9Bbjkve48BD3VdmBOMGFr/Rl3Px/YTPv+8o2EO2tCTo9r1cyYf0JkMOwCWgnvL869U4wO00sTTIaZLBl0v75+diKIy52trI76lFrU7WNyBu3WELH2N2Ped675hdQgkYPwHINA7vw80JvE3Add7We43pOOMBfLx1QSVZTn8Zj5Xxzkd7pVeKi1ydAQ0ERO7ifEtl5cY7qdIpiprWJ+dPJWyRdA9zljuwu/cT/Y14M33fy+aphGD0KuJPI/TsRyaEsHYKZzFVRgIa5yEte4j2q+pyDyeGEJ7lGVvhzNGWSmA/Y0b3pKOBC+tbYZIiRNvaKzpWbMkwWIab5KWHuuIME29+jMuXdyiUQGIRcgccz2W0kI7Bm8z3wyBytTW8JUy2zXB1Ly3RenRkDiOtTl9wnNCYKXDAh7K1kFww0whUaDcvKD0SXNK+uJOAxI+dRXTFqe2QaELIyh3ZxstjsCeO4K5WiMexx0LhqgYKWWN4EpyHw0Q2DHeVbDdmwBlIqKHgJKMM89sLdwVl5KV8LmnX2qNEyLXpw/V+RMd1fUaR9s1b18sO+4x8FKTzwAc4ct5M0BoJGe1xiy5ewHiv1Lc4AJfmw48LU9PYXba4F7gFCaRXxX2LrO1RtHhoZzA9FdyGe9r8wIIWzri13rc5mc0H0FWDNM+RXEFLU54CPggTzQnfgaQi/A4sH0DwjbeKQ1RtM6paI8MWy5kFUh400J+GI0+2qg8pRq+3mZfvi9Y3GIMq0i6IyIl0NlblOePYdPSipH+O3P0nFY9YXe1K3kodOxRAMriU1tDxe/VO+TnwUt8dK2gY05HmcWV+3MT/c0dqDc5fuP4c/Vyh92XSshsDE2DbTgWNbPXZchlZnK7CRXL6IeeOxhPeOLwntNd234E0o3v2NUr6v+DMhWgbQkJy9sLZMbWhAB6FPS4Ssz/gMSUwIwYJKoZIhvcNAQkVMRYEFLJOS1g2/bKC8RKXzgKY91y3K63sMDEwITAJBgUrDgMCGgUABBT5APwT4TzQYDPcvp866Z1PxltQpAQInJgU1edIXYcCAggA
24 | SSG_SSL_KEY_PASS: ""
25 | SSG_INTERNAL_SERVICES: "restman"
26 |
--------------------------------------------------------------------------------
/get-started/docker-compose/docker-compose.yml:
--------------------------------------------------------------------------------
1 | version: '3'
2 | services:
3 | ssg:
4 | image: caapim/microgateway:1.0.0-CR01
5 | extra_hosts:
6 | - "httpbin.mycompany.com:10.7.36.179"
7 | - "otk.mycompany.com:10.7.32.187"
8 | deploy:
9 | resources:
10 | limits:
11 | memory: 2048m
12 | env_file:
13 | - ./config/core.env
14 | - ./config/license-agreement.env
15 | - ./config/license.env
16 | - ./config/certificates.env
17 | - ./config/otk.env
18 | - ./config/jwt.env
19 | - ./config/feature-flags.env
20 | - ./config/solutionkits/policysdk.env
21 | environment:
22 | SSG_ADMIN_USERNAME: "admin"
23 | SSG_ADMIN_PASSWORD: "password"
24 | SSG_SSL_KEY: MIIJ4QIBAzCCCacGCSqGSIb3DQEHAaCCCZgEggmUMIIJkDCCBEcGCSqGSIb3DQEHBqCCBDgwggQ0AgEAMIIELQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIi53V0I6c4z0CAggAgIIEAPyvqx+A1dedFnGawkc8pYG4OP7yyZJhVH6vjisjnUxHFXaQer5QObnk5rJmikuaSjaDsYNp39l8Gh35nMuD5Hc8q7gWaQHmtWDfGZgoFo3edgk2+e/YztyoO6rAOYyhoy72wiVU988W1dbZvY6/gK0+1i65e2YNY/0bQM5CJDPJvszyWfCUU4Cb1LX3dQJuemZj8foy+SpRVP3+R0kgB1SEEHnyNsbgV/vRQbpHFjYLt/IdFGIvURJRO42iq2lLaTtlMII0sOT9kqFkd4454tW7QQdjd8/Nsctny+wfFhABJAa5F2NHBHP77cvgfkmXNFqI1ileKP0JMx0pDtQeKwzIitjN77bdd5j/vL43EF6Ry5VKpFzZFjThj6fcIsDHtcUbbxeVPO9MEB5Ee+4qXh3va9d7zD5x0Hn/RGGqQtgD2B5ILA0FXNjPv4mJaIcHbWhTZlB8RO23U/82iEH7Cks11NO4inaAxr3b3dpyoN6JrpVEwVIW2GSxqSE09X9nIn/6xYmxWjWbuFSa++DBrCqsQY8sliU2KC9tbmebNS5eHr+16/44rQ3TBy0OFI3rLwk74eZje5sXxiBzHmWXk0u9iC2sZdDzk8KzO/WmOrvr0Q5AmKzDcRBodv/7r+4zQjhpRhY+en58hHaHkWpJ7deWtaU3rwkjly3UZlJurSYqgOqbQlFg6/O5elXx2x4ndAQds+pDC3tJlIzNssR4CFwInkU32xZP8B+KvavXjlNEi+qMwVO+brOgbTDjtW9ovZHVd3RHA+VeaR89FWjH9sgk2oJmtkSuRjgD4w1A/tzk62YlCcrgT6J4rjYya5O6v/JbMNo8r+/iGEgf++bUGW9VIEjJAk6KBe1fVRI4TYpYWBHczQxjKpPhKYi+S5pDEZdPVdXSKXvrzvkTj44Xast/3yKMWMvKIAxJukx36KjYcGYIByVIS0BEhQg2ON/XUqUW6+ywk+2avwIR87wnpjBRAGITrW/CJUaQmTPm15f8ZoWtf4m0vlc+YZ0tSHbaUzDksdKhBu2bHseAjgi9khLy4TEdwVEYDL54Dl4FF1wqdnNM6BCbMzfYj9UI+PpLIWIPwtp+SoRJlHBuFGc8xNPjAXDwF/NW/s7DHUkXflMy5BY36HTMhmo+zbiZsFr6vNe36hEANpJNtGd755LPMjWjuBQkclMhUa4XAOHF/zYX3w/aaJd3X0mzn40IettoDEJ5rC7WEYiWeBjpSIWUVJ62hDitDx69eJc8arDbIwHEorEMJiNDffBOReksrZ69bSJi1ANXuhXk8VNKGuDFH81vjJJmaXTQyXBxHP32loJu6sF/cIvxOHSEOnHvNEWTW2c0Xq1TKPXUDyHvmp90accwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQI0iqoDeBwom8CAggABIIEyAAiKm9ijDAbEQJ2RQnTU4wRxt8cnF7+LqoaSh/aREOuxpeWffjOCeTijOMFd3j0Qf3gm8VZkIqYxDvu66BQt1+Qahn+98TXdRew2EjDeDBsOXZSk9Qp3TESvq2TUzuRKqBoyOFauMCxvelkr60pMYN3awgnWTBVyJ74kNyykjVsuxff1TPIPotqKmneHqqkgoIw+BPKit3BSSTcG5ij/cBFk+6ngaNU9+9lBMsddpvUJ5yXRxqDYS08ekrUL/wRl9GqMT7zidpTWTHzD+23mRZMJcU8Vm46c5hNrYU1RyhFcbAAMR+PasKbJA0gOPwxOZyHnu30Box6xU1BWoy+nAHJ17/t2iQf3mj22cQ996GhkEIjXzcgxLHqCjNAkf721Rz0K69+m8B3iysi/U5jtv2gYWs86Vug4kJbEhbyDZgO0lyxIO30y6BUPOLLH4Ui1XWd/BvPDzV+FHIht/G/WN11KUtI6LASpjPB4mIBhTZntijTo677h2mQzgM9mnizGmWbtJBzn5bnWG7p68iIYedF8Mp6YAdUh+eTT9I3DLz5JOrCb4/FA4x3Txy0AlKIEokkzoTOGNlgCPt1Kf5Fkubm5Ls5htX5Y3Hi9u2njIrSuBfJyVvjJzcMgNd660p8vWmOJm58CEdCNLACuASMyYa1GFhbZw5JT9l+SVx8n0V8zOEJT1FDVQbchLZS/nW8s6EZE/YpFR+qQ/J8RZWKv2JYwqE9CAiwEO4Xmv2ALQTGDNyyBuJpU0HoNvczb3EzJZXWVXTy2D/DViCyXymzlz2xKOZVSOYRwLaiCzZ83vIY5ct5XXNWPmJBxWHfWBU+UU+arBNMoO6hh4UiAhPYLt5FrypAAgMks5uzvnBRs8nnW0whPalr/kaGflr63fVTku1qrQcXlO0/RncRNAnHTqWCOzYVnEcGVKPKjTT7T/MboEj3U/6Wx8gwhTzJSXuAGZnToU3KAcI6MrR6onhL91pZni0lZsSj2/eUCxU4B5fbAa468C6YY0O4leccvy4pvrBkowGqiCUscftCIQcBryfcCDR2Z3x8xX/KKJ+6+ESIMmFAHJ9vBzj24sPfBsKSswfTKFj5TE6FkflvvRnseb/sPTzBTogv2gqS9dPPTJt+CrG9nVY48vtMQ3ECw+1yaOh0iut4atEyYk5vCDyflGbgiPCeClKqq66O9KMSnhJuMvWe1TnnitP4FRJl0X49wU0TrYzcewmO83mKVIwa77jP/wSNsXq1EudHr8+W0m0NgRmPfsAPvGDagBcBeVOPrM8iGmjB1C0EBIVLmh4GNNQHtnpcM++xq4eRGf/6xdNdXvCgGB0vP3BfJq8DvRBM1suW6sfaPpqbUE+MUGr9Jcs7ttiaEzgrXGQPLlhXM/35SmtXjeSc5yoLc9uq1FJKMisLVMcO/DYaIVcShuPmRMbNt7UPM6B68PCGwHu6vVGPwXeGpGr0ZanLM84mSPCzFTFpS6hduVFA4kL6UfFpUXxWB94NPc1O0QOb+YabwRgJpEKyA/Dkqma1ZQjAuv1xDPpDAzdW+exLrUetp00mmoZ2uDxcbvLFFHIV0hcNKhDwJPn8iiYdnLZk8sh+gxVC4ysuUXJL+LdDj7yD2QaLXbYwu06TjiXV4DElMCMGCSqGSIb3DQEJFTEWBBQAK6j3Gs7RFxNTsrBF/eL0vEmebTAxMCEwCQYFKw4DAhoFAAQUh9UgpvRkzPRkGC6wuI9Lim2KgxIECH3RZbUOQx5AAgIIAA==
25 | SSG_SSL_KEY_PASS: ""
26 | SSG_INTERNAL_SERVICES: "restman"
27 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/apis-orchestration/recommendator.json:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Customer Recommendator",
4 | "gatewayUri": "/recommendator",
5 | "httpMethods": [
6 | "get",
7 | "put",
8 | "post",
9 | "delete"
10 | ],
11 | "policy": [
12 | {
13 | "RequireOauth2Token": {
14 | "scope_required": "orders recommendation",
15 | "scope_fail": "false",
16 | "onetime": "false",
17 | "given_access_token": ""
18 | }
19 | },
20 |
21 | {
22 | "OAuth2JWTHeader": {}
23 | },
24 |
25 | {
26 | "RouteOrchestrator": {
27 | "rule": {
28 | "orchestrator": [
29 | {
30 | "aggregator": [
31 | {
32 | "RouteHttp": {
33 | "targetUrl": "https://ssg:8443/v1/orders",
34 | "httpMethod": "GET",
35 | "parameters": [
36 | {
37 | "sysfilter": "equal(customerNumber:${request.http.parameters.customer})"
38 | },
39 | {
40 | "auth": "zFeg53T5ESosM2xqM86s:1"
41 | }
42 | ],
43 | "headers": [],
44 | "requestTransform": [],
45 | "responseTransform": [
46 | ]
47 | }
48 | }
49 | ]
50 | },
51 | {
52 | "orchestrator_transform": {
53 | "jolt": [
54 | {
55 | "operation": "shift",
56 | "spec": {
57 | "*": {
58 | "*": {
59 | "customerNumber": "customerNumber",
60 | "orders_ibfk_1_orders_List": {
61 | "*": {
62 | "orderdetails_ibfk_1_orderdetails_List": {
63 | "*": {
64 | "orderNumber": "product.[#1].orderNumber",
65 | "*": {
66 | "productCode": "product.[#2].code",
67 | "productName": "product.[#2].name"
68 | }
69 | }
70 | }
71 | }
72 | }
73 | }
74 | }
75 | }
76 | }
77 | ]
78 | }
79 | },
80 | {
81 | "aggregator": [
82 | {
83 | "RouteHttp": {
84 | "targetUrl": "https://ssg:8443/v1/recommendation",
85 | "httpMethod": "GET",
86 | "parameters": [
87 | {
88 | "productCodes": "@##@{orchestrator.intermediate.product[*].code}"
89 | },
90 | {
91 | "auth": "Y1tmNkYbxu5t93ixTCtJ:1"
92 | }
93 | ],
94 | "headers": [],
95 | "requestTransform": [],
96 | "responseTransform": [
97 | ]
98 | }
99 | }
100 | ]
101 | },
102 | {
103 | "result_transform": {
104 | "jolt": [
105 | {
106 | "operation": "shift",
107 | "spec": {
108 | "1": ""
109 | }
110 | }
111 | ]
112 | }
113 | }
114 | ]
115 | }
116 | }
117 | }
118 | ]
119 | }
120 | }
121 |
--------------------------------------------------------------------------------
/get-started/external/mag/docker-compose.yml:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright (c) 2017 CA. All rights reserved.
3 | #
4 | # This software may be modified and distributed under the terms
5 | # of the MIT license. See the LICENSE file for details.
6 | #
7 | version: '3'
8 | services:
9 | otk_mysqldb:
10 | image: mysql:5.5
11 | env_file:
12 | - ./config/otk-db.env
13 |
14 | otk:
15 | build:
16 | context: .
17 | dockerfile: Dockerfile.otk
18 | hostname: localhost
19 | ports:
20 | - "8443:8443"
21 | env_file:
22 | - ./config/license.env
23 | - ./config/otk.env
24 | - ./config/otk-db.env
25 | - ./config/otk-hostname.env
26 | environment:
27 | SSG_ADMIN_USERNAME: "admin"
28 | SSG_ADMIN_PASSWORD: "password"
29 | # P12 archive containing the TLS private key and certificate of otk and signed by the root CA certificate "Microgateway Test Root CA"
30 | SSG_SSL_KEY: MIIJyQIBAzCCCY8GCSqGSIb3DQEHAaCCCYAEggl8MIIJeDCCBC8GCSqGSIb3DQEHBqCCBCAwggQcAgEAMIIEFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQI5l2V+P0e2MsCAggAgIID6ORPdcVrA+ZFiFcov6tqFOfNSjSwoL409uUELC0FURySRTZVNtNJgZ9zZb2T2xJhVz94A+EwjCptuiXODMwNlwAgeaqKWuOc/jjr1A1uthn4E62MbVztuKRAh2M5aMzPrhgskRlLwyMEoErukRbdotbRfsKhPQc8EZsOq0ti3BBXE+cVv6a0MCpoplRPjr2MdROyzDmjYHxSS/t4VvwNZtSyyXNMCeP97F6uFGjmjCQTprlpY0T5oq7ElwVuTRpdZIVatljfbTlFvsu7/XMrhcfw40Ci5G8xJrZrsKiBpg/oPn7yOxCHk/xkMb2wvm6uTpXZYH/b6osfcMgMP5k+Tx3ZpijWq0Hm0fiKpJyOBXWXkYFFH2mNTdWZWVLJgXyStoIxZs9HrXzF9WHiI+dqgZyzYwDkOsYhCVJUNTYaz8L57sy0vYkjkJHCfanjStLhhSRwWvHMIT6ZI1XmBL2/gFw1IrSINpPejfIIA9lZsSWz3uCdQoXrCAsqFSOYqo82UY4DhmA7BcxxsLHR4uHXASPhLPfnWQ4WB5ykNSRRElAtlVJAoZ+qJTEQMGUgXnskNn2nkSWz8+TxLx9HpJ2mVoBxyd440K84R8qTKdSBSG63hsHKzJJjMjWHoGHxJtKMlQmco37/g0iOsGSTiGjKpi5vmkzFCQmMYSk0W6+yr9LlHa1shln3JTy0x5JqBTBX1WeRY06hGs0o6dBz6rSap+3lSVsDv9So/rxrkcHJkqbND5Z30KH4X/fZQ/RtF+irq1TU0eSqHoWf820f/X/s+KZqGzfipnk3SA4PllHQYO+vnxQJ1GBJa7gbfnIutkKM/Nfil3m4kAKkgqzv11MkzGiekuFIIuGbyeoSeC8vTB2ZdQdtwdtcLIt2UYl3/gbWlHxSV4o37ev28uW9IvYgCByDPq0wCaiP24TT1Vmmh6J6UVA8mUoDrX1Q0g72gJLd0DXPaCaTltkOwNZXoNr7KzUu83XpawQB9nsvq6zYfUBQlebg0pUGORX0hdASchNr7pCbu9r+N6DhYMJLW6Bijqvj0DGJ/ErvL3TBSNJ86WpjnCjRBzVtJ4sKloIWFnD8R7GvvdISNZEb0EyeM3CKeILVrBKbdanL/2xlQjgZlJ47avoTdDsWYuzsOoeEvREC0hJ758u5YmS3ajXNBKF0JcXU1Vz7BJdJYHcCP8lYD8bKVHSFiuOQs2Kzp1wa7tCWcdOdgQIQ36mScclxNutVug6P0RZQQfp2g0BUNwqtjKSW57EThYQ036UdlwUcXKj3dQx5nC+oNwdoHPsMayuptgeKYuJPNUNijGnKkIUEgdmaXTTVfukdB5EwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQIXqjW7pSTmc8CAggABIIEyPZMIO+zQtI5SClrfDe2Ny421uvPbL3vyCYneUJ3+gghri80ZL65kzs7jyreJFOJEA2aA6pBtAJIy4xFk7DpHjIQi3AsFz9TnJqciyG9fij836QUMZj9s8HXadAZc3DaLlHnUzh11h5a81fdK1Gxo4cs4pn5yJB66PKUEeyCKF3F6ijO8gBmliCYA7F/J9l1cZP2LPRd6XBIBkKh+U9rONn+QtWW3dNZ0TL72uw+W437U8QgGL9aM5VQZmdbAVHFBGw/dJonrSZySMD6upmZXQbmrQ9OKoAYCl0tA1Hc72306qgUl9q1zLuwq3YtVyozvSV35hW5ElA6y3nSYqekm7LbMkHdJYWv/uooiQD1Guy26TEiUdWmGMLZGYwmdz9PllZ6VjaFxs7RFwx+WrCNNRvgaRHn9SmHOuy8jo0UhEIJ0BErPQxdQHwMMFMVhKUk7AhCz0UNJVfSJWuRQBXgU7A7zELa4KXrU75dXqtv+3vTGIAznAYOHzGsn4yWR+6+pnXicumWlizCHwo9UOeZAY4rCp14zvhs8ctRAMVbYS9uGHlRXqRLJfEvLaqacVjZzUV300UJFxjImylJ21ZC7gouYOwIx6Gy0UmPQVc61hJlclhpnOSW1Au1xedIxaZoaYubjoTqlve3OITA5ljDBwpjkIn+GJOoryspT6YI8NuhvANbt+9TnmvM0nGMm0/ubEma5RO96xfsbqsRbuR6+/xV/nArQqD3E1EMp7Oe5Pal/AanK2awrhK2cDJh9fTPwZdJDO2UqudA+RZ1f152dXTXtJciEwxJXduN5PE9s5YGy82XR/uIHrVWFWPkZwuWumEP2hAhtwxSwcOyJwE2gZfayFT80X+O+az9WLSs/6INVzZ/8IZjoYjzPAAiSQQerJ47IJXe9BOKKVeTKl2u03mhAtpxJ52sA2UU5EtsR+rv5/Ch0Uw9QN1Yf7466V3yf7eRQb6OnwovR8QCJ4ONuE870BK9MIZlDp4KtQgdpAwjnuD37QIE4aEkGbw8WDymVVAW9Oekhlc1Fke16d7nKqQm6Hff7QBf8yyT+WKvF6xPSX+d9MDeyR6IFvRHOYx4aTElf6RmWThfjGIOre9W8oUEYc4SHsoDL4ETLsT0nK5OveJCwvaQFaDEqtMUrBX/r4wT/1bXwo/gjVt6X1rYxEvBCnOLyLgTRkiYmDZi1HBesam+YJbW7kZKsJFiABddf5ITU3btY/tQe22QfPw49VnfZ3LqtMD38+mPOvrtxDc7041FLfrU1/GR/hRvJNimaeVrRgkStcAKc1Q9YMxE23DDiFUp848nP5pOmIlJ5NwnOMq6yaqQ0alifDeJcYW4FZslpc/2OnT6Z5i09CTMM2q2NzVbePHDMAMuxdyratRi4vY4ZKetex+U9FYw14bvUFjr7uCZnFN2rXpYQVtBeKf+YQPk0Ui8tuLwC2yAC6ht3jV257glcNZ6zP/ACGHS/YitiFusmn/SqjzmvlLuWWdup4ZIAs3mxKMyZYwAG7h6KWzioXd0XQwVMTiSXxFTcrvXGi7bF1uei+SYCj22Bv7P/jH/U/11UOH9jSeS/R2BQBLja8tMuaeEM54cIGjs9QG1zGlnXzSz3d0NGWQq0FUmkqYKJ3TZsjElMCMGCSqGSIb3DQEJFTEWBBRkdzR8WZ7swNdHlxsP+P8zndKFPDAxMCEwCQYFKw4DAhoFAAQUth8rm+kGFbZ1117si5WmQO1HIOEECNgX4/Mr4JXgAgIIAA==
31 | SSG_SSL_KEY_PASS: password
32 | links:
33 | - otk_mysqldb
34 |
--------------------------------------------------------------------------------
/get-started/get-further/demo-with-live-api-creator/apis-orchestration/recommendator.v2.json:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Customer Recommendator v2",
4 | "gatewayUri": "/v2/recommendator",
5 | "httpMethods": [
6 | "get",
7 | "put"
8 | ],
9 | "policy": [
10 | {
11 | "RequireOauth2Token": {
12 | "scope_required": "orders recommendation",
13 | "scope_fail": "false",
14 | "onetime": "false",
15 | "given_access_token": ""
16 | }
17 | },
18 | {
19 | "OAuth2JWTHeader": {}
20 | },
21 | {
22 | "custom_CircuitBreakerFailover": {
23 | "primaryRoute": "https://ssg:8443/v1/orders",
24 | "secondaryRoute": "https://ssg:8443/v1/recommendation",
25 | "failoverRoute": "https://ssg:8443/newyorktimes",
26 | "rule": {
27 | "orchestrator": [
28 | {
29 | "aggregator": [
30 | {
31 | "RouteHttp": {
32 | "targetUrl": "https://ssg:8443/v1/orders",
33 | "httpMethod": "GET",
34 | "parameters": [
35 | {
36 | "sysfilter": "equal(customerNumber:${request.http.parameters.customer})"
37 | },
38 | {
39 | "auth": "zFeg53T5ESosM2xqM86s:1"
40 | }
41 | ],
42 | "headers": [],
43 | "requestTransform": [],
44 | "responseTransform": []
45 | }
46 | }
47 | ]
48 | },
49 | {
50 | "orchestrator_transform": {
51 | "jolt": [
52 | {
53 | "operation": "shift",
54 | "spec": {
55 | "*": {
56 | "*": {
57 | "customerNumber": "customerNumber",
58 | "orders_ibfk_1_orders_List": {
59 | "*": {
60 | "orderdetails_ibfk_1_orderdetails_List": {
61 | "*": {
62 | "orderNumber": "product.[#1].orderNumber",
63 | "*": {
64 | "productCode": "product.[#2].code",
65 | "productName": "product.[#2].name"
66 | }
67 | }
68 | }
69 | }
70 | }
71 | }
72 | }
73 | }
74 | }
75 | ]
76 | }
77 | },
78 | {
79 | "aggregator": [
80 | {
81 | "RouteHttp": {
82 | "targetUrl": "https://ssg:8443/v1/recommendation",
83 | "httpMethod": "GET",
84 | "parameters": [
85 | {
86 | "productCodes": "@##@{orchestrator.intermediate.product[*].code}"
87 | },
88 | {
89 | "auth": "Y1tmNkYbxu5t93ixTCtJ:1"
90 | }
91 | ],
92 | "headers": [],
93 | "requestTransform": [],
94 | "responseTransform": []
95 | }
96 | }
97 | ]
98 | },
99 | {
100 | "result_transform": {
101 | "jolt": [
102 | {
103 | "operation": "shift",
104 | "spec": {
105 | "1": ""
106 | }
107 | }
108 | ]
109 | }
110 | }
111 | ]
112 | }
113 | }
114 | }
115 | ]
116 | }
117 | }
118 |
--------------------------------------------------------------------------------
/samples/APIs/Gatewayfile-with-frontoauth-orchestrator-oauth-route-with-params:
--------------------------------------------------------------------------------
1 | {
2 | "Service": {
3 | "name": "Headers-frontoauth-backoauth-with-params",
4 | "gatewayUri": "/user",
5 | "httpMethods": [ "get", "post", "put", "delete" ],
6 | "policy": [
7 |
8 | {
9 | "RequireOauth2Token": {
10 | "scope_required": "READ_HEADERS",
11 | "scope_fail": "false",
12 | "onetime": "false",
13 | "given_access_token": ""
14 | }
15 | },
16 |
17 | {
18 | "RouteOrchestrator": {
19 | "rule": {
20 | "orchestrator": [
21 | {
22 | "aggregator": [
23 | {
24 | "RouteHttp": {
25 | "targetUrl": "https://microgateway.mycompany.com:443/httpbin-oauth/post",
26 | "httpMethod": "POST",
27 | "parameters": [
28 | {
29 | "id": "${request.http.parameters.email}"
30 | }
31 | ],
32 | "headers": [
33 | {
34 | "Authorization": "Bearer ac3b9d27-a762-411e-bbef-67a5a7c4f5c5"
35 | }
36 | ],
37 | "requestTransform": [],
38 | "responseTransform": [
39 | {
40 | "jolt": [
41 | {
42 | "operation": "shift",
43 | "spec": {
44 | "args": {
45 | "id": "id"
46 | }
47 | }
48 | }
49 | ]
50 | }
51 | ]
52 | }
53 | }
54 | ]
55 | },
56 | {
57 | "aggregator": [
58 | {
59 | "RouteHttp": {
60 | "targetUrl": "https://microgateway.mycompany.com:443/httpbin-oauth/post",
61 | "httpMethod": "POST",
62 | "parameters": [
63 | {
64 | "email": "@##@{orchestrator.result.id}"
65 | }
66 | ],
67 | "headers": [
68 | {
69 | "Content-Type": "application/json"
70 | }
71 | ],
72 | "requestTransform": [],
73 | "responseTransform": []
74 | }
75 | }
76 | ]
77 | }
78 | ]
79 | }
80 | }
81 | }
82 | ]
83 | }
84 | }
85 |
86 |
--------------------------------------------------------------------------------
/samples/platforms/kubernetes/db-consul.yml:
--------------------------------------------------------------------------------
1 | ---
2 | # CA Microgateway Consul configuration
3 | apiVersion: v1
4 | kind: ConfigMap
5 | metadata:
6 | name: microgateway-quickstartconfig
7 | annotations:
8 | description: Quickstart Related Parameters
9 | data:
10 | QUICKSTART_REST_MODE: "true"
11 | QUICKSTART_REPOSITORY_TYPE: "consul"
12 | QUICKSTART_REPOSITORY_CONSUL_HOST: "microgateway-db-svc"
13 | QUICKSTART_REPOSITORY_CONSUL_PORT: "8500"
14 | QUICKSTART_REPOSITORY_CONSUL_PROTOCOL: "http"
15 | # QUICKSTART_REPOSITORY_CONSUL_ACL_TOKEN:
16 | # cert for https mode (uncomment)
17 | #QUICKSTART_REPOSITORY_CONSUL_CERT:
18 | #QUICKSTART_REPOSITORY_CONSUL_CERT_TRUSTED_FOR_SSL: "true"
19 | #QUICKSTART_REPOSITORY_CONSUL_CERT_TRUST_ANCHOR: "true"
20 | #QUICKSTART_REPOSITORY_CONSUL_CERT_VERIFY_HOSTNAME: "false"
21 | ---
22 | apiVersion: v1
23 | kind: ConfigMap
24 | metadata:
25 | name: consul-server-config
26 | data:
27 | consulserver.json: |
28 | {
29 | "bootstrap": true,
30 | "bind_addr": "0.0.0.0",
31 | "client_addr": "0.0.0.0",
32 | "server": true,
33 | "datacenter": "yvr",
34 | "data_dir": "/consul/data",
35 | "log_level": "INFO"
36 | }
37 |
38 | ---
39 | apiVersion: v1
40 | kind: ConfigMap
41 | metadata:
42 | name: consul-pk
43 | data:
44 | consul.key: |
45 |
46 | ---
47 | apiVersion: v1
48 | kind: ConfigMap
49 | metadata:
50 | name: consul-cert
51 | data:
52 | consul.crt: |
53 |
54 | ---
55 | apiVersion: v1
56 | kind: ConfigMap
57 | metadata:
58 | name: consul-bundle
59 | data:
60 | consul-bundle.crt: |
61 |
62 | ---
63 | apiVersion: v1
64 | kind: Service
65 | metadata:
66 | labels:
67 | name: consul-svc
68 | service: consul
69 | name: microgateway-db-svc
70 | annotations:
71 | description: "The Consul server node service"
72 | spec:
73 | selector:
74 | app: consul-dc
75 | type: ClusterIP
76 | ports:
77 | - port: 8500
78 | targetPort: 8500
79 | protocol: TCP
80 | name: consul-rest-http-port
81 | - port: 8501
82 | targetPort: 8501
83 | protocol: TCP
84 | name: consul-rest-https-port
85 | - port: 8400
86 | targetPort: 8400
87 | protocol: TCP
88 | name: consul-rpc-port
89 | - port: 8300
90 | targetPort: 8300
91 | protocol: TCP
92 | name: consul-broadcast-tcp-port-1
93 | - port: 8300
94 | targetPort: 8300
95 | protocol: UDP
96 | name: consul-broadcast-udp-port-1
97 | - port: 8301
98 | targetPort: 8301
99 | protocol: TCP
100 | name: consul-broadcast-tcp-port-2
101 | - port: 8301
102 | targetPort: 8301
103 | protocol: UDP
104 | name: consul-broadcast-udp-port-2
105 |
106 | ---
107 | apiVersion: extensions/v1beta1
108 | kind: Deployment
109 | metadata:
110 | name: consul-dc
111 | labels:
112 | app: consul-server
113 | spec:
114 | replicas: 1
115 | template:
116 | metadata:
117 | labels:
118 | app: consul-dc
119 | spec:
120 | containers:
121 | - name: consul-server-container
122 | image: docker.io/consul:0.9.2
123 | imagePullPolicy: IfNotPresent
124 | args:
125 | - agent
126 | - -config-file=/consul/config/consulserver.json
127 | command:
128 | - consul
129 | env:
130 | - name: CONSUL_CLIENT_INTERFACE
131 | value: "eth0"
132 | - name: CONSUL_BIND_INTERFACE
133 | value: "eth0"
134 | ports:
135 | - containerPort: 8300
136 | protocol: TCP
137 | - containerPort: 8301
138 | protocol: TCP
139 | - containerPort: 8301
140 | protocol: UDP
141 | - containerPort: 8302
142 | protocol: TCP
143 | - containerPort: 8302
144 | protocol: UDP
145 | - containerPort: 8500
146 | protocol: TCP
147 | resources: {}
148 | terminationMessagePath: /dev/termination-log
149 | volumeMounts:
150 | - mountPath: /consul/data
151 | name: consul
152 | - mountPath: /consul/config/consulserver.json
153 | name: consul-server-config
154 | subPath: consulserver.json
155 | restartPolicy: Always
156 | terminationGracePeriodSeconds: 60
157 | securityContext: {}
158 | volumes:
159 | - name: consul
160 | emptyDir: {}
161 | - name: consul-server-config
162 | configMap:
163 | name: consul-server-config
164 |
--------------------------------------------------------------------------------
/get-started/external/otk/docker-compose.yml:
--------------------------------------------------------------------------------
1 | #
2 | # Copyright (c) 2017 CA. All rights reserved.
3 | #
4 | # This software may be modified and distributed under the terms
5 | # of the MIT license. See the LICENSE file for details.
6 | #
7 | version: '3'
8 | services:
9 | otk_cassandra:
10 | build:
11 | context: .
12 | dockerfile: Dockerfile.cassandra
13 | deploy:
14 | resources:
15 | limits:
16 | memory: 512m
17 | environment:
18 | - OTK_KEYSPACE=otk_db
19 | command:
20 | bash /get_started/setupSchemas.sh
21 | volumes:
22 | - cassandra-otk:/var/lib/cassandra:rw
23 |
24 | expose:
25 | - "9042"
26 |
27 | otk:
28 | build:
29 | context: .
30 | dockerfile: Dockerfile.otk
31 | hostname: otk
32 | ports:
33 | - "8443:8443"
34 | env_file:
35 | - ./config/license.env
36 | - ./config/otk.env
37 | - ./config/otk-db.env
38 | - ./config/otk-hostname.env
39 | environment:
40 | SSG_ADMIN_USERNAME: "admin"
41 | SSG_ADMIN_PASSWORD: "password"
42 | # P12 archive containing the TLS private key and certificate of otk and signed by the root CA certificate "Microgateway Test Root CA"
43 | SSG_SSL_KEY: MIIJyQIBAzCCCY8GCSqGSIb3DQEHAaCCCYAEggl8MIIJeDCCBC8GCSqGSIb3DQEHBqCCBCAwggQcAgEAMIIEFQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIeAiQk3vaZmACAggAgIID6GCvpa/ulLKMXd0qjAnu5u5vhYzQYQ+QhZ3muvR6L5aKlsCw6xe1NWob16XLEyv/YzYZ/qJthqUdeP8D1drUoAuuTYWpIN8vodEEdFrW+6oA3jqtNo8LQYY7bEtz4iSim2tHt2VuDY+DdjSngSZ7ZzOF+R+s88xgYpkV3znTSUXuv3kO+BwWd9AC8J+pd3Yn17ynoq4qmY8dFYJnQZiAxiK7OriQuo524pMxCgpVLlu5nr3L4A1QMiH8CsGQjleFa+9lLYuuYDOgY7mGdllCRKpyVvrLrJiaH3DrnGkKJyDX1CtNGwHrOHRMmxOL/Xk6ZT84W2q8KSDbWnxdS3K5g8VqjqgY0VxOz4WdCMR012ytv+7TS/nGhC54RaWjY4BYmCyul3aVBnRTGfXBztGGdkAWTJHGQI1mxYMkBT0igmfzFEswQ1dILFMH2ZZBU0TXGXxN4nolcwm7Qqpf0bTQ9+4cLbkx9Mni0B4GLGdPTiVA7uaOyCq60av+KMeXU9L7tPxVFUUMxbt3xokr4EnpbkLrSFLf6UQbPUe2/LJOgh1pWJA78TEdHyOZxwIg9BvcPmlcWIC45IZsvhQ+616fiUNylR26MJ8QJl7T3UoMK+A53ANKyh5m0agrUzHnblz1dYeejESs0czA4Z5/xjEUNl1KPxj3cv8Luvrqu34TmjtWVXItf4WkIBRgIkuedDXOFMV2oCY2eruieFUdub94zqdcDIj0TbCQYFp4sKWKEKMnMRtkCmdCXVFQEOMj50GLhM93n1NxXXZZe9Wz9cQ/kIozZxlEQehyMHiLHoUD7q4pw2d4EeR3M7RS526xSsoB6A39bM9ZyHYyw5x0tQ12lsjzLJl2dJ+0s9qO0gzIqSIn2tKewZ8OCb6HjfP965LWSiDnIPOJrUqxsd9ln6puwiTbBkLcLNTkS/lfhTi8RdEimMcSkKuMH5D+YwfxIq7MFcyOyDsmBp9bUniamisZBMpp1xipILfM6F+lEzAd5a70baCxnAtkdXwxKyjn7r0PfPbVjnIYvFjZV4VCNL2/rUnCNzIA3bprIdbknuTm7CPhnWCrIWKKV8vtSFi+W2OAkOsyIsfKnPTagllI1sWKdPt+TSNgYbRC06Kp9C7qzgpvdAWSAsYF+vBadMjL96R3r/MSG9qOvjK+ow63bsRxdPO4MikNoITXrJ4eK85j33xRshHuiVbgn/pfOwpFOPww0+/U0W/FenRmbxOjinK5nylZNSm3M0qw9ETtMeSzRxHvAx4b7dA8EhKw+lEbVZCoQWmn1cxtjPzDX1WnSalRlq2rcfAzCsBwUscIvZcrnmoplAY9eWEPcrcwggVBBgkqhkiG9w0BBwGgggUyBIIFLjCCBSowggUmBgsqhkiG9w0BDAoBAqCCBO4wggTqMBwGCiqGSIb3DQEMAQMwDgQITEWGPVm7E1MCAggABIIEyM3WpLaV/7Abgr6H5voTCi2ahNZCGOMCaNeFL1elTYv+v6AkDM+sGdS3ehRZj7IQceTrqDPL5mfSJahfd6NBHqQ5TYI2XIyoa9WdhnhE0zSkJfHewiPctPvicfHHCa/eNYLuSp6F1EH8bQ6U54lMJATw+636Nz5gzPTzF5MBUHT+ej53OgZIe5LZYvbxelMy0J4+lEM0linfIELqbDlpYJB7hVUGlMjEIxfhMterrX7k76BhSG3jXX8ENi7D2NVUWAy06HxutX8Jhm93j1hz24RCzz4aQE2cOeiyUkwYKYOj0FtQADhDLBJKoizaCCKT8kRdh4+4dZK9UZ1sTR+XJk8Y2b5NwXq6Bj1CuIYjtI8rhIXdS05FxUitBbujuTSazSTgq+OVi3vf83xqA/0NFMKOB/Knoe8oR9r+4Dsu3JUp3N05LOKBYudf7jYtPRwWUL8FoSWm3aOUdthOpcIvFeUx0XASMfNitZzZf2qyfhZz41CCz5bH3kdpkTRzVvtxelg6KdeDtJmgsHEjeet+CFYQm16WJ0IOB6fIh9IeNPHoLsGbbahAw4tcz31QKJfd4T2agBRoZs/gBQbaJ+FX6XdbdS1BogSVXNo1JV+SWskLY32AH2DmM9eUxE46U9g9j7DIQVsgBWXSlJ1f1XgZl+nnDcD654ykLcWbqBUZKPO7OeYsTnMbfn0s7d7bAw1Rrsf1qxXJJibrin1prvQi7TzzMfP/K4X14hP2hjYzhJ1KfzrCNbOvvFgpF98jk/btn5KcL2fIAbAPhPEt13Qwvw8+bjIPVCbB/xYrlUYoWJ57WnIcbsPzQCg0+tC4NMLwZnTIT6E1TClNEOm5rhuly6ncFWzEbJAbsOP7nOLZVMfp0HHub+azNkm1omdHRLvLoaup/IqcB6QReGaKnbRo8XTPCqp9oI38JExW9Ni9tzC/jAXWcafcZPr/uzLmqq2j8iAjlkou4BiIxEofR5pGhH0Rvbb/k8okwqr3H9SDDP81a9+zJViswNb8cbsEqOEbhynOUGibYoppGvGd68prKmrvrmZWB+tpFD51+AXgP8qzXYhhOf6b4W106ZpTx7yh1qtjDPMenF9nmeV1zP5GlRwNb3XyF5C716OHFmKyrftOip3oZ0ztPx/9JbcZ5KeP7Gz5rL6DklEZP1BaMOi0RaeXmZ8Gl50vMC8P980mqocUM5lTYfh/P8vJIS7Q9Cse86cEKmlQO1Mv8qAEl5H9fZv/AqJtoHZ+qYOpn/jvO0j/Mz7frphJl2poYYZ7Yd0yPKqNpItN7LEPwXImCMqucFW/el2ad/6G45vwn8nBS7f+ZtFZMHTzQS3iE6NSfRcgxbSck1BcGR6Y1+8FDZTKCgBgx4Gb2PdBvlfPv3BRcqpfFOXmtJTMk8byQcyCv+bROLUSGaVKlmdclKhnJKqTCwlpzmVa8zM8Q348frXB7XNFaSKgB97xqA3SB3Y+J/T1u19ARKfWuDW9SKiRT8xqnOrVk5KAlSdTBlDp39aug5i2qxCXnLQ/O782mA6oeiBUMQ4avlVFlOlYs/T+bPdbyVY4jOu14Uw2iCNhlHsLk7W65OgxrH/rqU9VSSTRhFnqx4gNvCexJquzZfDHiRALL6GQkkfnjEWj7DElMCMGCSqGSIb3DQEJFTEWBBS7j7EYZNZaU5EQ4xlwD9kTAzQioTAxMCEwCQYFKw4DAhoFAAQUdTwAGz8voiBCftFRS3m6hbslR30ECDhljpQNujQiAgIIAA==
44 | SSG_SSL_KEY_PASS: password
45 | links:
46 | - otk_cassandra
47 |
48 | volumes:
49 | cassandra-otk:
50 |
--------------------------------------------------------------------------------
/get-started/external/mag/customize/bundle/after-start/README.md:
--------------------------------------------------------------------------------
1 | #### Generate a private key
2 |
3 | The XML file `ca_msso_key.xml` must have the following struct:
4 |
5 | ```
6 |
7 | CN=ca_msso
8 |
9 |
10 | 2048
11 |
12 |
13 | 1825
14 |
15 |
16 | true
17 |
18 |
19 | ```
20 |
21 | #### Import a private key
22 |
23 | The XML file `ca_msso_key.xml` must have the following struct:
24 |
25 | ```
26 |
27 | MIIK4QIBAzCCCqcGCSqGSIb3DQEHAaCCCpgEggqUMIIKkDCCBUcGCSqGSIb3DQEHBqCCBTgwggU0AgEAMIIFLQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIRqNPAHzoSxwCAggAgIIFAIbeQT5657oJIxUiuk/g8B5WutgBUgcuW58ODy6PXUK6I7W024TgsfxQ/o4WOWIl6djZBU5Xsyp5u/7pgzQ21nYn8qoZzRXewkLKYQ3rQxhDzgk8F918X1zUGDyNHeI5ANhmKVv83spz41PAc7jeSgnpTBc4DvpBkXClle9Ju2gnktx4Ab79xB+YnaPOaEzPLdOvNcboVdv8MS2BoL0x1p/FGogWPGQmqecV3ekix4HjHdlqonO7UN/4oHuaZZ6l9RBrl9wmWOtpuUPUTsYlrVc1G2XtrPoljZWqSU2CdCFAr1YVOeUOYRXtGF6xsFVtOUw506lpck4O9Po++MZorXv94i/YGYKSWsI5JUpwAYu54lEyoXsIRdpn5u+xNy3jgpxtILvpelZFWFOV0btKxLcqVNOTewVSL0k4/VbZsTaXvIXjuGGgBNAGb/RWU5WQO6C/VLUZ2FDKOIYDPN0wCFdMAQj3I4i8YGxRaLVs95uZLfb4JO+Dfcq5eR0InXtIJUTcu8G+Xz2u4cC8VazzRFjrcydEDYfeVVa9RqmhjFSTp89QbUBl+FVtzbIteC/HmZvAeybMxqAUeEkI8BOQABbnnOMqgz29EziUY35kTa/Twwl0uS81y6Kl+HIriYo3GkMsoSyuNh6Mkk/oJXQ9TqEUYB0YCetv8S51JkHgPL/+4HwWhqV0pWVE4zMBtUwR0BVk4yBsqYEd7pwJeoTDj2wjvkqVe9OfvtY1dJ+6IlaAu+ql1OA5GM8tJnpaEGa3h4go+j35TC7DhlIOkOjBSEhxVKyiMjgjvnMPDQ+2jMlbcNSY2qc58q7QiqBfc25xou4LGripgxDfSQ22xV56CmGAD39O5RPEKzW1jNH94DTO1G4Uig3cD3Nh4VlLdVYJDHZw56QVStG/f/RURVcq46dJEQnFi7CCul7adwvKoJVxoTPEQufOcLBJzz09T8O+MvWm5blXmFGqhRLYRXYYGhqpL4wBOqKzxZQlgArofcK2v738eBKRQRK2vgyitFe6Ct+lPbhmHXH52mPThu3eBcjfFmifbdqa8XMN/+Sca9NuhoO0YTA/cLw+ZABynTna2coU0ABdAcsPx9q9llm416IdZ1+h2oCUehRuIpJ+Zo2dydwED04GPoVax9hmNmHRA8aiz1j0fmFi09bTMtYgR6WpV0hgGPZc9aKfffuEFKEu/SW2221wTUsflqrxV5KMwkPhwjm46U7JKzFZ0MYQt3PtYRU8EKT64m2nKp+WvRn9jdR7HBmBJh5YvvJydIIKUAXgOzsK4iZRvked3XVOUQpPJ8bTehqQgNCkBFSSNHrKnaFzZxBS1/JkC33riXXHBTX+2s/LlZzvjWk/k+LmQQapDtQSE35h/uxgZxDt8WFeNa0dN/K5V88xveXUcfxSOS6ETCzhO8RMgOshmivHkdhai5KU4vai9fUoev5IRR94oCiu44bCxyLAxyTMfNVj5/t8bz/Mx+GAEQhqpIjJohua8NJrMZTi5m0OHxYbv29VQ2qQ2cWX6YAQiNWRwEiV/qqhqSD6lyA2RRV+BC3cYXVrVeXPcX9Pl27EUZ2LMyONZvljylm4NmuHU1TtJz7PrtobOHnyoTeIH/eQDxt59gDr/3U4fXDYpjZDf8usK+wPdBeN7Vmc51LzDkEL218upEbgwsUBPE1n0ZbhiMl6b+iiAQ0y2nqr/+xLznsiXiV8MIIFQQYJKoZIhvcNAQcBoIIFMgSCBS4wggUqMIIFJgYLKoZIhvcNAQwKAQKgggTuMIIE6jAcBgoqhkiG9w0BDAEDMA4ECFebRJU9nW1OAgIIAASCBMizSqDqjq1S4riSeenGnqcafFnfgfBJvkbd7R23eORe7nY/yKW63xCRfdcLZsFwkQnVDZcpDUovWCfej6qoW8JgSKwQofvFzp7+6DBm2IsDo1U9bJ6oYfpl+NZglFT0BYCrHXpePkdjJscaop9fYKJBYeOeOgosGdvaEuAaJ/4WHqYQVHfCg9gih12VnJkxw6nLhhmUrP3UGPLAH46+ORGNSbRNCMZD1stN5NWDGbWWx7KG/IuMNgKP3YkT45M2NoeCIsUH6pT4WBPT8f4bgp4G5ODKl1ZMsXIQqlAQ6/UKWmPfGbFCsNQPAhU9Cm14HQwHUaoscMr4xTu6QF6JLxCG4VRuIL6UpP/uPK2Lt09XLF/5c2rsXaAe6x2ZjGcWso+HKC8kHoHZZ/wLHoZrEBEgAHFM9Y6h9UXXMeSXUdjSUbGUdd1hu5GyI7m/dFIyP93uzceMOxL6pASvymiFGt0gazPp6tE8lFdEDyR8PklSNW9HD+bfa0HS/+6E81VTPmCZl/sJIwvrCmwfJRafdt9nt45HzFJyimTBqOYJVmBXef9jCUGsBuYrRhQKUavO2F/VDEPwcAgQCw5nud7DnMLeBnNMHHGE6V/SFoy+HM+1GwPoROGcPv8wbjPNY9mc9V4SAzCUjqA3oh3j6wckcyC3+KnQB3W9ALS7/jTobuvUs7nE9p53m63Q8hTwZ/+Uf5HgXBdzH+wwdszX/ZWCb6/j1sQZ4aZMMPLSHfNfDJv4UI8XC51EIaILDZC/4TVn+nI6WVVCDtY8N03wrbo+hPbVg9r9/J2tTIsMh9ijaoURJUPZzBmcgoyN7FrbpMI10d2jUSM5bIsQN+yBbNOAyWHmNnRs51syzRafDgBuWGxHaRrhW/iRJPuAlLKXmP+7/PNjCzeMH3OVvuLFgv9Xh9553XxhMtUQjZ/SQioOhIMkExSbdPcbAALZhx48wF8eM7jMbKpuT4LTMQsVmsO/obWSkHjl4Nf0Lu0aUnuxIS9jV/VRO146UwNqEGy09b8Q97WpRayaVy9Vc0immf4TvqAJwKtYFi7iKtZk67br/7mGwVIZPiZ9SNtjqK9Y6gYCm2Qx1MdKJYJbbYr9a2Cx2wF+Uu4KBIM13KCCBWfdv9MYj1+y+UIC3Yvvx2QLoFAYjFudTI5z+HmUA4yLt3MNfVB8Hbu/5xI/yJL6Mrm83jtFUnd39KPDxXGUi5jMt8TfCh/Lc5QI19m+0q0Vs5zqn04uIo0vkglJaFMBjFwo3mpaqj6g/4C3szokT1yL2sKAWgkDUk7qr+GrbaieMGkXuVdDZTgSi3I/wNvI1aMzVDemN+rKsrDLtuiSMjxUDevqgZ60Uul1YQ0qqDqJ0cqUQvBCGTeyr9lAflnNUmeMm2jSPwfuMvjWq42enhGkwCfQPGI3q1DU5QbEi7mDM/Du22chhDKX7Nb8xIyyM9XzAp7PEguZgdvPjudlscMdRdHfj+F2+oqdb6QPNLeIHGmJLXdY9jJ19ZSNlqK1/wkvR9hW5c6RUQA9nKjAbhUMQf30kFXQNJzbSF/WFTf+ILEPloErBD6oGy+ZncpXcXLuA/BdeFoB36aR/2+A3yH27xEbdZ8/DTxAz11yjwobHgyrChnb+Wfje+gJAAAxJTAjBgkqhkiG9w0BCRUxFgQUyerX5qjmNsZX5DikLU9eGm8mpGgwMTAhMAkGBSsOAwIaBQAEFBi9QNLCU+ASveN+nUA4eXshhk3rBAjSkBc6+GziEQICCAA=
28 |
29 |
30 | ```
31 |
--------------------------------------------------------------------------------
/get-started/external/otk/customize/bundle/after-start/README.md:
--------------------------------------------------------------------------------
1 | #### Generate a private key
2 |
3 | The XML file `ca_msso_key.xml` must have the following struct:
4 |
5 | ```
6 |
7 | CN=ca_msso
8 |
9 |
10 | 2048
11 |
12 |
13 | 1825
14 |
15 |
16 | true
17 |
18 |
19 | ```
20 |
21 | #### Import a private key
22 |
23 | The XML file `ca_msso_key.xml` must have the following struct:
24 |
25 | ```
26 |
27 | MIIK4QIBAzCCCqcGCSqGSIb3DQEHAaCCCpgEggqUMIIKkDCCBUcGCSqGSIb3DQEHBqCCBTgwggU0AgEAMIIFLQYJKoZIhvcNAQcBMBwGCiqGSIb3DQEMAQYwDgQIRqNPAHzoSxwCAggAgIIFAIbeQT5657oJIxUiuk/g8B5WutgBUgcuW58ODy6PXUK6I7W024TgsfxQ/o4WOWIl6djZBU5Xsyp5u/7pgzQ21nYn8qoZzRXewkLKYQ3rQxhDzgk8F918X1zUGDyNHeI5ANhmKVv83spz41PAc7jeSgnpTBc4DvpBkXClle9Ju2gnktx4Ab79xB+YnaPOaEzPLdOvNcboVdv8MS2BoL0x1p/FGogWPGQmqecV3ekix4HjHdlqonO7UN/4oHuaZZ6l9RBrl9wmWOtpuUPUTsYlrVc1G2XtrPoljZWqSU2CdCFAr1YVOeUOYRXtGF6xsFVtOUw506lpck4O9Po++MZorXv94i/YGYKSWsI5JUpwAYu54lEyoXsIRdpn5u+xNy3jgpxtILvpelZFWFOV0btKxLcqVNOTewVSL0k4/VbZsTaXvIXjuGGgBNAGb/RWU5WQO6C/VLUZ2FDKOIYDPN0wCFdMAQj3I4i8YGxRaLVs95uZLfb4JO+Dfcq5eR0InXtIJUTcu8G+Xz2u4cC8VazzRFjrcydEDYfeVVa9RqmhjFSTp89QbUBl+FVtzbIteC/HmZvAeybMxqAUeEkI8BOQABbnnOMqgz29EziUY35kTa/Twwl0uS81y6Kl+HIriYo3GkMsoSyuNh6Mkk/oJXQ9TqEUYB0YCetv8S51JkHgPL/+4HwWhqV0pWVE4zMBtUwR0BVk4yBsqYEd7pwJeoTDj2wjvkqVe9OfvtY1dJ+6IlaAu+ql1OA5GM8tJnpaEGa3h4go+j35TC7DhlIOkOjBSEhxVKyiMjgjvnMPDQ+2jMlbcNSY2qc58q7QiqBfc25xou4LGripgxDfSQ22xV56CmGAD39O5RPEKzW1jNH94DTO1G4Uig3cD3Nh4VlLdVYJDHZw56QVStG/f/RURVcq46dJEQnFi7CCul7adwvKoJVxoTPEQufOcLBJzz09T8O+MvWm5blXmFGqhRLYRXYYGhqpL4wBOqKzxZQlgArofcK2v738eBKRQRK2vgyitFe6Ct+lPbhmHXH52mPThu3eBcjfFmifbdqa8XMN/+Sca9NuhoO0YTA/cLw+ZABynTna2coU0ABdAcsPx9q9llm416IdZ1+h2oCUehRuIpJ+Zo2dydwED04GPoVax9hmNmHRA8aiz1j0fmFi09bTMtYgR6WpV0hgGPZc9aKfffuEFKEu/SW2221wTUsflqrxV5KMwkPhwjm46U7JKzFZ0MYQt3PtYRU8EKT64m2nKp+WvRn9jdR7HBmBJh5YvvJydIIKUAXgOzsK4iZRvked3XVOUQpPJ8bTehqQgNCkBFSSNHrKnaFzZxBS1/JkC33riXXHBTX+2s/LlZzvjWk/k+LmQQapDtQSE35h/uxgZxDt8WFeNa0dN/K5V88xveXUcfxSOS6ETCzhO8RMgOshmivHkdhai5KU4vai9fUoev5IRR94oCiu44bCxyLAxyTMfNVj5/t8bz/Mx+GAEQhqpIjJohua8NJrMZTi5m0OHxYbv29VQ2qQ2cWX6YAQiNWRwEiV/qqhqSD6lyA2RRV+BC3cYXVrVeXPcX9Pl27EUZ2LMyONZvljylm4NmuHU1TtJz7PrtobOHnyoTeIH/eQDxt59gDr/3U4fXDYpjZDf8usK+wPdBeN7Vmc51LzDkEL218upEbgwsUBPE1n0ZbhiMl6b+iiAQ0y2nqr/+xLznsiXiV8MIIFQQYJKoZIhvcNAQcBoIIFMgSCBS4wggUqMIIFJgYLKoZIhvcNAQwKAQKgggTuMIIE6jAcBgoqhkiG9w0BDAEDMA4ECFebRJU9nW1OAgIIAASCBMizSqDqjq1S4riSeenGnqcafFnfgfBJvkbd7R23eORe7nY/yKW63xCRfdcLZsFwkQnVDZcpDUovWCfej6qoW8JgSKwQofvFzp7+6DBm2IsDo1U9bJ6oYfpl+NZglFT0BYCrHXpePkdjJscaop9fYKJBYeOeOgosGdvaEuAaJ/4WHqYQVHfCg9gih12VnJkxw6nLhhmUrP3UGPLAH46+ORGNSbRNCMZD1stN5NWDGbWWx7KG/IuMNgKP3YkT45M2NoeCIsUH6pT4WBPT8f4bgp4G5ODKl1ZMsXIQqlAQ6/UKWmPfGbFCsNQPAhU9Cm14HQwHUaoscMr4xTu6QF6JLxCG4VRuIL6UpP/uPK2Lt09XLF/5c2rsXaAe6x2ZjGcWso+HKC8kHoHZZ/wLHoZrEBEgAHFM9Y6h9UXXMeSXUdjSUbGUdd1hu5GyI7m/dFIyP93uzceMOxL6pASvymiFGt0gazPp6tE8lFdEDyR8PklSNW9HD+bfa0HS/+6E81VTPmCZl/sJIwvrCmwfJRafdt9nt45HzFJyimTBqOYJVmBXef9jCUGsBuYrRhQKUavO2F/VDEPwcAgQCw5nud7DnMLeBnNMHHGE6V/SFoy+HM+1GwPoROGcPv8wbjPNY9mc9V4SAzCUjqA3oh3j6wckcyC3+KnQB3W9ALS7/jTobuvUs7nE9p53m63Q8hTwZ/+Uf5HgXBdzH+wwdszX/ZWCb6/j1sQZ4aZMMPLSHfNfDJv4UI8XC51EIaILDZC/4TVn+nI6WVVCDtY8N03wrbo+hPbVg9r9/J2tTIsMh9ijaoURJUPZzBmcgoyN7FrbpMI10d2jUSM5bIsQN+yBbNOAyWHmNnRs51syzRafDgBuWGxHaRrhW/iRJPuAlLKXmP+7/PNjCzeMH3OVvuLFgv9Xh9553XxhMtUQjZ/SQioOhIMkExSbdPcbAALZhx48wF8eM7jMbKpuT4LTMQsVmsO/obWSkHjl4Nf0Lu0aUnuxIS9jV/VRO146UwNqEGy09b8Q97WpRayaVy9Vc0immf4TvqAJwKtYFi7iKtZk67br/7mGwVIZPiZ9SNtjqK9Y6gYCm2Qx1MdKJYJbbYr9a2Cx2wF+Uu4KBIM13KCCBWfdv9MYj1+y+UIC3Yvvx2QLoFAYjFudTI5z+HmUA4yLt3MNfVB8Hbu/5xI/yJL6Mrm83jtFUnd39KPDxXGUi5jMt8TfCh/Lc5QI19m+0q0Vs5zqn04uIo0vkglJaFMBjFwo3mpaqj6g/4C3szokT1yL2sKAWgkDUk7qr+GrbaieMGkXuVdDZTgSi3I/wNvI1aMzVDemN+rKsrDLtuiSMjxUDevqgZ60Uul1YQ0qqDqJ0cqUQvBCGTeyr9lAflnNUmeMm2jSPwfuMvjWq42enhGkwCfQPGI3q1DU5QbEi7mDM/Du22chhDKX7Nb8xIyyM9XzAp7PEguZgdvPjudlscMdRdHfj+F2+oqdb6QPNLeIHGmJLXdY9jJ19ZSNlqK1/wkvR9hW5c6RUQA9nKjAbhUMQf30kFXQNJzbSF/WFTf+ILEPloErBD6oGy+ZncpXcXLuA/BdeFoB36aR/2+A3yH27xEbdZ8/DTxAz11yjwobHgyrChnb+Wfje+gJAAAxJTAjBgkqhkiG9w0BCRUxFgQUyerX5qjmNsZX5DikLU9eGm8mpGgwMTAhMAkGBSsOAwIaBQAEFBi9QNLCU+ASveN+nUA4eXshhk3rBAjSkBc6+GziEQICCAA=
28 |
29 |
30 | ```
31 |
--------------------------------------------------------------------------------