{"id":50606,"date":"2023-03-01T06:15:24","date_gmt":"2023-12-31T03:43:55","guid":{"rendered":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/"},"modified":"2024-04-29T16:49:37","modified_gmt":"2024-04-29T08:49:37","slug":"%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88","status":"publish","type":"post","link":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/","title":{"rendered":"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee – API\u5bc6\u94a5\u548cACL\u7248"},"content":{"rendered":"

\u9996\u5148<\/h1>\n

\u6211\u5011\u5c07\u4f7f\u7528\u958b\u6e90API\u7db2\u95dcKong\u4f86\u4ecb\u7d39\u8de8\u591a\u7bc7\u6587\u7ae0\u8a0e\u8ad6API\u5b58\u53d6\u63a7\u5236\u7684\u65b9\u6cd5\u3002<\/p>\n

\u5728Kong\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7\u63d2\u4ef6\u5f62\u5f0f\u4e3a\u521b\u5efa\u7684API\u6dfb\u52a0\u5404\u79cd\u529f\u80fd\uff08\u5982\u65e5\u5fd7\u8bb0\u5f55\u3001\u6d41\u91cf\u63a7\u5236\u7b49\uff09\u3002\u6211\u4eec\u8981\u4ecb\u7ecd\u7684\u8bbf\u95ee\u63a7\u5236\u673a\u5236\u4e5f\u662f\u4ee5\u63d2\u4ef6\u5f62\u5f0f\u63d0\u4f9b\u7684\uff0c\u6839\u636ePlugins\u9875\u9762\u4e0a\u7684\u4ecb\u7ecd\uff0c\u53ef\u4ee5\u5bf9API\u5e94\u7528\u5404\u79cd\u8bbf\u95ee\u63a7\u5236\uff08OpenID Connect RP\u548cOAuth2.0 Introspection\u7b49\u67d0\u4e9b\u63d2\u4ef6\u4ec5\u63d0\u4f9b\u6536\u8d39\u7248\uff08\u4f01\u4e1a\u7248\uff09\uff09\u3002<\/p>\n

\u8fd9\u6837\u4e00\u6765\uff0c\u4ee5\u524d\u5728\u6bcf\u4e2a\u8d44\u6e90\u4e0a\u90fd\u8981\u5b9e\u73b0\u8bbf\u95ee\u63a7\u5236\uff08\u8ba4\u8bc1\u548c\u6388\u6743\uff09\u3001\u6d41\u91cf\u63a7\u5236\u3001\u65e5\u5fd7\u8bb0\u5f55\u7b49\u529f\u80fd\uff0c\u73b0\u5728\u53ef\u4ee5\u901a\u8fc7API\u7f51\u5173\uff08Kong\uff09\u8fdb\u884c\u7edf\u4e00\u7ba1\u7406\uff08\u4e0d\u9700\u8981\u5728\u6bcf\u4e2a\u8d44\u6e90\u4e0a\u5b9e\u73b0OAuth2\u548c\u6d41\u91cf\u63a7\u5236\u7b49\u673a\u5236\uff09\u3002Kong\u7684\u5b98\u65b9\u7f51\u7ad9\u4e0a\u4e5f\u4ecb\u7ecd\u4e86\u8fd9\u4e9b\u4f18\u70b9\u3002<\/p>\n

\"kong-arc_mod.png\"<\/div>\n

\u672c\u6587\u4ecb\u7ecd\u4e86\u4e00\u79cd\u5728Kong\u4e2d\u8fdb\u884c\u8bbf\u95ee\u63a7\u5236\u5b9e\u8df5\u7684\u7b2c\u4e00\u6b65\uff0c\u5373\u7ed3\u5408Key\u8ba4\u8bc1\u63d2\u4ef6\u548cACL\u63d2\u4ef6\u5bf9API\u5b9e\u65bd\u8bbf\u95ee\u63a7\u5236\u7684\u65b9\u6cd5\u3002<\/p>\n

\u8fd9\u4e2a\u914d\u7f6e\u5728\u672c\u6587\u4e2d\u5b9e\u73b0\u3002<\/h1>\n
\"kong-keyauth-1.png\"<\/div>\n

\u6b64\u5916\uff0c\u5f53\u8c03\u7528API\u65f6\uff0c\u6211\u4eec\u51b3\u5b9a\u4f7f\u7528httpbin.org\/anything\u4f5c\u4e3a\u8d44\u6e90\u670d\u52a1\u5668\u6765\u8fd4\u56de\u8bf7\u6c42\u4fe1\u606f\uff08\u8fd9\u4e2a\u7f51\u7ad9\u975e\u5e38\u65b9\u4fbf\uff0c\u53ef\u4ee5\u7528\u6765\u786e\u8ba4Kong\u53d1\u9001\u4e86\u4ec0\u4e48\u6837\u7684\u8bf7\u6c42\uff5e\u7b49\u7b49\uff09\u3002<\/p>\n

\u5b89\u88c5Kong<\/h1>\n

\u5982\u679c\u60a8\u5df2\u7ecf\u5b89\u88c5\u4e86 Kong\uff0c\u8bf7\u8df3\u8fc7\u672c\u8282\u3002<\/p>\n

\u7531\u4e8e\u6709\u8bb8\u591a\u5173\u4e8eKong\u7684\u5b89\u88c5\u6587\u7ae0\uff0c\u6240\u4ee5\u6211\u60f3\u8981\u7701\u7565\u4e00\u4e9b\uff0c\u5e76\u4ecb\u7ecd\u6700\u8fd1\u53d1\u5e03\u76840.12.x\u7248\u672c\uff08\u622a\u81f32018\u5e742\u670819\u65e5\uff09\u3002\u73af\u5883\u5047\u8bbe\u4e3aDocker\uff0c\u8bf7\u53c2\u8003\u5b98\u65b9\u6587\u6863\uff08Docker\u5b89\u88c5\uff09\uff0c\u57fa\u672c\u4e0a\u53ea\u9700\u8981\u590d\u5236\u5e76\u6267\u884c\u4ee5\u4e0b3\u4e2a\u547d\u4ee4\u5373\u53ef\u3002<\/p>\n

\u51c6\u5907\u4fdd\u5b58Kong\u8bbe\u7f6e\u7684\u6570\u636e\u5e93<\/h2>\n
$ <\/span>docker run -d<\/span> --name<\/span> kong-database \\<\/span>\r\n              -p<\/span> 5432:5432 \\<\/span>\r\n              -e<\/span> \"POSTGRES_USER=kong\"<\/span> \\<\/span>\r\n              -e<\/span> \"POSTGRES_DB=kong\"<\/span> \\<\/span>\r\n              postgres:9.4\r\n<\/code><\/pre>\n
\u2461 DB\u4e0eKong\u7684\u5408\u4f5c\uff08\u8fc1\u79fb\uff09<\/h2>\n
$ <\/span>docker run --rm<\/span> \\<\/span>\r\n    --link<\/span> kong-database:kong-database \\<\/span>\r\n    -e<\/span> \"KONG_DATABASE=postgres\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_PG_HOST=kong-database\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_CASSANDRA_CONTACT_POINTS=kong-database\"<\/span> \\<\/span>\r\n    kong:latest kong migrations up\r\n<\/code><\/pre>\n
\u2462 K\u8d77\u52a8<\/h2>\n
$ <\/span>docker run -d<\/span> --name<\/span> kong \\<\/span>\r\n    --link<\/span> kong-database:kong-database \\<\/span>\r\n    -e<\/span> \"KONG_DATABASE=postgres\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_PG_HOST=kong-database\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_CASSANDRA_CONTACT_POINTS=kong-database\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_PROXY_ACCESS_LOG=\/dev\/stdout\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_ADMIN_ACCESS_LOG=\/dev\/stdout\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_PROXY_ERROR_LOG=\/dev\/stderr\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_ADMIN_ERROR_LOG=\/dev\/stderr\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_ADMIN_LISTEN=0.0.0.0:8001\"<\/span> \\<\/span>\r\n    -e<\/span> \"KONG_ADMIN_LISTEN_SSL=0.0.0.0:8444\"<\/span> \\<\/span>\r\n    -p<\/span> 8000:8000 \\<\/span>\r\n    -p<\/span> 8443:8443 \\<\/span>\r\n    -p<\/span> 8001:8001 \\<\/span>\r\n    -p<\/span> 8444:8444 \\<\/span>\r\n    kong:latest\r\n<\/code><\/pre>\n
\u5173\u4e8e\u2462\uff0c\u5b98\u65b9\u6587\u6863\u4e2d\u6307\u5b9a\u4e86Docker\u542f\u52a8\u65f6\u7684\u9009\u9879\uff0c\u5305\u62ec\u8bbf\u95ee\u65e5\u5fd7\u7684\u8f93\u51fa\u76ee\u6807\u548c\u7ba1\u7406\u5458\u7aef\u53e3\u7684\u6307\u5b9a\uff0c\u4f46\u5982\u679c\u60f3\u8981\u8bbe\u7f6e\u5176\u4ed6\u914d\u7f6e\u9879\uff0c\u8bf7\u53c2\u8003\u914d\u7f6e\u53c2\u8003\u6587\u6863\u3002<\/p>\n
Kong\u7684\u64cd\u4f5c\u6d4b\u8bd5<\/h2>\n
\u5982\u679c\u6309\u7167\u2460\uff5e\u2462\u7684\u6b65\u9aa4\u8fdb\u884c\uff0c\u5e76\u4e14\u6210\u529f\u542f\u52a8\u4e86Kong\uff0c\u90a3\u4e48\u5f53\u6267\u884c\u4ee5\u4e0bcurl\u547d\u4ee4\u65f6\uff0c\u4f1a\u8fd4\u56de\u8868\u793aKong\u57fa\u672c\u4fe1\u606f\u7684JSON\u6570\u636e\u3002<\/p>\n
$ <\/span>curl http:\/\/localhost:8001\/\r\n<\/code><\/pre>\n
{<\/span>\"version\"<\/span>:<\/span>\"0.12.1\"<\/span>,<\/span>\"plugins\"<\/span>:{<\/span>\"enabled_in_cluster\"<\/span>:[],<\/span> \uff5e\u4ee5\u4e0b\u7701\u7565\uff5e<\/span> }<\/span>\r\n<\/code><\/pre>\n
\u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u5c31\u50cf\u4e0b\u8868\u6240\u793a\uff0c\u5728Kong\u4e2d\u6211\u4eec\u4f7f\u75288001\u7aef\u53e3\u6765\u521b\u5efa\u3001\u914d\u7f6eAPI\u4ee5\u53ca\u5e94\u7528\u63d2\u4ef6\uff0c\u540c\u65f6\u4f7f\u75288000\u7aef\u53e3\u6765\u8c03\u7528\u5df2\u521b\u5efa\u7684API\u3002<\/p>\n
\n
\u30dd\u30fc\u30c8\u5f79\u52728001\u65b0\u898fAPI\u306e\u4f5c\u6210\u3001API\u3078\u306e\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u9069\u7528\u3001\u30b3\u30f3\u30b7\u30e5\u30fc\u30de\u306e\u4f5c\u6210\u306a\u3069\uff08\u7ba1\u7406\u8005\u7528\u30dd\u30fc\u30c8\uff098000\u4f5c\u6210\u3057\u305fAPI\u3092\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c\u30b3\u30fc\u30eb\u3059\u308b\u305f\u3081\u306e\u30a8\u30f3\u30c9\u30dd\u30a4\u30f3\u30c8\uff08\u30e6\u30fc\u30b6\u7528\u30dd\u30fc\u30c8\uff09<\/div>\n<\/div>\n
\u65e2\u7136\u51c6\u5907\u59a5\u5f53\uff0c\u6211\u4eec\u9996\u5148\u8981\u521b\u5efaKong API\u3002<\/p>\n
\u521b\u5efa\u7b80\u6d01\u7684API<\/h1>\n
\u5728\u7ed9API\u6dfb\u52a0\u8bbf\u95ee\u63a7\u5236\u529f\u80fd\u4e4b\u524d\uff0c\u9996\u5148\u6211\u4eec\u9700\u8981\u521b\u5efa\u4e00\u4e2a\u57fa\u7840API\u3002\u5728\u8fd9\u4e2a\u9636\u6bb5\uff0c\u6211\u4eec\u53ea\u662f\u7b80\u5355\u5730\u521b\u5efaAPI\uff0c\u6240\u4ee5\u4efb\u4f55\u4eba\u90fd\u53ef\u4ee5\u8c03\u7528\u6240\u521b\u5efa\u7684API\u3002<\/p>\n
\u53ef\u4ee5\u901a\u8fc7\u5411http\uff1a\/\/[\u4e3b\u673a]\uff1a8001\/apis\u53d1\u9001POST\u8bf7\u6c42\u6765\u521b\u5efa\u65b0\u7684API\u3002\u5728\u8bf7\u6c42\u4e2d\u6307\u5b9aAPI\u540d\u79f0\u548cAPI\u7684\u8bbf\u95eeURL\u3002\u5177\u4f53\u6765\u8bf4\uff0c\u6309\u7167\u4ee5\u4e0b\u683c\u5f0f\u53d1\u9001\u8bf7\u6c42\uff1a<\/p>\n
$ <\/span>curl -i<\/span> -X<\/span> POST \\<\/span>\r\n  --url<\/span> http:\/\/[\u30db\u30b9\u30c8]:8001\/apis\/ \\<\/span>\r\n  --data<\/span> 'name=[API\u540d]'<\/span> \\<\/span>\r\n  --data<\/span> 'uris=\/[API\u306eURI]'<\/span> \\<\/span>\r\n  --data<\/span> 'upstream_url=[API\u30a2\u30af\u30bb\u30b9\u6642\u306b\u547c\u3073\u51fa\u3059\u30b5\u30fc\u30d3\u30b9\u306eURI]'<\/span>\r\n<\/code><\/pre>\n
\u4e0a\u8ff0\u8bf7\u6c42\u4e2d\u7684data\u90e8\u5206\u5177\u6709\u4ee5\u4e0b\u8868\u683c\u4e2d\u7684\u542b\u4e49\u3002<\/p>\n
\n
\u8a2d\u5b9a\u610f\u5473nameAPI\u306e\u540d\u79f0\u3002\u3053\u306eAPI\u306b\u5bfe\u3057\u3066\u30d7\u30e9\u30b0\u30a4\u30f3\u3092\u9069\u7528\u3059\u308b\u3068\u3044\u3063\u305f\u8a2d\u5b9a\u3092\u884c\u3046\u969b\u306b\u3053\u306ename\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002uris\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u304c\u3053\u306eAPI\u3092\u30b3\u30fc\u30eb\u3059\u308b\u969b\u306b\u6307\u5b9a\u3059\u308bURI\u3002\u30af\u30e9\u30a4\u30a2\u30f3\u30c8\u306fhttp:\/\/[\u30db\u30b9\u30c8]:8000\/[uris]<\/code>\u3092\u6307\u5b9a\u3057\u3066\u3053\u306eAPI\u3092\u30b3\u30fc\u30eb\u3057\u307e\u3059\u3002upstream_url\u3053\u306eAPI\u3092\u30b3\u30fc\u30eb\u3057\u305f\u969b\u306b\u547c\u3073\u51fa\u3055\u308c\u308bURL\u3002\uff08\u30ea\u30bd\u30fc\u30b9\u30b5\u30fc\u30d0\u306b\u76f8\u5f53\u3057\u307e\u3059\uff09<\/div>\n<\/div>\n
\u8ba9\u6211\u4eec\u7acb\u5373\u53d1\u9001\u4e00\u4e2a\u521b\u5efaAPI\u7684\u8bf7\u6c42\u3002\u8fd9\u6b21\u6211\u4eec\u5c06\u521b\u5efa\u4e00\u4e2a\u540d\u4e3asandbox-api\u7684API\u3002uris\u5c06\u4e0eAPI\u540d\u79f0\u76f8\u540c\uff0c\u5e76\u8bbe\u7f6e\u4e3a\/sandbox-api\u3002\u6b64\u5916\uff0c\u5c06upstream_url\u8bbe\u7f6e\u4e3ahttp:\/\/httpbin.org\/anything\u3002\u5982\u679c\u5904\u7406\u6210\u529f\uff0c\u5c06\u8fd4\u56de\u72b6\u6001\u4ee3\u7801201\u548c\u5305\u542b\u5df2\u521b\u5efaAPI\u7684JSON\u3002<\/p>\n
$ <\/span>curl -i<\/span> -X<\/span> POST \\<\/span>\r\n       --url<\/span> http:\/\/localhost:8001\/apis\/ \\<\/span>\r\n       --data<\/span> 'name=sandbox-api'<\/span> \\<\/span>\r\n       --data<\/span> 'uris=\/sandbox-api'<\/span> \\<\/span>\r\n       --data<\/span> 'upstream_url=http:\/\/httpbin.org\/anything'<\/span>\r\n\r\nHTTP\/1.1 201 Created\r\nDate: Mon, 19 Feb 2018 09:32:32 GMT\r\nContent-Type: application\/json;<\/span> charset<\/span>=<\/span>utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nAccess-Control-Allow-Origin: *<\/span>\r\nServer: kong\/0.12.1\r\n\r\n{<\/span>\"created_at\"<\/span>:1519032752107,\"strip_uri\"<\/span>:true,\"id\"<\/span>:\"287fa349-eb7f-456a-948c-0270b0fc4511\"<\/span>,\"name\"<\/span>:\"sandbox-api\"<\/span>,\"http_if_terminated\"<\/span>:false,\"preserve_host\"<\/span>:false,\"upstream_url\"<\/span>:\"http:<\/span>\\\/\\\/<\/span>httpbin.org<\/span>\\\/<\/span>anything\"<\/span>,\"uris\"<\/span>:[\"<\/span>\\\/<\/span>sandbox-api\"<\/span>]<\/span>,\"upstream_connect_timeout\"<\/span>:60000,\"upstream_send_timeout\"<\/span>:60000,\"upstream_read_timeout\"<\/span>:60000,\"retries\"<\/span>:5,\"https_only\"<\/span>:false}<\/span>\r\n<\/code><\/pre>\n
\u7531\u4e8e\u6210\u529f\u521b\u5efa\u4e86API\uff0c\u63a5\u4e0b\u6765\u6211\u5c06\u8c03\u7528\u6240\u521b\u5efa\u7684API\u4ee5\u8fdb\u884c\u786e\u8ba4\u3002\u7531\u4e8e\u672c\u6b21\u6d4b\u8bd5\u4e0eKong\u73af\u5883\u76f8\u540c\uff0c\u6211\u4f1a\u5c06\u4e3b\u673a\u6307\u5b9a\u4e3alocalhost\uff0c\u5e76\u5728\u4e3b\u673a\u540e\u9762\u6307\u5b9aAPI\u521b\u5efa\u65f6\u7684URIs\u4ee5\u8fdb\u884c\u8c03\u7528\u3002<\/p>\n
$ <\/span>curl -i<\/span> localhost:8000\/sandbox-api\r\n<\/code><\/pre>\n
\u5982\u679cAPI\u8c03\u7528\u6b63\u5e38\uff0c\u60a8\u5c06\u80fd\u591f\u83b7\u53d6\u8bbe\u7f6e\u4e3aupstream_url\u7684\u8d44\u6e90\uff0c\u5e76\u4f34\u968f\u7740200\u72b6\u6001\u3002\u4ee5\u4e0bJSON\u5177\u6709X-Kong-Proxy-Latency\uff0c\u5e76\u6765\u81ea\u8d44\u6e90\u670d\u52a1\u5668\uff08httpbin.org\/anything\uff09\u7684\u54cd\u5e94\u3002\uff08\u987a\u4fbf\u63d0\u4e00\u4e0b\uff0c\u60a8\u4e5f\u53ef\u4ee5\u786e\u8ba4Kong\u5728\u8bf7\u6c42\u5934\u4e2d\u6dfb\u52a0\u4e86\u4fe1\u606f\uff0c\u4f8b\u5982X-Kong-Upstream-Latency\uff09<\/p>\n
$ <\/span>curl -i<\/span> localhost:8000\/sandbox-api\r\n\r\nHTTP\/1.1 200 OK\r\nContent-Type: application\/json\r\nContent-Length: 351\r\nConnection: keep-alive\r\nServer: meinheld\/0.6.1\r\nDate: Mon, 19 Feb 2018 09:41:45 GMT\r\nAccess-Control-Allow-Origin: *<\/span>\r\nAccess-Control-Allow-Credentials: true\r\n<\/span>X-Powered-By: Flask\r\nX-Processed-Time: 0\r\nVia: kong\/0.12.1\r\nX-Kong-Upstream-Latency: 30\r\nX-Kong-Proxy-Latency: 0\r\n\r\n{<\/span>\r\n  \"args\"<\/span>: {}<\/span>, \r\n  \"data\"<\/span>: \"\"<\/span>, \r\n  \"files\"<\/span>: {}<\/span>, \r\n  \"form\"<\/span>: {}<\/span>, \r\n  \"headers\"<\/span>: {<\/span>\r\n    \"Accept\"<\/span>: \"*\/*\"<\/span>, \r\n    \"Connection\"<\/span>: \"close\"<\/span>, \r\n    \"Host\"<\/span>: \"httpbin.org\"<\/span>, \r\n    \"User-Agent\"<\/span>: \"curl\/7.55.1\"<\/span>, \r\n    \"X-Forwarded-Host\"<\/span>: \"localhost\"<\/span>\r\n  }<\/span>, \r\n  \"json\"<\/span>: null, \r\n  \"method\"<\/span>: \"GET\"<\/span>, \r\n  \"origin\"<\/span>: [<\/span>mask], \r\n  \"url\"<\/span>: \"http:\/\/localhost\/anything\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
\u597d\u7684\uff0c\u73b0\u5728\u6211\u4eec\u5df2\u7ecf\u5b8c\u6210\u4e86API\u7684\u521b\u5efa\u548c\u64cd\u4f5c\u786e\u8ba4\u3002<\/p>\n
\u7136\u800c\uff0c\u76ee\u524d\u60c5\u51b5\u4e0b\uff0c\u5bf9\u4e8eAPI\u5e76\u6ca1\u6709\u8fdb\u884c\u4efb\u4f55\u8bbf\u95ee\u63a7\u5236\uff0c\u56e0\u6b64\u4efb\u4f55\u4eba\u90fd\u53ef\u4ee5\u8c03\u7528\u8be5API\uff0c\u5c31\u50cf\u4e0b\u56fe\u6240\u793a\u7684\u72b6\u6001\u4e00\u6837\u3002<\/p>\n
\"kong-keyauth-2.png\"<\/div>\n
\u9996\u5148\uff0c\u6211\u4eec\u5c06\u901a\u8fc7\u5bf9\u8fd9\u4e2aAPI\u5e94\u7528\u5404\u79cd\u63d2\u4ef6\u6765\u5b9e\u73b0\u5e94\u7528\u8bbf\u95ee\u63a7\u5236\u7684API\u3002
\n\u8ba9\u6211\u4eec\u5148\u5e94\u7528\u5bc6\u94a5\u8ba4\u8bc1\u63d2\u4ef6\u3002<\/p>\n
\u5e94\u7528Key Authentication\u63d2\u4ef6<\/h1>\n
\u4e3a\u4e86\u5b9e\u73b0\u53ea\u6709\u7279\u5b9a\u7528\u6237\u80fd\u8bbf\u95eeAPI\u7684\u914d\u7f6e\uff0c\u9700\u8981\u540c\u65f6\u5e94\u7528Key Authentication\u63d2\u4ef6\u548cACL\u63d2\u4ef6\uff0c\u4f46\u9996\u5148\u6211\u4eec\u5c06\u4ecb\u7ecdKey Authentication\u63d2\u4ef6\u3002\u901a\u8fc7\u5f15\u5165\u8fd9\u4e2a\u63d2\u4ef6\uff0c\u6211\u4eec\u53ef\u4ee5\u5c06\u5bf9API\u7684\u8bbf\u95ee\u9650\u5b9a\u5728\u62e5\u6709\u6b63\u786e\u5bc6\u94a5\u7684\u7528\u6237\u4e4b\u4e2d\u3002\u6362\u53e5\u8bdd\u8bf4\uff0c\u8fd9\u4e2a\u63d2\u4ef6\u53ef\u4ee5\u62d2\u7edd\u672a\u88ab\u6388\u6743\u7684\u8bf7\u6c42\u3002<\/p>\n
\u4ee5\u4e0b\u662f\u4f7f\u7528\u5bc6\u94a5\u8fdb\u884c\u64cd\u4f5c\u7684\u56fe\u793a\u3002\u56fe\u4e2d\u7684AliceSecretKey\u3001BobSecretKey\u548cCharlieSecretKey\u5206\u522b\u5bf9\u5e94\u7740\u5bc6\u94a5\u3002<\/p>\n
\"kong-keyauth-4.png\"<\/div>\n
\u5b89\u88c5Key Authentication\u63d2\u4ef6\u9700\u8981\u4ee5\u4e0b3\u4e2a\u6b65\u9aa4\uff1a<\/p>\n
    \n
  • \n
      \u2460 sandbox-api\u306bKey Authentication\u30d7\u30e9\u30b0\u30a4\u30f3\u3092\u9069\u7528\u3059\u308b<\/ul>\n<\/li>\n<\/ul>\n
       <\/p>\n
        \n
      • \n
          \u2461 \u30b3\u30f3\u30b7\u30e5\u30fc\u30de\uff08\u30e6\u30fc\u30b6\uff09\u3092\u4f5c\u6210\u3059\u308b<\/ul>\n<\/li>\n<\/ul>\n
           <\/p>\n
            \u2462 \u30b3\u30f3\u30b7\u30e5\u30fc\u30de\u3092\u8b58\u5225\u3059\u308b\u30ad\u30fc\u3092\u8a2d\u5b9a\u3059\u308b<\/ul>\n
            \u90a3\u4e48\uff0c\u6211\u4eec\u5c06\u9010\u6b65\u89e3\u91ca\u8bbe\u7f6e\u65b9\u6cd5\u3002<\/p>\n
            \u5e94\u7528Key Authentication\u63d2\u4ef6\u5230API<\/h2>\n
            \u5982\u679c\u8981\u5bf9API\u5e94\u7528\u63d2\u4ef6\uff0c\u8bf7\u5c06\u63d2\u4ef6\u540d\u79f0\u548c\u63d2\u4ef6\u914d\u7f6ePOST\u5230http:\/\/[host]:8001\/apis\/[API\u540d\u79f0(name)]\/plugins\u3002\u5982\u679c\u8981\u5e94\u7528Key Authentication\u63d2\u4ef6\uff0c\u8bf7\u6309\u7167\u4ee5\u4e0b\u683c\u5f0fPOST\u8bbe\u7f6e\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/apis\/[API\u540d]\/plugins \\<\/span>\r\n    --data<\/span> \"name=key-auth\"<\/span> \\<\/span>\r\n    --data<\/span> \"config.key_names=[\u30ad\u30fc\u3092\u6307\u5b9a\u3059\u308b\u969b\u306e\u5c5e\u6027\u540d]\"<\/span>\r\n<\/code><\/pre>\n
            \n
            \u8a2d\u5b9a\u610f\u5473name\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u540d\u79f0\u3002Key Authentication\u30d7\u30e9\u30b0\u30a4\u30f3\u306e\u5834\u5408\u306fkey-auth<\/code>\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002\u3053\u306e\u5f8c\u8a2d\u5b9a\u3059\u308bACL\u30d7\u30e9\u30b0\u30a4\u30f3\u3067\u306facl<\/code>\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002config.key_namesKey Authentication\u30d7\u30e9\u30b0\u30a4\u30f3\u3067\u306f\u3001\u30af\u30a8\u30ea\u6587\u5b57\u5217\u3067\u30e6\u30fc\u30b6\u3092\u8b58\u5225\u3057\u307e\u3059\u3002config.key_names\u306f\u30af\u30a8\u30ea\u6587\u5b57\u5217\u306e\u5de6\u5074\uff08\u5c5e\u6027\u540d\uff09\u3092\u6307\u5b9a\u3057\u307e\u3059\u3002<\/div>\n<\/div>\n
            \u672c\u6b21\u64cd\u4f5c\u662f\u5bf9\u5148\u524d\u521b\u5efa\u7684sandbox-api\u5e94\u7528Key\u8ba4\u8bc1\u63d2\u4ef6\u8fdb\u884c\u5e94\u7528\uff0c\u5728config.key_names\u4e2d\u8bbe\u5b9a\u4e86sandboxApiKey\u3002\u53d1\u9001\u6b64POST\u8bf7\u6c42\u5e76\u6210\u529f\u5904\u7406\u540e\uff0c\u5c06\u8fd4\u56de\u4e00\u4e2a\u5305\u542b\u63d2\u4ef6\u5404\u9879\u914d\u7f6e\u7684JSON\u4f5c\u4e3a\u54cd\u5e94\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/apis\/sandbox-api\/plugins \\<\/span>\r\n       --data<\/span> \"name=key-auth\"<\/span> \\<\/span>\r\n       --data<\/span> \"config.key_names=sandboxApiKey\"<\/span>\r\n\r\n{<\/span>\"created_at\"<\/span>:1519125441000,\"config\"<\/span>:{<\/span>\"key_names\"<\/span>:[\"sandboxApiKey\"<\/span>]<\/span>,\"key_in_body\"<\/span>:false,\"anonymous\"<\/span>:\"\"<\/span>,\"run_on_preflight\"<\/span>:true,\"hide_credentials\"<\/span>:false}<\/span>,\"id\"<\/span>:\"3a342b9e-bf22-4b28-b3f2-ebc0ea54b0aa\"<\/span>,\"name\"<\/span>:\"key-auth\"<\/span>,\"api_id\"<\/span>:\"c9c6c0bb-445c-491e-9307-0157fe5d4e74\"<\/span>,\"enabled\"<\/span>:true}<\/span>\r\n<\/code><\/pre>\n
            \u73b0\u5728\uff0c\u6211\u4eec\u53ef\u4ee5\u5c06Key\u8ba4\u8bc1\u63d2\u4ef6\u5e94\u7528\u4e8esandbox-api\u3002\u5728\u6b64\u9636\u6bb5\uff0c\u6211\u4eec\u53ef\u4ee5\u5728API\u672b\u5c3e\u6dfb\u52a0\u67e5\u8be2\u5b57\u7b26\u4e32\u5e76\u8c03\u7528http:\/\/localhost:8000\/sandbox-api?sandboxApiKey=[\u7528\u6237\u7684Key]\u3002<\/p>\n
            \u7136\u800c\uff0c\u76ee\u524d\u8fd8\u6ca1\u6709\u8fdb\u884c\u67e5\u8be2\u5b57\u7b26\u4e32\u53c2\u6570\u7684\u8bbe\u7f6e\uff08\u5c1a\u672a\u521b\u5efa\u7528\u6237\u7684\u8d26\u6237\uff09\u3002\u56e0\u6b64\uff0c\u8ba9\u6211\u4eec\u5728\u6b65\u9aa4\u2461\u4e2d\u7ee7\u7eed\u521b\u5efa\u4e00\u4e2a\u76f8\u5e94\u7684\u7528\u6237\u3002<\/p>\n
            \u2461 \u521b\u5efa\u4e00\u4e2a\u6d88\u8d39\u8005\uff08\u7528\u6237\uff09<\/h2>\n
            \u5728\u8fd9\u91cc\uff0c\u51fa\u73b0\u4e86\u4e00\u4e2a\u65b0\u6982\u5ff5\uff0c\u90a3\u5c31\u662f\u6d88\u8d39\u8005\u3002\u5173\u4e8e\u6d88\u8d39\u8005\uff0c\u6839\u636e\u5b98\u65b9\u6587\u4ef6\u7684\u63cf\u8ff0\u5982\u4e0b\u3002<\/p>\n
            \u6d88\u8cbb\u8005\u5bf9\u8c61\u4ee3\u8868API\u7684\u6d88\u8d39\u8005\u6216\u7528\u6237\u3002<\/p><\/blockquote>\n
            \u4f5c\u70ba\u6587\u4ef6\u7684\u610f\u601d\u662f\u6307API\u7684\u6d88\u8cbb\u8005\uff08\u4f7f\u7528\u8005\uff09\u3002\u5f9e\u5176\u542b\u610f\u4f86\u770b\uff0c\u5b83\u4f3c\u4e4e\u5b9a\u7fa9\u4f7f\u7528\u8005\u7684\u96c6\u5408\uff08\u7d44\u7e54\uff09\u70ba\u6d88\u8cbb\u8005\u3002\u9806\u4fbf\u63d0\u4e00\u4e0b\uff0c\u6d88\u8cbb\u8005\u662fOAuth2\u63d2\u4ef6\u7b49\u6982\u5ff5\u4e2d\u5e38\u88ab\u4f7f\u7528\u7684\uff0c\u6240\u4ee5\u5982\u679c\u8003\u616e\u4f7f\u7528OAuth2\u63d2\u4ef6\uff0c\u5f37\u70c8\u5efa\u8b70\u5148\u95b1\u8b80\u5b98\u65b9\u6587\u4ef6\u3002<\/p>\n
            \u672c\u6b21\u6d3b\u52a8\u5c06\u4ee5\u6d88\u8d39\u8005\u4f5c\u4e3a\u7528\u6237\uff0c\u521b\u5efaAlice\u6d88\u8d39\u8005\u3001Bob\u6d88\u8d39\u8005\u548cCharlie\u6d88\u8d39\u8005\u3002\u6839\u636e\u4ee5\u4e0b\u683c\u5f0f\u8fdb\u884c\u521b\u5efa\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/ \\<\/span>\r\n    --data<\/span> \"username=<USERNAME>\"<\/span> \\<\/span>\r\n    --data<\/span> \"custom_id=<CUSTOM_ID>\"<\/span>\r\n<\/code><\/pre>\n
            \u5982\u679c\u8981\u521b\u5efa\u4e00\u4e2a\u540d\u4e3aAlice\u7684\u6d88\u8d39\u8005\uff0c\u60a8\u53ef\u4ee5\u4f7f\u7528\u4ee5\u4e0b\u8bf7\u6c42\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/ \\<\/span>\r\n     --data<\/span> \"username=alice\"<\/span> \\<\/span>\r\n     --data<\/span> \"custom_id=alice\"<\/span>\r\n{<\/span>\"custom_id\"<\/span>:\"alice\"<\/span>,\"created_at\"<\/span>:1519125666000,\"username\"<\/span>:\"alice\"<\/span>,\"id\"<\/span>:\"7265a18a-3b2b-4a6a-a51d-18e6e6dea2c7\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            \u4ee5\u540c\u6837\u7684\u65b9\u5f0f\uff0c\u8fd8\u9700\u8981\u521b\u5efaBob\u548cCharlie\u4e24\u4e2a\u6d88\u8d39\u8005\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/ \\<\/span>\r\n     --data<\/span> \"username=bob\"<\/span> \\<\/span>\r\n     --data<\/span> \"custom_id=bob\"<\/span>\r\n{<\/span>\"custom_id\"<\/span>:\"bob\"<\/span>,\"created_at\"<\/span>:1519127073000,\"username\"<\/span>:\"bob\"<\/span>,\"id\"<\/span>:\"b4835592-b912-41a8-bfa2-88416db69de5\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/ \\<\/span>\r\n     --data<\/span> \"username=charlie\"<\/span> \\<\/span>\r\n     --data<\/span> \"custom_id=charlie\"<\/span>\r\n{<\/span>\"custom_id\"<\/span>:\"charlie\"<\/span>,\"created_at\"<\/span>:1519127112000,\"username\"<\/span>:\"charlie\"<\/span>,\"id\"<\/span>:\"49509fc9-d6a0-4d6e-887f-73d95a6d83dd\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            \u8bbe\u5b9a\u8bc6\u522b\u6d88\u8d39\u8005\u7684\u952e\u503c<\/h2>\n
            \u5982\u679c\u80fd\u591f\u521b\u5efa\u6d88\u8d39\u8005\uff0c\u5219\u63a5\u4e0b\u6765\u9700\u8981\u4e3a\u6240\u521b\u5efa\u7684\u6d88\u8d39\u8005\u8bbe\u7f6e\u4e00\u4e2a\u952e\u3002\u5728\u8fd9\u91cc\u8bbe\u7f6e\u7684\u952e\u5bf9\u5e94\u4e8e\u4e4b\u524d\u8bbe\u5b9a\u7684\u67e5\u8be2\u5b57\u7b26\u4e32\u53c2\u6570\u90e8\u5206\uff08[\u7528\u6237\u7684\u952e]\u90e8\u5206\uff09\u3002<\/p>\n
            \u6309\u7167\u4e0b\u9762\u7684\u683c\u5f0f\u4e3a\u6d88\u8d39\u8005\u8bbe\u7f6e\u952e\u503c\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/[\u30b3\u30f3\u30b7\u30e5\u30fc\u30de\u540d]\/key-auth \\<\/span>\r\n    --data<\/span> \"key=[\u30b3\u30f3\u30b7\u30e5\u30fc\u30de\u306eKey]\"<\/span>\r\n<\/code><\/pre>\n
            \u8fd9\u6b21\uff0c\u6211\u4eec\u5c06\u628a\u5b57\u7b26\u4e32”AliceSecretKey”\u4f5c\u4e3aAlice\u6d88\u8d39\u8005\u7684\u5bc6\u94a5\u8fdb\u884c\u8bbe\u7f6e\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/alice\/key-auth \\<\/span>\r\n     --data<\/span> \"key=AliceSecretKey\"<\/span>\r\n\r\n{<\/span>\"id\"<\/span>:\"fd26bf85-b73e-4eaa-b1bd-8c2b3dfe2d2b\"<\/span>,\"created_at\"<\/span>:1519125820000,\"key\"<\/span>:\"AliceSecretKey\"<\/span>,\"consumer_id\"<\/span>:\"7265a18a-3b2b-4a6a-a51d-18e6e6dea2c7\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            \u540c\u6837\u5730\uff0c\u4e3aBob\u6d88\u8d39\u8005\u8bbe\u7f6e”BobSecretKey”\uff0c\u4e3aCharlie\u6d88\u8d39\u8005\u8bbe\u7f6e”CharlieSecretKey”\u3002<\/p>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/bob\/key-auth \\<\/span>\r\n       --data<\/span> \"key=BobSecretKey\"<\/span>\r\n\r\n{<\/span>\"id\"<\/span>:\"e504aada-25a3-4e59-a9a5-21e8121a0677\"<\/span>,\"created_at\"<\/span>:1519127653000,\"key\"<\/span>:\"BobSecretKey\"<\/span>,\"consumer_id\"<\/span>:\"b4835592-b912-41a8-bfa2-88416db69de5\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            $ <\/span>curl -X<\/span> POST localhost:8001\/consumers\/charlie\/key-auth \\<\/span>\r\n       --data<\/span> \"key=CharlieSecretKey\"<\/span>\r\n\r\n{<\/span>\"id\"<\/span>:\"51d48a78-a3e8-489b-9cc5-2108b69ce190\"<\/span>,\"created_at\"<\/span>:1519127695000,\"key\"<\/span>:\"CharlieSecretKey\"<\/span>,\"consumer_id\"<\/span>:\"49509fc9-d6a0-4d6e-887f-73d95a6d83dd\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            \u5728\u8fd9\u4e2a\u6b65\u9aa4\u4e2d\uff0c\u6211\u4eec\u5df2\u7ecf\u6210\u529f\u5c06Key Authentication\u63d2\u4ef6\u5e94\u7528\u4e8e\u7eaf\u51c0\u7684API\uff0c\u5e76\u5b8c\u6210\u4e86\u8bbe\u7f6eKey Authentication\u6240\u9700\u7684\u67e5\u8be2\u5b57\u7b26\u4e32\u53c2\u6570\uff08\u521b\u5efaConsumer\u5e76\u8bbe\u7f6e\u5bc6\u94a5\uff09\u3002<\/p>\n
            \u8ba9\u6211\u4eec\u7acb\u5373\u5728\u67e5\u8be2\u5b57\u7b26\u4e32\u4e2d\u6dfb\u52a0\u53c2\u6570\u5e76\u8bbf\u95eeAPI\u3002\u5982\u679c\u80fd\u6b63\u786e\u9644\u52a0\u6d88\u8d39\u8005\u5bc6\u94a5\uff0c\u5e94\u8be5\u80fd\u591f\u6210\u529f\u83b7\u53d6\u5185\u5bb9\u3002<\/p>\n
            $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api?sandboxApiKey=<\/span>AliceSecretKey\r\n\r\nHTTP\/1.1 200 OK\r\nContent-Type: application\/json\r\nContent-Length: 558\r\nConnection: keep-alive\r\nServer: meinheld\/0.6.1\r\nDate: Tue, 20 Feb 2018 11:26:50 GMT\r\nAccess-Control-Allow-Origin: *<\/span>\r\nAccess-Control-Allow-Credentials: true\r\n<\/span>X-Powered-By: Flask\r\nX-Processed-Time: 0\r\nVia: kong\/0.12.1\r\nX-Kong-Upstream-Latency: 28\r\nX-Kong-Proxy-Latency: 0\r\n\r\n{<\/span>\r\n  \"args\"<\/span>: {<\/span>\r\n    \"sandboxApiKey\"<\/span>: \"AliceSecretKey\"<\/span>\r\n  }<\/span>, \r\n  \"data\"<\/span>: \"\"<\/span>, \r\n  \"files\"<\/span>: {}<\/span>, \r\n  \"form\"<\/span>: {}<\/span>, \r\n  \"headers\"<\/span>: {<\/span>\r\n    \"Accept\"<\/span>: \"*\/*\"<\/span>, \r\n    \"Connection\"<\/span>: \"close\"<\/span>, \r\n    \"Host\"<\/span>: \"httpbin.org\"<\/span>, \r\n    \"User-Agent\"<\/span>: \"curl\/7.55.1\"<\/span>, \r\n    \"X-Consumer-Custom-Id\"<\/span>: \"alice\"<\/span>, \r\n    \"X-Consumer-Id\"<\/span>: \"7265a18a-3b2b-4a6a-a51d-18e6e6dea2c7\"<\/span>, \r\n    \"X-Consumer-Username\"<\/span>: \"alice\"<\/span>, \r\n    \"X-Forwarded-Host\"<\/span>: \"localhost\"<\/span>\r\n  }<\/span>, \r\n  \"json\"<\/span>: null, \r\n  \"method\"<\/span>: \"GET\"<\/span>, \r\n  \"origin\"<\/span>: \"172.17.0.1, 18.218.119.187\"<\/span>, \r\n  \"url\"<\/span>: \"http:\/\/localhost\/anything?sandboxApiKey=AliceSecretKey\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
            \u5982\u679c\u63d0\u4f9b\u4e86\u65e0\u6548\u7684\u952e\u6216\u8005\u6839\u672c\u6ca1\u6709\u63d0\u4f9b\u67e5\u8be2\u5b57\u7b26\u4e32\uff0c\u5c06\u4f1a\u8fd4\u56de\u4ee5\u4e0b\u9519\u8bef\u3002<\/p>\n
            $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api?sandboxApiKey=<\/span>MichelSecretKey\r\n\r\nHTTP\/1.1 403 Forbidden\r\nDate: Tue, 20 Feb 2018 11:29:16 GMT\r\nContent-Type: application\/json;<\/span> charset<\/span>=<\/span>utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: kong\/0.12.1\r\n\r\n{<\/span>\"message\"<\/span>:\"Invalid authentication credentials\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api\r\nHTTP\/1.1 401 Unauthorized\r\nDate: Tue, 20 Feb 2018 11:29:23 GMT\r\nContent-Type: application\/json;<\/span> charset<\/span>=<\/span>utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nWWW-Authenticate: Key realm<\/span>=<\/span>\"kong\"<\/span>\r\nServer: kong\/0.12.1\r\n\r\n{<\/span>\"message\"<\/span>:\"No API key found in request\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
            \u8fd9\u6837\u4e00\u6765\uff0c\u9664\u4e86\u6d88\u8d39\u8005\u4e4b\u5916\uff0c\u5c31\u65e0\u6cd5\u8bbf\u95eeAPI\u4e86\u3002<\/p>\n
            \u7136\u800c\uff0c\u5728Kong\u4e0a\uff0c\u53ea\u8981\u662f\u5b58\u5728\u7684\u6d88\u8d39\u8005\uff0c\u4efb\u4f55\u4eba\u90fd\u53ef\u4ee5\u8bbf\u95eeAPI\u3002\u5b9e\u9645\u60c5\u51b5\u662f\uff0c\u5f88\u5c11\u6709\u201c\u53ea\u8981\u662f\u6d88\u8d39\u8005\u5c31\u53ef\u4ee5\u8bbf\u95ee\u201d\u7684\u60c5\u51b5\uff0c\u6211\u8ba4\u4e3a\u5927\u591a\u6570\u60c5\u51b5\u4e0b\uff0c\u6211\u4eec\u5e0c\u671b\u5bf9\u6bcf\u4e2a\u6d88\u8d39\u8005\u5355\u72ec\u8fdb\u884c\u8bbf\u95ee\u63a7\u5236\u3002<\/p>\n
            \u53ea\u9700\u4e00\u79cd\u9009\u62e9\uff1a\u5e94\u7528\u4e0b\u9762\u8981\u89e3\u91ca\u7684ACL\u63d2\u4ef6\uff0c\u60a8\u5c31\u53ef\u4ee5\u5728\u6d88\u8d39\u8005\u5c42\u9762\u4e0a\u63a7\u5236\u8bbf\u95ee\uff0c\u6240\u4ee5\u8ba9\u6211\u4eec\u7acb\u5373\u8fdb\u884c\u8bbe\u7f6e\u5427\u3002<\/p>\n
            \u5e94\u7528ACL\u63d2\u4ef6<\/h1>\n
            \u4f7f\u7528Key Authentication\u63d2\u4ef6\uff0c\u5e76\u5e94\u7528ACL\u63d2\u4ef6\uff0c\u53ef\u4ee5\u5728\u6bcf\u4e2a\u6d88\u8d39\u8005\u5355\u4f4d\u4e2d\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee\u3002<\/p>\n
            \u5177\u4f53\u800c\u8a00\uff0c\u53ef\u4ee5\u901a\u8fc7\u4e3a\u6bcf\u4e2a\u6d88\u8d39\u8005\u8bbe\u7f6e”ACL\u7ec4”\uff0c\u5e76\u901a\u8fc7ACL\u63d2\u4ef6\u6307\u5b9a\u5141\u8bb8\u6216\u62d2\u7edd\u8bbf\u95ee\u7684ACL\u7ec4\u6765\u5b9e\u73b0\u8bbf\u95ee\u63a7\u5236\u3002\u53ef\u4ee5\u5728ACL\u63d2\u4ef6\u7684\u767d\u540d\u5355\u548c\u9ed1\u540d\u5355\u529f\u80fd\u4e2d\u8bbe\u7f6e\u5141\u8bb8\u6216\u62d2\u7edd\u8bbf\u95ee\u7684ACL\u7ec4\u3002<\/p>\n
            \"kong-keyauth-3.png\"<\/div>\n
            \u8981\u5b89\u88c5ACL\u63d2\u4ef6\uff0c\u8bf7\u6309\u7167\u4ee5\u4e0b2\u4e2a\u6b65\u9aa4\u8fdb\u884c\u64cd\u4f5c\u3002<\/p>\n
              \n
            • \n
                \u2460 \u30b3\u30f3\u30b7\u30e5\u30fc\u30de\u306bACL\u30b0\u30eb\u30fc\u30d7\u3092\u8a2d\u5b9a\u3059\u308b<\/ul>\n<\/li>\n<\/ul>\n
                 <\/p>\n
                  \u2461 ACL\u30d7\u30e9\u30b0\u30a4\u30f3\u3092\u9069\u7528\u3057\u3001\u30a2\u30af\u30bb\u30b9\u3092\u8a31\u53ef\u30fb\u8a31\u53ef\u3057\u306a\u3044ACL\u30b0\u30eb\u30fc\u30d7\u3092\u8a2d\u5b9a\u3059\u308b<\/ul>\n
                  \u73b0\u5728\uff0c\u6211\u5c06\u9010\u6b65\u4e3a\u60a8\u89e3\u91ca\u8bbe\u7f6e\u65b9\u6cd5\u3002<\/p>\n
                  \u7ed9\u6d88\u8d39\u8005\u8bbe\u7f6eACL\u7ec4\u3002<\/h2>\n
                  \u5c06ACL\u7ec4\u4f5c\u4e3a\u8bbf\u95ee\u63a7\u5236\u7684\u5355\u4f4d\u8bbe\u7f6e\u7ed9\u6d88\u8d39\u8005\u3002\u683c\u5f0f\u5982\u4e0b\u6240\u793a\u3002<\/p>\n
                  $ <\/span>curl -X<\/span> POST http:\/\/[\u30db\u30b9\u30c8]:8001\/consumers\/[\u30b3\u30f3\u30b7\u30e5\u30fc\u30de\u540d]\/acls \\<\/span>\r\n    --data<\/span> \"group=[ACL\u30b0\u30eb\u30fc\u30d7\u540d]\"<\/span>\r\n<\/code><\/pre>\n
                  \u8fd9\u6b21\uff0cACL\u7ec4\u540d\u5df2\u7ecf\u5206\u914d\u7ed9\u4e86\u5404\u4e2a\u6d88\u8d39\u8005\uff0c\u5177\u4f53\u5982\u4e0b\u6240\u793a\u3002\u7531\u4e8ealice\u548cbob\u90fd\u5e0c\u671b\u5141\u8bb8\u8bbf\u95ee\uff0c\u6240\u4ee5\u7ed9\u4ed6\u4eec\u5206\u914d\u4e86\u76f8\u540c\u7684ACL\u7ec4\u3002<\/p>\n
                  \n
                  \u30b3\u30f3\u30b7\u30e5\u30fc\u30deACL\u30b0\u30eb\u30fc\u30d7aliceallow-groupboballow-groupcharliedeny-group<\/div>\n<\/div>\n
                  \u73b0\u5728\uff0c\u6211\u4eec\u8981\u4e3a\u6bcf\u4e2a\u7528\u6237\u8bbe\u7f6eACL\u7ec4\u3002<\/p>\n
                  $ <\/span>curl -X<\/span> POST http:\/\/localhost:8001\/consumers\/alice\/acls \\<\/span>\r\n       --data<\/span> \"group=allow-group\"<\/span>\r\n\r\n{<\/span>\"group\"<\/span>:\"allow-group\"<\/span>,\"created_at\"<\/span>:1519273998000,\"id\"<\/span>:\"9f04008f-9914-420d-a3a2-edabf32d37ac\"<\/span>,\"consumer_id\"<\/span>:\"82a61b1a-97b6-43a4-82ed-97040b108707\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
                  $ <\/span>curl -X<\/span> POST http:\/\/localhost:8001\/consumers\/bob\/acls \\<\/span>\r\n       --data<\/span> \"group=allow-group\"<\/span>\r\n\r\n{<\/span>\"group\"<\/span>:\"allow-group\"<\/span>,\"created_at\"<\/span>:1519274058000,\"id\"<\/span>:\"1c048e7a-99ab-4328-a431-a63e43a26aa3\"<\/span>,\"consumer_id\"<\/span>:\"f6255716-6808-4229-90ce-d8b86c793b8a\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
                  $ <\/span>curl -X<\/span> POST http:\/\/localhost:8001\/consumers\/charlie\/acls \\<\/span>\r\n       --data<\/span> \"group=deny-group\"<\/span>\r\n\r\n{<\/span>\"group\"<\/span>:\"deny-group\"<\/span>,\"created_at\"<\/span>:1519274108000,\"id\"<\/span>:\"0f820d10-9e94-495e-9637-c232bb058a79\"<\/span>,\"consumer_id\"<\/span>:\"f8158211-be7a-47e9-8cc6-b9d4d1630d61\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
                  ACL\u7ec4\u7684\u8bbe\u7f6e\u5df2\u7ecf\u5b8c\u6210\u3002\u63a5\u4e0b\u6765\uff0c\u5c06\u8fdb\u884c\u5141\u8bb8\u6216\u62d2\u7edd\u5bf9\u521b\u5efa\u7684ACL\u7ec4\u7684\u8bbf\u95ee\u7684\u8bbe\u7f6e\u3002<\/p>\n
                  \u5e94\u7528ACL\u63d2\u4ef6\uff0c\u5e76\u8bbe\u7f6e\u5141\u8bb8\u6216\u4e0d\u5141\u8bb8\u8bbf\u95ee\u7684ACL\u7ec4\u3002<\/h2>\n
                  \u6211\u4eec\u5c06\u5bf9sandbox-api\u5e94\u7528ACL\u63d2\u4ef6\u8fdb\u884c\u914d\u7f6e\uff0c\u4f46\u5728\u8fdb\u884c\u5e94\u7528\u65f6\uff0c\u9700\u8981\u8bbe\u7f6econfig.whitelist\u6216config.blacklist\u3002
                  \nconfig.whitelist\u7684\u542b\u4e49\u662f\u5c06\u6307\u5b9a\u7684ACL\u7ec4\u6ce8\u518c\u4e3a\u767d\u540d\u5355\u914d\u7f6e\u3002\u7531\u4e8e\u662f\u767d\u540d\u5355\uff0c\u53ea\u5141\u8bb8\u6307\u5b9aACL\u7ec4\u8bbf\u95ee\uff0c\u800c\u963b\u6b62\u5176\u4ed6ACL\u7ec4\u7684\u8bbf\u95ee\u3002config.blacklist\u5219\u662f\u9ed1\u540d\u5355\u914d\u7f6e\uff0c\u4e0econfig.whitelist\u76f8\u53cd\uff08\u62d2\u7edd\u6307\u5b9aACL\u7ec4\u7684\u8bbf\u95ee\uff0c\u5141\u8bb8\u5176\u4ed6ACL\u7ec4\u7684\u8bbf\u95ee\uff09\u3002<\/p>\n
                  \u8bbe\u5b9a\u7684\u683c\u5f0f\u5982\u4e0b\u6240\u793a\u3002<\/p>\n
                  $ <\/span>curl -X<\/span> POST http:\/\/[\u30db\u30b9\u30c8]:8001\/apis\/[API\u540d]\/plugins \\<\/span>\r\n    --data<\/span> \"name=acl\"<\/span> \\<\/span>\r\n    --data<\/span> \"config.whitelist=[ACL\u30b0\u30eb\u30fc\u30d7]\"<\/span>\r\n<\/code><\/pre>\n
                  \u6211\u5e0c\u671b\u8be5\u6b21\u4e3aalice\u6d88\u8d39\u8005\u548cbob\u6d88\u8d39\u8005\u6240\u5c5e\u7684ACL\u7ec4\uff08allow-group\uff09\u5141\u8bb8\u8bbf\u95ee\uff0c\u5e76\u4e14\u62d2\u7eddcharlie\u6d88\u8d39\u8005\u7684ACL\u7ec4\uff08deny-group\uff09\u8bbf\u95ee\uff0c\u56e0\u6b64\u8981\u5728config.whitelist\u4e2d\u6307\u5b9aallow-group\u3002<\/p>\n
                  $ <\/span>curl -X<\/span> POST http:\/\/localhost:8001\/apis\/sandbox-api\/plugins \\<\/span>\r\n       --data<\/span> \"name=acl\"<\/span> \\<\/span>\r\n       --data<\/span> \"config.whitelist=allow-group\"<\/span>\r\n\r\n{<\/span>\"created_at\"<\/span>:1519276536000,\"config\"<\/span>:{<\/span>\"whitelist\"<\/span>:[\"allow-group\"<\/span>]}<\/span>,\"id\"<\/span>:\"79a8ee65-3290-4da8-a6e2-2113928503e1\"<\/span>,\"name\"<\/span>:\"acl\"<\/span>,\"api_id\"<\/span>:\"cdab454f-75ff-4761-9eb9-4aee1b33b262\"<\/span>,\"enabled\"<\/span>:true}<\/span>\r\n<\/code><\/pre>\n
                  \u6211\u4eec\u5df2\u7ecf\u5b8c\u6210\u4e86\u6240\u6709\u7684\u8bbe\u7f6e\u3002\u8ba9\u6211\u4eec\u6765\u6d4b\u8bd5\u4e00\u4e0b\u770b\u770b\u3002<\/p>\n
                  Alice\u548cBob\u6d88\u8d39\u8005\u4f7f\u7528API\u8fdb\u884c\u8bbf\u95ee\u3002<\/p>\n
                  $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api?sandboxApiKey=<\/span>AliceSecretKey\r\n\r\nHTTP\/1.1 200 OK\r\nContent-Type: application\/json\r\nContent-Length: 558\r\nConnection: keep-alive\r\nServer: meinheld\/0.6.1\r\nDate: Thu, 22 Feb 2018 05:11:53 GMT\r\nAccess-Control-Allow-Origin: *<\/span>\r\nAccess-Control-Allow-Credentials: true\r\n<\/span>X-Powered-By: Flask\r\nX-Processed-Time: 0\r\nVia: kong\/0.12.1\r\nX-Kong-Upstream-Latency: 29\r\nX-Kong-Proxy-Latency: 19\r\n\r\n{<\/span>\r\n  \"args\"<\/span>: {<\/span>\r\n    \"sandboxApiKey\"<\/span>: \"AliceSecretKey\"<\/span>\r\n  }<\/span>, \r\n  \"data\"<\/span>: \"\"<\/span>, \r\n  \"files\"<\/span>: {}<\/span>, \r\n  \"form\"<\/span>: {}<\/span>, \r\n  \"headers\"<\/span>: {<\/span>\r\n    \"Accept\"<\/span>: \"*\/*\"<\/span>, \r\n    \"Connection\"<\/span>: \"close\"<\/span>, \r\n    \"Host\"<\/span>: \"httpbin.org\"<\/span>, \r\n    \"User-Agent\"<\/span>: \"curl\/7.55.1\"<\/span>, \r\n    \"X-Consumer-Custom-Id\"<\/span>: \"alice\"<\/span>, \r\n    \"X-Consumer-Id\"<\/span>: \"82a61b1a-97b6-43a4-82ed-97040b108707\"<\/span>, \r\n    \"X-Consumer-Username\"<\/span>: \"alice\"<\/span>, \r\n    \"X-Forwarded-Host\"<\/span>: \"localhost\"<\/span>\r\n  }<\/span>, \r\n  \"json\"<\/span>: null, \r\n  \"method\"<\/span>: \"GET\"<\/span>, \r\n  \"origin\"<\/span>: \"172.17.0.1, 18.218.119.187\"<\/span>, \r\n  \"url\"<\/span>: \"http:\/\/localhost\/anything?sandboxApiKey=AliceSecretKey\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                  $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api?sandboxApiKey=<\/span>BobSecretKey\r\n\r\nHTTP\/1.1 200 OK\r\nContent-Type: application\/json\r\nContent-Length: 550\r\nConnection: keep-alive\r\nServer: meinheld\/0.6.1\r\nDate: Thu, 22 Feb 2018 05:12:48 GMT\r\nAccess-Control-Allow-Origin: *<\/span>\r\nAccess-Control-Allow-Credentials: true\r\n<\/span>X-Powered-By: Flask\r\nX-Processed-Time: 0\r\nVia: kong\/0.12.1\r\nX-Kong-Upstream-Latency: 28\r\nX-Kong-Proxy-Latency: 15\r\n\r\n{<\/span>\r\n  \"args\"<\/span>: {<\/span>\r\n    \"sandboxApiKey\"<\/span>: \"BobSecretKey\"<\/span>\r\n  }<\/span>, \r\n  \"data\"<\/span>: \"\"<\/span>, \r\n  \"files\"<\/span>: {}<\/span>, \r\n  \"form\"<\/span>: {}<\/span>, \r\n  \"headers\"<\/span>: {<\/span>\r\n    \"Accept\"<\/span>: \"*\/*\"<\/span>, \r\n    \"Connection\"<\/span>: \"close\"<\/span>, \r\n    \"Host\"<\/span>: \"httpbin.org\"<\/span>, \r\n    \"User-Agent\"<\/span>: \"curl\/7.55.1\"<\/span>, \r\n    \"X-Consumer-Custom-Id\"<\/span>: \"bob\"<\/span>, \r\n    \"X-Consumer-Id\"<\/span>: \"f6255716-6808-4229-90ce-d8b86c793b8a\"<\/span>, \r\n    \"X-Consumer-Username\"<\/span>: \"bob\"<\/span>, \r\n    \"X-Forwarded-Host\"<\/span>: \"localhost\"<\/span>\r\n  }<\/span>, \r\n  \"json\"<\/span>: null, \r\n  \"method\"<\/span>: \"GET\"<\/span>, \r\n  \"origin\"<\/span>: \"172.17.0.1, 18.218.119.187\"<\/span>, \r\n  \"url\"<\/span>: \"http:\/\/localhost\/anything?sandboxApiKey=BobSecretKey\"<\/span>\r\n}<\/span>\r\n<\/code><\/pre>\n
                  \u60a8\u5df2\u6210\u529f\u8bbf\u95ee\u4e86\u65e0\u4e8bAPI\uff0c\u63a5\u4e0b\u6765\u6211\u4eec\u5c06\u4f7f\u7528Charlie\u6d88\u8d39\u8005\u6765\u8bbf\u95ee\u8be5API\u3002<\/p>\n
                  $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api?sandboxApiKey=<\/span>CharlieSecretKey\r\n\r\nHTTP\/1.1 403 Forbidden\r\nDate: Thu, 22 Feb 2018 05:16:22 GMT\r\nContent-Type: application\/json;<\/span> charset<\/span>=<\/span>utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: kong\/0.12.1\r\n\r\n{<\/span>\"message\"<\/span>:\"You cannot consume this service\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
                  \u8fd9\u91cc\u4e5f\u6309\u7167\u9884\u671f\u88ab\u62d2\u7edd\u8bbf\u95ee\u3002\u5f53\u7136\uff0c\u5982\u679c\u6307\u5b9a\u4e86\u4e0d\u5b58\u5728\u7684\u5bc6\u94a5\u6216\u8005\u672a\u63d0\u4f9b\u5bc6\u94a5\uff0c\u8bbf\u95ee\u4e5f\u4f1a\u88ab\u62d2\u7edd\u3002<\/p>\n
                  $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api?sandboxApiKey=<\/span>MichelSecretKey\r\n\r\nHTTP\/1.1 403 Forbidden\r\nDate: Thu, 22 Feb 2018 05:18:52 GMT\r\nContent-Type: application\/json;<\/span> charset<\/span>=<\/span>utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nServer: kong\/0.12.1\r\n\r\n{<\/span>\"message\"<\/span>:\"Invalid authentication credentials\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
                  $ <\/span>curl -i<\/span> http:\/\/localhost:8000\/sandbox-api\r\n\r\nHTTP\/1.1 401 Unauthorized\r\nDate: Thu, 22 Feb 2018 05:20:42 GMT\r\nContent-Type: application\/json;<\/span> charset<\/span>=<\/span>utf-8\r\nTransfer-Encoding: chunked\r\nConnection: keep-alive\r\nWWW-Authenticate: Key realm<\/span>=<\/span>\"kong\"<\/span>\r\nServer: kong\/0.12.1\r\n\r\n{<\/span>\"message\"<\/span>:\"No API key found in request\"<\/span>}<\/span>\r\n<\/code><\/pre>\n
                  \u4ee5\u6b64\u544a\u4e00\u6bb5\u843d\uff0c\u6211\u4eec\u6210\u529f\u5b9e\u73b0\u4e86\u6700\u521d\u6784\u60f3\u7684\u7ed3\u6784\uff01<\/p>\n
                  \u6700\u540e<\/h1>\n
                  \u8fd9\u6b21\u6211\u4eec\u4f7f\u7528\u4e86\u5bc6\u94a5\uff08Key\uff09\u548c\u8bbf\u95ee\u63a7\u5236\u5217\u8868\uff08ACL\uff09\uff0c\u4e3aAPI\u589e\u52a0\u4e86\u8bbf\u95ee\u63a7\u5236\u529f\u80fd\u3002\u4f46\u662f\uff0c\u5728\u5b9e\u9645\u7684\u4f7f\u7528\u573a\u666f\u4e2d\uff0c\u968f\u7740\u7528\u6237\u6570\u91cf\u7684\u589e\u52a0\uff0c\u4ec5\u4ec5\u901a\u8fc7Kong\u6765\u7ba1\u7406\u6d88\u8d39\u8005\u521b\u5efa\u548c\u5bc6\u94a5\u53d1\u653e\u53d8\u5f97\u56f0\u96be\uff0c\u540c\u65f6\u4e5f\u6709\u4e00\u4e9b\u9700\u6c42\u5e0c\u671b\u901a\u8fc7\u5df2\u5b58\u5728\u7684Keycloak2\u7b49IdP\uff08\u8eab\u4efd\u63d0\u4f9b\u8005\uff09\u6765\u8fdb\u884c\u7528\u6237\u8ba4\u8bc1\u3002<\/p>\n
                  \u5982\u679c\u6709\u673a\u4f1a\u7684\u8bdd\uff0c\u6211\u60f3\u5c1d\u8bd5\u5c06\u7528\u6237\u8ba4\u8bc1\u90e8\u5206\u653e\u7f6e\u5728Kong\u5916\uff0c\u5e76\u5229\u7528Kong\u7684OAuth2.0\u8ba4\u8bc1\u63d2\u4ef6\uff0c\u6839\u636e\u5916\u90e8\u8ba4\u8bc1\u4fe1\u606f\u9a8c\u8bc1API\u7684\u8bbf\u95ee\u6743\u9650\u3002<\/p>\n
                  \u6b64\u5916\uff0c\u5728\u6211\u4eec\u7684OpenStandia\u4e2d\uff0c\u6211\u4eec\u4e3a\u5404\u79cd\u5f00\u6e90\u8f6f\u4ef6\u63d0\u4f9b\u6700\u65b0\u8d44\u8baf\u548c\u6280\u672f\u652f\u6301\u3002\u5982\u679c\u60a8\u6709\u5174\u8da3\uff0c\u8bf7\u52a1\u5fc5\u67e5\u770b\uff01<\/p>\n
                  \u611f\u8c22\u60a8\u4e00\u76f4\u4ee5\u6765\u7684\u89c2\u770b\u3002<\/p>\n
                  \n
                  \u901a\u8fc7\u5728config.whitelist\u4e2d\u6307\u5b9aallow-group\uff0c\u6211\u4eec\u5b9e\u73b0\u4e86\u8bbf\u95ee\u63a7\u5236\u3002\u4f46\u662f\uff0c\u901a\u8fc7\u5728config.blacklist\u4e2d\u6307\u5b9adeny-group\u4e5f\u53ef\u4ee5\u5b9e\u73b0\u7c7b\u4f3c\u7684\u8bbf\u95ee\u63a7\u5236\u3002<\/p>\n
                  \u5982\u679c\u60a8\u5bf9Keycloak\u611f\u5174\u8da3\uff0c\u8bf7\u52a1\u5fc5\u67e5\u770bKeycloak by OpenStandia Advent Calendar 2017\uff01\u5b83\u5305\u542b\u4e86\u5404\u79cd\u5185\u5bb9\uff0c\u4eceKeycloak\u7684\u5b89\u88c5\u5230\u5e94\u7528\u7a0b\u5e8f\u7684\u4f7f\u7528\u3002<\/p>\n<\/div>\n","protected":false},"excerpt":{"rendered":"
                  \u9996\u5148 \u6211\u5011\u5c07\u4f7f\u7528\u958b\u6e90API\u7db2\u95dcKong\u4f86\u4ecb\u7d39\u8de8\u591a\u7bc7\u6587\u7ae0\u8a0e\u8ad6API\u5b58\u53d6\u63a7\u5236\u7684\u65b9\u6cd5\u3002 \u5728Kong\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7\u63d2\u4ef6\u5f62 […]<\/p>\n","protected":false},"author":9,"featured_media":0,"comment_status":"closed","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[1],"tags":[],"class_list":["post-50606","post","type-post","status-publish","format-standard","hentry","category-uncategorized"],"yoast_head":"\n\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee - API\u5bc6\u94a5\u548cACL\u7248 - Blog - Silicon Cloud<\/title>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528kong\u6765\u63a7\u5236\u5bf9api\u7684\u8bbf\u95ee-api\u5bc6\u94a5\u548cacl\u7248\/\" \/>\n<meta property=\"og:locale\" content=\"zh_CN\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee - API\u5bc6\u94a5\u548cACL\u7248\" \/>\n<meta property=\"og:description\" content=\"\u9996\u5148 \u6211\u5011\u5c07\u4f7f\u7528\u958b\u6e90API\u7db2\u95dcKong\u4f86\u4ecb\u7d39\u8de8\u591a\u7bc7\u6587\u7ae0\u8a0e\u8ad6API\u5b58\u53d6\u63a7\u5236\u7684\u65b9\u6cd5\u3002 \u5728Kong\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7\u63d2\u4ef6\u5f62 […]\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528kong\u6765\u63a7\u5236\u5bf9api\u7684\u8bbf\u95ee-api\u5bc6\u94a5\u548cacl\u7248\/\" \/>\n<meta property=\"og:site_name\" content=\"Blog - Silicon Cloud\" \/>\n<meta property=\"article:published_time\" content=\"2023-12-31T03:43:55+00:00\" \/>\n<meta property=\"article:modified_time\" content=\"2024-04-29T08:49:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d926a913a08637a6e2882\/4-0.png\" \/>\n<meta name=\"author\" content=\"\u6e05, \u626c\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:label1\" content=\"\u4f5c\u8005\" \/>\n\t<meta name=\"twitter:data1\" content=\"\u6e05, \u626c\" \/>\n\t<meta name=\"twitter:label2\" content=\"\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4\" \/>\n\t<meta name=\"twitter:data2\" content=\"7 \u5206\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/\",\"name\":\"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee - API\u5bc6\u94a5\u548cACL\u7248 - Blog - Silicon Cloud\",\"isPartOf\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\"},\"datePublished\":\"2023-12-31T03:43:55+00:00\",\"dateModified\":\"2024-04-29T08:49:37+00:00\",\"author\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461\"},\"breadcrumb\":{\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/#breadcrumb\"},\"inLanguage\":\"zh-Hans\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"\u9996\u9875\",\"item\":\"https:\/\/www.silicloud.com\/zh\/blog\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee – API\u5bc6\u94a5\u548cACL\u7248\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#website\",\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/\",\"name\":\"Blog - Silicon Cloud\",\"description\":\"\",\"inLanguage\":\"zh-Hans\"},{\"@type\":\"Person\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461\",\"name\":\"\u6e05, \u626c\",\"image\":{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/\",\"url\":\"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g\",\"contentUrl\":\"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g\",\"caption\":\"\u6e05, \u626c\"},\"url\":\"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyang\/\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"zh-Hans\",\"@id\":\"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/#local-main-organization-logo\",\"url\":\"\",\"contentUrl\":\"\",\"caption\":\"Blog - Silicon Cloud\"}]}<\/script>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee - API\u5bc6\u94a5\u548cACL\u7248 - Blog - Silicon Cloud","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528kong\u6765\u63a7\u5236\u5bf9api\u7684\u8bbf\u95ee-api\u5bc6\u94a5\u548cacl\u7248\/","og_locale":"zh_CN","og_type":"article","og_title":"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee - API\u5bc6\u94a5\u548cACL\u7248","og_description":"\u9996\u5148 \u6211\u5011\u5c07\u4f7f\u7528\u958b\u6e90API\u7db2\u95dcKong\u4f86\u4ecb\u7d39\u8de8\u591a\u7bc7\u6587\u7ae0\u8a0e\u8ad6API\u5b58\u53d6\u63a7\u5236\u7684\u65b9\u6cd5\u3002 \u5728Kong\u4e2d\uff0c\u53ef\u4ee5\u901a\u8fc7\u63d2\u4ef6\u5f62 […]","og_url":"https:\/\/www.silicloud.com\/zh\/blog\/\u4f7f\u7528kong\u6765\u63a7\u5236\u5bf9api\u7684\u8bbf\u95ee-api\u5bc6\u94a5\u548cacl\u7248\/","og_site_name":"Blog - Silicon Cloud","article_published_time":"2023-12-31T03:43:55+00:00","article_modified_time":"2024-04-29T08:49:37+00:00","og_image":[{"url":"https:\/\/cdn.silicloud.com\/blog-img\/blog\/img\/657d926a913a08637a6e2882\/4-0.png"}],"author":"\u6e05, \u626c","twitter_card":"summary_large_image","twitter_misc":{"\u4f5c\u8005":"\u6e05, \u626c","\u9884\u8ba1\u9605\u8bfb\u65f6\u95f4":"7 \u5206"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/","url":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/","name":"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee - API\u5bc6\u94a5\u548cACL\u7248 - Blog - Silicon Cloud","isPartOf":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website"},"datePublished":"2023-12-31T03:43:55+00:00","dateModified":"2024-04-29T08:49:37+00:00","author":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461"},"breadcrumb":{"@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/#breadcrumb"},"inLanguage":"zh-Hans","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"\u9996\u9875","item":"https:\/\/www.silicloud.com\/zh\/blog\/"},{"@type":"ListItem","position":2,"name":"\u4f7f\u7528Kong\u6765\u63a7\u5236\u5bf9API\u7684\u8bbf\u95ee – API\u5bc6\u94a5\u548cACL\u7248"}]},{"@type":"WebSite","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#website","url":"https:\/\/www.silicloud.com\/zh\/blog\/","name":"Blog - Silicon Cloud","description":"","inLanguage":"zh-Hans"},{"@type":"Person","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/cb5556d2501da73d864cac945e8d9461","name":"\u6e05, \u626c","image":{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/#\/schema\/person\/image\/","url":"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g","contentUrl":"https:\/\/secure.gravatar.com\/avatar\/32a4239de8ff29adace466261d309424a1e5fe9f7e3036bf89fe03f2e3dbe717?s=96&d=mm&r=g","caption":"\u6e05, \u626c"},"url":"https:\/\/www.silicloud.com\/zh\/blog\/author\/qingyang\/"},{"@type":"ImageObject","inLanguage":"zh-Hans","@id":"https:\/\/www.silicloud.com\/zh\/blog\/%e4%bd%bf%e7%94%a8kong%e6%9d%a5%e6%8e%a7%e5%88%b6%e5%af%b9api%e7%9a%84%e8%ae%bf%e9%97%ae-api%e5%af%86%e9%92%a5%e5%92%8cacl%e7%89%88\/#local-main-organization-logo","url":"","contentUrl":"","caption":"Blog - Silicon Cloud"}]}},"_links":{"self":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/50606","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/users\/9"}],"replies":[{"embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/comments?post=50606"}],"version-history":[{"count":2,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/50606\/revisions"}],"predecessor-version":[{"id":86462,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/posts\/50606\/revisions\/86462"}],"wp:attachment":[{"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/media?parent=50606"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/categories?post=50606"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.silicloud.com\/zh\/blog\/wp-json\/wp\/v2\/tags?post=50606"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}