Menu Close

10.3.4.3. API 网关调用 3scale 是否正确?

如果要检查 API 网关是否要进行 3scale 来满足故障排除的需要,您只能将以下代码片段添加到 nginx.conf 中的 3scale authrep 位置(API 密钥和 App\_id 身份验证模式为 /threescale_authrep ):

body_filter_by_lua_block{
  if ngx.req.get_headers()["X-3scale-debug"] == ngx.var.provider_key then
    local resp = ""
    ngx.ctx.buffered = (ngx.ctx.buffered or "") .. string.sub(ngx.arg[1], 1, 1000)
    if ngx.arg[2] then
      resp = ngx.ctx.buffered
    end

    ngx.log(0, ngx.req.raw_header())
    ngx.log(0, resp)
  end
}

当发送 X-3scale-debug 标头 时,此片段会将以下额外日志记录添加到 nginx error.log 中,例如 curl -v -H 'X-3scale-debug:YOUR_PROVIDER_KEY' -X GET "https://726e3b99.ngrok.com/api/contacts.json?access_token=7c6f24f5"

这会生成以下日志条目:

2016/05/05 14:24:33 [] 7238#0: *57 [lua] body_filter_by_lua:7: GET /api/contacts.json?access_token=7c6f24f5 HTTP/1.1
Host: 726e3b99.ngrok.io
User-Agent: curl/7.43.0
Accept: */*
X-Forwarded-Proto: https
X-Forwarded-For: 2.139.235.79

 while sending to client, client: 127.0.0.1, server: pili-virtualbox, request: "GET /api/contacts.json?access_token=7c6f24f5 HTTP/1.1", subrequest: "/threescale_authrep", upstream: "https://54.83.62.94:443/transactions/oauth_authrep.xml?provider_key=REDACTED&service_id=REDACTED&usage[hits]=1&access_token=7c6f24f5", host: "726e3b99.ngrok.io"
2016/05/05 14:24:33 [] 7238#0: *57 [lua] body_filter_by_lua:8: <?xml version="1.0" encoding="UTF-8"?><error code="access_token_invalid">access_token "7c6f24f5" is invalid: expired or never defined</error> while sending to client, client: 127.0.0.1, server: pili-virtualbox, request: "GET /api/contacts.json?access_token=7c6f24f5 HTTP/1.1", subrequest: "/threescale_authrep", upstream: "https://54.83.62.94:443/transactions/oauth_authrep.xml?provider_key=REDACTED&service_id=REDACTED&usage[hits]=1&access_token=7c6f24f5", host: "726e3b99.ngrok.io"

第一个条目(2016/05/05 14:24:33 [] 7238#0: *57 [lua] body_filter_by_lua:7:)显示发送到 3scale 的请求标头,本例中为:主机、用户辅助、验收、X-Forwarded-Proto 和 X-Forwarded-For.

第二个条目(2016/05/05 14:24:33 [] 7238#0: *57 [lua] body_filter_by_lua:8:)从 3scale 打印出响应,本例中为 <error code="access_token_invalid">access_token "7c6f24f5" is invalid: expire 或 neverdefined</error>

两者都将打印出原始请求(GET /api/contacts.json?access_token=7c6f24f5)和 subrequest 位置(/threescale_authrep)以及上游请求(上游: "https://54.83.62.94:443/transactions/threescale_authrep.xml?provider_key=REDACTED&service_id=REDACTED&usage[hits]=1&access_token=7c6f24f5"。 通过这个最后一个值,您可以查看 3scale IP 中的哪些已被解决,以及向 3scale 发出的确切请求。