profile
viewpoint
Matias Insaurralde matiasinsaurralde @TykTechnologies Paraguay https://matias.insaurral.de/ software developer (most of the time), infosec enthusiast, human being, self-taught. 24 years.

apla/atom-jscad 29

Previewing (J)SCAD 3D models inside Atom.

cmelgarejo/osk_login 3

Automate login and parsing of homebanking accounts, get the needed information like balance, debts, etc and logout.

asoorm/serverless 2

Drivers for serverless providers.

carloscarvallo/React-Gateway 2

HTTP request logger in React

matiasinsaurralde/apbp 2

Another PHP Blog's Planetarium.

matiasinsaurralde/atom-scad-preview 2

Previewing (J)SCAD 3D models inside Atom.

carloscarvallo/mini-go-wit 1

Example of Wit.ai API integrated with Messenger API

matiasinsaurralde/ach 1

ACH(Automated Clearing House) GoLang library implementing NACHA file creation and validation via reader and writer

startedalphagov/notifications-api

started time in a day

startedthrottled/throttled

started time in a day

startedbeefsack/go-rate

started time in a day

pull request commentTykTechnologies/tyk

Fix for CP Auth with policy

CI is green 👍

matiasinsaurralde

comment created time in 3 days

push eventmatiasinsaurralde/tyk

Matias Insaurralde

commit sha 59aa1c24a4974f82ee7fc3d1961be14e70994d47

coprocess: fix Python test and update CP auth logic

view details

push time in 3 days

PR opened TykTechnologies/tyk

CP Auth Fix

Incorporate changes from #2966 and fix tests. For #2884.

+36 -17

0 comment

2 changed files

pr created time in 3 days

create barnchmatiasinsaurralde/tyk

branch : cp-auth-fix

created branch time in 3 days

push eventmatiasinsaurralde/tyk

Tomas Buchaillot

commit sha 2f325360f0af42326c5783ea543ff2a984f7f1b7

Tests fix (#2978) Fix some test in order to stabilize master tests.

view details

Sredny M

commit sha 016bb2dbde175ce3bd6d6e69006efce50c16a428

remove token from client token list (#2987) When we revoke a token we need to remove it as well from the oauth client tokens list, in order that later we will not get any error trying to remove invalid tokens. This PR goes hand to hand with https://github.com/TykTechnologies/tyk-analytics/pull/1825

view details

push time in 3 days

issue commentTykTechnologies/tyk

custom go plugin middleware does not fire events

@larxxor Looks good, you could send a PR.

larxxor

comment created time in 4 days

Pull request review commentTykTechnologies/tyk

Tests fix

 func (c *CertificateManager) ListRawPublicKey(keyID string) (out interface{}) { func (c *CertificateManager) ListAllIds(prefix string) (out []string) { 	indexKey := prefix + "-index" 	exists, _ := c.storage.Exists(indexKey)-	if !exists {-		keys := c.storage.GetKeys("raw-" + prefix + "*")+	if exists && prefix != "" {+		keys, _ := c.storage.GetListRange(indexKey, 0, -1) 		for _, key := range keys {-			c.storage.AppendToSet(indexKey, key) 			out = append(out, strings.TrimPrefix(key, "raw-")) 		}- 	} else {

Would it make sense to remove this block and make "if exists" return earlier:

if exists && prefix != "" {
  // ...
  return out
}
keys := c.storage.GetKeys("raw-" + prefix + "*")
// ...
return out
tbuchaillot

comment created time in 5 days

push eventmatiasinsaurralde/tyk

Furkan Senharputlu

commit sha fb801eadd230db23819e0b01ebe40a665c58b465

Prevent quota partitioned policy to override access rights (#2957) Fixes https://github.com/TykTechnologies/tyk-analytics/issues/1775

view details

Chris Taylor

commit sha e1f233a16f01ad569bf9a3b2f416b9d830c73edd

Create stale.yml (#2958) Enable Tyk stale bot

view details

Sredny M

commit sha 361e4bb4ffa3e2403b68b7403693fa68b40d8eba

handle properly the value scope_allowance on keys (#2956) This PR was created in order to give a fix to https://github.com/TykTechnologies/tyk-analytics/issues/1698 and set the proper allowance_scope when is applied a policy with limits set for one api (but 2 apis are in accessRights array) and set policy_Id as `AllowanceScope = policyID` as well as `Limit.SetBy = resourceForScope`. Was added a test as well.

view details

Furkan Senharputlu

commit sha 92abdab508692c1ed203ce195ccf6b5823ab207a

Add global response headers adding and removing (#2935) This PR adds new way of adding and removing response global headers in versions level. ``` "versions": { "Default": { "global_response_headers": {}, "global_response_headers_remove": [], } } ``` `response_processor` will continue to be the other way. This feature doesn't break it. Gateway change for: https://github.com/TykTechnologies/tyk/issues/2453

view details

Matias Insaurralde

commit sha 80675577f01cdc8c16121d58025fc92614e123f0

Additional fix for custom auth (#2955) For #2884

view details

Leonid Bugaev

commit sha 3ecb2ac514848eb44ee9bf608a0d0eadb848d1fb

Update stale.yml

view details

Sredny M

commit sha 7a9c598091e2ef18ce4a4e755962ca2b67b9db58

inherit throttle values from policy (#2948) In order to give a fix to https://github.com/TykTechnologies/tyk-analytics/issues/1774 was added logic to inherit the throttle values from policy

view details

Sredny M

commit sha 3cc4856941a0142c45a66d654e1c020a7af72c18

fix logic when a key.update event is received from grpc in slave (#2964) when a key update event is received we were not removing or updating the key correctly (it was ignored), this PR fix that behaviour and now on slave gateways we see the data replicated correctly

view details

Sredny M

commit sha 2359bc28f7533dd4ab4f04051c65c55545296e12

make consistent how policies are applied so order doesnt matter (#2976) As the order of policies should not matter when they are applied on a key, then we now take the greatest value of the limit (rate, quota, throttling). This fix https://github.com/TykTechnologies/tyk-analytics/issues/1814

view details

Sredny M

commit sha 4eb76b067025b68e9404cac78dbed440bac92492

filter by orgId on search apis for oauthClients (#2977) When looking for the apis that uses certain oauthClient then first we filter by OrgId to make the search faster. Related to: https://github.com/TykTechnologies/tyk-analytics/issues/1817

view details

Sredny M

commit sha e64b80661db553a1b574c2c4872373197459d9b7

on Apply policies, check the highest value for each field, without considering relation with another field (#2981) always select the biggest value, it doesn't matter if it have any relation with another value, Eg: rate with per, throttle_interval with throttle_retry_limit, quota_max with quota_renewal_rate, and so on. now they are chosen independently related to: https://github.com/TykTechnologies/tyk-analytics/issues/1814

view details

push time in 5 days

startedcontainrrr/watchtower

started time in 7 days

starteddpapathanasiou/go-recaptcha

started time in 8 days

push eventcovid19py/app

Matias Insaurralde

commit sha 680590593476c688d12b78e42e0ecca15abe9de7

Desactivar autocomplete para campos personalizados

view details

push time in 11 days

push eventcovid19py/app

Matias Insaurralde

commit sha 68440bc5e9fb3ef595088bbd7735a9baeac7966c

Agregar campos personalizados al reporte

view details

push time in 11 days

delete branch covid19py/app

delete branch : react

delete time in 11 days

push eventcovid19py/app

elvus

commit sha 90a4d8ed9b238c226aaf568ff92f7b82968df34f

reset place

view details

elvus

commit sha 2ee9472a2b6ddc9342768db6b1bdfd2a17643e81

Merge branch 'master' of https://github.com/covid19py/app

view details

Carlos Carvallo

commit sha 529ad24ae0462718309c017389c6969a2eac0062

update gitignore with general node_modules

view details

Matias Insaurralde

commit sha 4aa9a04bb5d353ffd157a0f7366bf081d7e3f5a4

Ajustes en campos personalizados.

view details

push time in 11 days

push eventcovid19py/app

Matias Insaurralde

commit sha 4aa9a04bb5d353ffd157a0f7366bf081d7e3f5a4

Ajustes en campos personalizados.

view details

push time in 11 days

create barnchcovid19py/app

branch : react

created branch time in 11 days

push eventcovid19py/app

Matias Insaurralde

commit sha 18e86df3ab04b2e046f481f88f8faceeef4fcd5c

Extender campos personalizados.

view details

push time in 11 days

push eventcovid19py/app

Matias Insaurralde

commit sha 18e86df3ab04b2e046f481f88f8faceeef4fcd5c

Extender campos personalizados.

view details

push time in 11 days

push eventcovid19py/app

Mauro

commit sha e1e7121321fa8b44975614fcbc668a4c390c7468

dynamically show/hide form field for tipo_denuncia option

view details

Mauro

commit sha 0a66e2b6f54f48afb4e9e93a8e820d9c84ccdc3e

dynamically show/hide form field for tipo_denuncia option:medidas_sanitarias

view details

Mauro

commit sha 325d665c74e6681eac19993e05202670655f723e

dynamically show/hide form field for tipo_denuncia option:medidas_sanitarias

view details

Matias Insaurralde

commit sha 79e083fcf3f9c43befc7278cd1b9b32826cecb67

Agregar soporte para campos personalizados dinámicos

view details

push time in 11 days

push eventcovid19py/app

Matias Insaurralde

commit sha 79e083fcf3f9c43befc7278cd1b9b32826cecb67

Agregar soporte para campos personalizados dinámicos

view details

push time in 11 days

push eventcovid19py/app

Matias Insaurralde

commit sha 3f082780fe6794ea83f49beed9bae6bdc33662ec

Agregar soporte para campos personalizados

view details

push time in 11 days

create barnchcovid19py/app

branch : staging

created branch time in 11 days

issue commentTykTechnologies/tyk

plugin: coprocess auth doesn't apply policy check

@ilija I've added an additional fix here: #2955 Main point is that middleware.go checks for access_rights so only copying quota related fields in the first level of the session object isn't enough. This is found here in middleware.go. 👍

asoorm

comment created time in 12 days

PR opened TykTechnologies/tyk

Additional fix for custom auth

For #2884

+2 -0

0 comment

1 changed file

pr created time in 12 days

create barnchmatiasinsaurralde/tyk

branch : 2884-addition

created branch time in 12 days

push eventmatiasinsaurralde/tyk

Geofrey Ernest

commit sha 3f38102c9e4ab2b774d10ecb7ee62ccc73b7942e

fix drl logic (#2938) fixes #2928

view details

Sredny M

commit sha 64f8bf0a65cd957e24f7bd0f0a2acd46be0d0830

create wrapper for deleteHashedKey to show or not logs on failure (#2943) In order to give solution to https://github.com/TykTechnologies/tyk/issues/2941 was created a wrapper for the handler to delete hashed keys as not always that a key is not removed is an error, the reason in https://github.com/TykTechnologies/tyk/issues/2941 to get those errors are because a key that wasn't propagated is attempted to be removed, and this is not exactly an error so, display errors logs is not ok

view details

Sredny M

commit sha 596b9e5994a1890f6d149b5c37ae8af3e9ded117

on search api oauthClients is not an error to not have oauth manager set (#2942) Related to: https://github.com/TykTechnologies/tyk/issues/2936 Now, in the logic to get all the apis for a given OauthClient and we loop over the apiSpecs map, is not an error that an API doesn't have an oauthManager set, as not all the apis will use Oauth

view details

Sredny M

commit sha fbb6d87c46d18184ec573c1090b8b9037906320d

on delete client, check that the apiSpec have defined an oauth manager (#2944) as reported in https://github.com/TykTechnologies/tyk/issues/2940 on delete oauth client first we must check that the ApiSpec have a valid oauthManager loaded, in order to do so was added a validation to check that `apiSpec.OAuthManager` is not null

view details

Leonid Bugaev

commit sha 34ae05971b9b7935ae4c142564ad40655953e27e

Attach OrgID to the session object generated by plugin (#2945) Fix https://github.com/TykTechnologies/tyk/issues/2884

view details

Sredny M

commit sha af824e0943ed841e51eed130eb8ff94157380a54

Override max quota on partitioned quota policy set (#2937) When a partitioned quota policy is set, then override the global max quota with the policy value Added portion of code in tests to validate this condition Related to: https://github.com/TykTechnologies/tyk-analytics/issues/1772

view details

Sredny M

commit sha fc46567f29befc664435d3be0b9c9545c15c24d3

inherit rate values on rate partition policy (#2949) when a policy for rates partition is applied, set the correct values in key values, this aso fix the inheritance of values when more than one partition policy is applied Related to: https://github.com/TykTechnologies/tyk-analytics/issues/1748

view details

push time in 12 days

issue closedcovid19py/app

Ajustes de formulario: deshabilitar autocomplete

El autocomplete podría ser molesto en algunos casos, sería bueno desactivarlo.

closed time in 14 days

matiasinsaurralde

push eventcovid19py/app

Matias Insaurralde

commit sha 365b25ca66f42f2fe3cfe9e7ed28c60d617a5cf4

Eliminar restricción de tipo al usar Places

view details

Matias Insaurralde

commit sha e35ed90b4146ce92f1225f4d361d075587c48eef

Desactivar autocomplete en el formulario principal (#4)

view details

push time in 14 days

push eventcovid19py/app

Matias Insaurralde

commit sha 489bb088e18b80683a4a596fb6159f6e8d9e2d40

Agregar zoom al clickear markers

view details

Matias Insaurralde

commit sha 8de7c46fd90e346346999d414f5effac425c07f1

Modificar sidebar para integrar filtro

view details

push time in 14 days

push eventcovid19py/app

Matias Insaurralde

commit sha c1a626da7cb093f7799bbf18e3fb96a2da3547f4

Ajustes en JS

view details

Matias Insaurralde

commit sha 9e76ea7d37dbf1df13972df6e3d13c225e60b96f

Extender acciones

view details

Matias Insaurralde

commit sha 6ccae38aa3b094442e5f1fa385d61d45e6f20948

Ajuste de reporte

view details

push time in 14 days

push eventcovid19py/app

Matias Insaurralde

commit sha 3e1f97700991369ee268a072ff61e47468589874

schemas: ajustar coordenadas

view details

Matias Insaurralde

commit sha 3e97b8fb249b3808eabdbfe9501adffaaf4fbd9f

Agregar reporte inicial

view details

push time in 15 days

issue openedcovid19py/app

Ajustes de formulario: deshabilitar autocomplete

El autocomplete podría ser molesto en algunos casos, sería bueno desactivarlo.

created time in 15 days

startedcreativetimofficial/light-bootstrap-dashboard

started time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha 5000f8bac6509e20afb731b006790476843d02cd

Ignorar env.sh

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha d1206dbde920d030719989e47ff13e68006270b5

Arreglar assets, tomar datos de Mongo a partir de variable de entorno

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha b07c532428aba95b341dedcbefc5006258aa49ba

Ajustar idioma de Maps

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha 2b4f9a945e1a71392886689225e2ff9ba8fb950f

Ajustar placeholders

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha 7e90f18dbbf9d98c1512c710e34a970434564617

Agregar clave de Maps al Dockerfile

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha e50d3c4d48bd929dd73587882b00296325b78392

Optimizar flujo de docker build

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha d55a4fb82e569ba7fe6c0b34748c448e3734ec5a

Ajustar permisos de Docker scripts

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha 9381fa2aa8c18c8719d14a268991d60d06f29735

Ajustes para deployment

view details

Matias Insaurralde

commit sha 02278bd4b3b7d4768755883f7bd1a541137b5a7a

Actualizar gitignore

view details

push time in 15 days

push eventcovid19py/app

Matias Insaurralde

commit sha 4e9d558efa2a3f395bd0f31c6380d37a49db6463

Actualizar dependencias

view details

push time in 15 days

MemberEvent

push eventcovid19py/ui

Matias Insaurralde

commit sha 58c08f061859caf952fcdca555e500bdf6e1efc0

Especificar template_folder

view details

push time in 16 days

push eventcovid19py/ui

Matias Insaurralde

commit sha ef537436f52fa6412eb1ad38de99f1bf5ade3ec1

Agregar backend inicial

view details

push time in 16 days

create barnchcovid19py/ui

branch : server-code

created branch time in 16 days

startedcreativetimofficial/argon-dashboard-react

started time in 16 days

push eventcovid19py/app

Matias Insaurralde

commit sha ae591f2fd3d3eb6d015730a15451be8755e22102

Agregar interacción con MongoDB

view details

push time in 16 days

push eventcovid19py/app

Matias Insaurralde

commit sha 97a1597b1305207e413f9bbfedecf6ad8aec676e

Agregar esquema

view details

push time in 16 days

MemberEvent

push eventcovid19py/app

Matias Insaurralde

commit sha 778741e6688d7c256363a308d8a96dd1dbf74e73

Commit inicial

view details

push time in 16 days

push eventcovid19py/app

Matias Insaurralde

commit sha c7c48fcf9b83679c0f09c6ce9bbd1e27d783aada

Commit inicial

view details

push time in 16 days

startedcovid19py/ui

started time in 16 days

startedcovid19py/app

started time in 16 days

startedgoogle-map-react/google-map-react

started time in 16 days

MemberEvent

create barnchcovid19py/app

branch : master

created branch time in 16 days

created repositorycovid19py/app

created time in 16 days

MemberEvent

create barnchcovid19py/ui

branch : master

created branch time in 16 days

created repositorycovid19py/ui

created time in 16 days

startedjmayalag/covid19-scrape

started time in 16 days

issue openedTykTechnologies/tyk

Extend JSVM logging options

Is your feature request related to a problem? Please describe. When using JS plugins we provide two logging functions: log and rawlog. Currently log uses the info log level by default. It could be useful to extend this function to allow JS plugins to use different log levels. As another related enhancement we could consider adding a function to enable/disable all JSVM logging.

created time in 16 days

PR opened TykTechnologies/tyk

coprocess: update token management logic when using custom authentica…

Alternative fix for #2924

We should probably extend the first block to cover other type of token updates, or we could implement them if a requirement is raised in the future.

I've tried different scenarios like the ones described in #2884.

+7 -3

0 comment

1 changed file

pr created time in 18 days

create barnchmatiasinsaurralde/tyk

branch : apply-policies-fix

created branch time in 18 days

push eventmatiasinsaurralde/tyk

Komal Sukhani

commit sha b4166ddb57bc96adb6b7a2f54459dbc7ed22956c

fix plugins (#2923) Fixes #2922 In 2.8.x URL Rewrite/Method transform middleware directly modified http.Request object. This behavior was changed in 2.9.x(https://github.com/TykTechnologies/tyk/pull/2301/files) http.Request is now transformed at the end of middleware chain. Because of this Post hook did not received modified values. Fixed the code by passing URLRewrite/Method Transform info to Post hook of the plugin.

view details

Leonid Bugaev

commit sha 2969b17d82c3e776e55072ed451c8a42c93aed47

Fix coprocess auth plugin quota usage (#2924) Quota mechanism depends on QuotaRenewalDate field, which in case of auth plugin always gets overridden. In order to fix, we need to get an existing session, check its renewal date, and assign it to a new session object. Fix https://github.com/TykTechnologies/tyk/issues/2884

view details

Leonid Bugaev

commit sha ef5159ebd7b882715b2860160baef41eaae11cc7

Fix OpenID EDCA issue (#2925) Fix https://github.com/TykTechnologies/tyk/issues/2790

view details

Geofrey Ernest

commit sha 3c1600047c50d6e3e4fadfe4f7db976347bdf499

Fix parsing jwk public key (#2912) This checks if the key is PEM and decodes it as PEM. It uses the raw key if it isn't in PEM format. fixes #2790 closes #2873

view details

Furkan Senharputlu

commit sha 42f6eaf4453a173a52f3de55f37e0af8ce1b2cfc

Make testdata and templates a dependency (#2891) In dashboard, when `go mod vendor` is run, it removes `testdata` and `templates` although they are a dependency in runtime and cause failure in tests. This PR makes them a dependency in compile time and will provide that they will be vendored in the dashboard.

view details

Furkan Senharputlu

commit sha 54a18fc3dcb32633a7b86b14ca17f576f8882684

Override oauth errors with global config (#2927) This PR defines a new config variable: `override_messages` to override error messages and codes. Example usage: ``` "override_messages": { "oauth.auth_field_missing" : { "code": 401, "message": "Token is not authorised" } } ``` The following are the configurable errors for now: ``` "auth.auth_field_missing" "auth.key_not_found" "oauth.auth_field_missing" "oauth.auth_field_malformed" "oauth.key_not_found" "oauth.client_deleted" ``` Also, it is possible to override only error code or only error message. Like this: ``` "override_messages": { "oauth.auth_field_missing" : { "code": 401, } } ``` Fixes https://github.com/TykTechnologies/tyk/issues/2900

view details

push time in 18 days

pull request commentTykTechnologies/tyk

New reload mechanism (delta hot reload)

I've refactored the implementation a bit more and merged the standard reload mechanism as well as the new one under a syncAll method so that it becomes easier to test. Currently checking the CI with latest changes.

matiasinsaurralde

comment created time in 20 days

push eventmatiasinsaurralde/tyk

Matias Insaurralde

commit sha 529ba90baac75187a71cdde5f016e7a6519ce1e1

gateway: implement delta reload

view details

push time in 20 days

startedabdontroche/InfraRed_Gel_Universal_Dispenser

started time in 20 days

startedpenguin-academy/covid-19-py

started time in 20 days

startedgo-nlp/dmmclust

started time in 22 days

startedmosuka/blast

started time in 22 days

startedxtgo/set

started time in 22 days

Pull request review commentTykTechnologies/tyk

fix plugins

 func (c *CoProcessor) ObjectPostProcess(object *coprocess.Object, r *http.Reques 		values.Set(p, v) 	} -	r.URL, err = url.ParseRequestURI(object.Request.Url)+	parsedURL, err := url.ParseRequestURI(object.Request.Url) 	if err != nil { 		return 	}++	rewriteURL := ctxGetURLRewriteTarget(r)+	if rewriteURL != nil {+		ctxSetURLRewriteTarget(r, parsedURL)+		r.URL, _ = url.ParseRequestURI(origURL)

Could be useful to log this error. In past experiences it was really useful.

komalsukhani

comment created time in 25 days

push eventmatiasinsaurralde/tyk

Leonid Bugaev

commit sha 69ed7eee8b9d32be34d507c0ef8f3cd15f92aded

CoProcess Auth should check the policy (#2798) Replaces: https://github.com/TykTechnologies/tyk/pull/2650 Fixes: https://github.com/TykTechnologies/tyk/issues/2884

view details

Furkan Senharputlu

commit sha 22e6f2f117fe9dfd8f9eb44a2604d48fc7075331

Add global option to ignore endpoint case (#2908) This PR adds new config parameter `ignore_endpoint_case`. If it is `true`, all endpoint matches will work by ignoring case no matter what is set for the `ignore_endpoint_case` value in API level and the endpoint `ignore_case` value. On UI, maybe we should disable it when the global one is true. Also, it adds new API level parameter `ignore_enpoint_case`. If it is `true`, all endpoint matches for the API will work by ignoring case no matter what is set for the endpoint `ignore_case` value. Fixes #2897

view details

Furkan Senharputlu

commit sha 4c90f75e5a23fdfc5c241a124ec4dd2dcd474898

Fix auth header stripping when custom header is used (#2911) Fixes https://github.com/TykTechnologies/tyk-analytics/issues/1683

view details

Matias Insaurralde

commit sha 927056fbd94639b150f103afe0cf107ed9af4bb2

coprocess: makes sure that the new request body can be reused (#2913). (#2914) Fix for #2913. Makes use of the `nopCloseRequestBody` helper.

view details

Sredny M

commit sha b254e37dc119a1fb59b23da8847c986e49b573ff

Feature revoke oauth tokens (#2896) Added endpoints to allow users to revoke access and refresh tokens, the endpoints are exposed in 2 levels: dashboard access (its already connected using another endpoint) and exposed directly via api as `OAuthHandler` (this one is compliant of https://tools.ietf.org/html/rfc7009) To be specific, the endpoints added are for: - revoke single token, describing the token and token_type_hint - revoke all the tokens related to one oauth client, for this the user must provide: apiId, clientSecret and clientID **Revoke single token** Method: POST Path: /{api-id}/oauth/revoke Content type: application/x-www-form-urlencoded Body: - token: string | required - token_type_hint: string | optional | accepted values = {access_token, refresh_token} **Revoke all tokens** Method: POST Path: /{api-id}/oauth/revoke_all Content type: application/x-www-form-urlencoded Body: - client_id : ID of Oauth client - client_secret: Secret of Oauth client, used to check the veracity of the request Related to: https://github.com/TykTechnologies/product/issues/264

view details

Tomas Buchaillot

commit sha 34cf3a91932c541231a5dc44c9bab322bbc30cc9

Certificate and oAuth client listing optimization (#2907) Related [#1740 tyk-analytics](https://github.com/TykTechnologies/tyk-analytics/issues/1740) The idea behind this change is to create an index list with the keys values of certs / OAuth clients to avoid SCAN or KEYS operations.

view details

push time in 25 days

PR opened TykTechnologies/tyk

Fix rich plugins and JSON validation usage

Fix for #2913.

Makes use of the nopCloseRequestBody helper.

+1 -0

0 comment

1 changed file

pr created time in a month

create barnchmatiasinsaurralde/tyk

branch : rich-plugins-json-validation-fix

created branch time in a month

issue openedTykTechnologies/tyk

Rich plugins and JSON validation

Branch/Environment/Version

  • Branch/Version: All
  • Environment: All

Describe the bug When using rich plugins and JSON validation, the gateway fails with the following proxy error. It only occurs on successful access:

http: proxy error: http: ContentLength=14 with Body length 0 api_id=3 api_name=Tyk Test API mw=ReverseProxy org_id=default server_name=httpbin.org user_id=****5b89 user_ip=127.0.0.1 user_name=

For context, Tyk dispatches the request, the plugin executes its logic and a modified PB object is sent back to the gateway. After this the middleware chain continues and the JSON validation middleware is called, the error doesn't occur at this point yet.

The error occurs in the reverse proxy code. If the JSON validation is disabled, everything works as expected.

From my tests, gRPC and Python plugins are affected.

Reproduction steps

  1. Setup an API with the following definition:
{
    "name": "Tyk Test API",
    "api_id": "3",
    "org_id": "default",
    "definition": {
        "location": "",
        "key": ""
    },
    "use_keyless": false,
    "auth": {
        "auth_header_name": "Authorization"
    },
    "version_data": {
        "not_versioned": true,
        "versions": {
            "Default": {
                "name": "Default",
                "expires": "3000-01-02 15:04",
                "use_extended_paths": true,
                "extended_paths": {
                    "track_endpoints": [
                        {
                            "path": "/status",
                            "method": "POST"
                        },
                        {
                            "path": "/status",
                            "method": "PUT"
                        },
                        {
                            "path": "/status",
                            "method": "GET"
                        }
                    ],
                    "validate_json": [
                        {
                            "path": "/status",
                            "method": "POST",
                            "schema": {
                                "properties": {
                                    "t": {
                                        "type": "string"
                                    }
                                },
                                "type": "object"
                            },
                            "error_response_code": 422
                        }
                    ]
                }
            }
        }
    },
    "proxy": {
        "listen_path": "/quickstart/",
        "target_url": "http://httpbin.org/anything/",
        "strip_listen_path": true
    },
    "custom_middleware_bundle": "bundle.zip",
    "enable_coprocess_auth": true,
    "do_not_track": true
}
  1. Setup a Python plugin (happens with gRPC plugins too) with the following manifest file:
{
  "file_list": [
    "middleware.py"
  ],
  "custom_middleware": {
    "driver": "python",
    "auth_check": {
      "name": "MyAuthMiddleware"
    }
  }
}
  1. Set the following code in middleware.py:
from tyk.decorators import *
from gateway import TykGateway as tyk

@Hook
def MyAuthMiddleware(request, session, metadata, spec):
  auth_header = request.get_header('Authorization')
  if auth_header == '47a0c79c427728b3df4af62b9228c8ae':
    tyk.log("I'm logged!", "info")
    tyk.log("Request body" + request.object.body, "info")
    tyk.log("API config_data" + spec['config_data'], "info")
    session.rate = 1000.0
    session.per = 1.0
    metadata["token"] = "47a0c79c427728b3df4af62b9228c8ae"
  return request, session, metadata
  1. Send a request to the API using a valid token:
$ curl http://localhost:8080/quickstart/status -H 'Authorization: 47a0c79c427728b3df4af62b9228c8ae' -X POST --data '{"t":"hello"}' -v
  1. This is the expected output:
*   Trying 127.0.0.1...
* TCP_NODELAY set
* Connected to localhost (127.0.0.1) port 8080 (#0)
> POST /quickstart/status HTTP/1.1
> Host: localhost:8080
> User-Agent: curl/7.56.1
> Accept: */*
> Authorization: 47a0c79c427728b3df4af62b9228c8ae
> Content-Length: 13
> Content-Type: application/x-www-form-urlencoded
> 
* upload completely sent off: 13 out of 13 bytes
< HTTP/1.1 500 Internal Server Error
< Content-Type: application/json
< X-Generator: tyk.io
< Date: Tue, 10 Mar 2020 07:14:30 GMT
< Content-Length: 59
< 
{
    "error": "There was a problem proxying the request"
* Connection #0 to host localhost left intact
}

Expected behavior Rich plugins should work when JSON validation is enabled.

created time in a month

push eventmatiasinsaurralde/tyk

Matias Insaurralde

commit sha 28d63ea38bbdd24519c61492fa435df677a3e29e

Add deltaSync implementation (#2803)

view details

push time in a month

startedtimokoesters/nbodysim

started time in a month

issue commentmatiasinsaurralde/go-wavm

Threads?

Hi, it should be possible to achieve it, one strategy could be to ensure that an instance is initialized on every goroutine (and that other goroutines don't access it). IIRC there were some issues when trying to do this, we probably need to dig deeper into the WAVM code and expose a better API. I've been mostly focused on go-wasm3 in the past weeks. Would be happy to continue the WAVM package in the upcoming weeks.

jedisct1

comment created time in a month

PR opened TykTechnologies/tyk

WIP for new reload (delta hot reload)

For #2803

+59 -10

0 comment

3 changed files

pr created time in a month

push eventmatiasinsaurralde/tyk

Matias Insaurralde

commit sha 5c2f7b387194827377fdad23aeb110a5699582b7

Add deltaSync function

view details

push time in a month

push eventmatiasinsaurralde/tyk

Matias Insaurralde

commit sha 0f8d8813d2e6ed307a6cefceadeee4afe7480e3b

coprocess_python: makes sure that PyBytesFromString releases memory. (#2895) Fix for #2894, similar to #1886: 1. Implemented bindings for `Py_IncRef`, `Py_DecRef` and `PyTuple_ClearFreeList` (could be potentially used). 2. Corrected `free` call in `PyBytesFromString`. 3. Added refcount handlers in `coprocess_python.go`. With this patch, GC object count looks better over time (using the middleware attached in #2894): ``` myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 myhook called 29509 ``` Under some scenarios, additional tweaks might be required (either on the plugin side or Tyk Python code side) to run the GC collection more often, etc.

view details

Leonid Bugaev

commit sha 03c3b950da06e799be9182876276ce65f1971196

Allow oAuth token override metadata if using key_rules (#2901) Now token inherits and overrides client metadata Fix https://github.com/TykTechnologies/tyk/issues/2724 Added instead of https://github.com/TykTechnologies/tyk/pull/2885

view details

Alok G Singh

commit sha 4e4d37e55903f59d06190b2f6707de7229d289fa

Rotating signing key (#2883) Corresponding changes have been made in rpm-sign.sh in the BuddyFS. Please merge to all release branches to handle historical builds in the future.

view details

Komal Sukhani

commit sha ca94e89b5c00a647c61b71b9677203fde969baf1

Fix request signing middleware (#2904) Fixes [2779#issuecomment-593985740](https://github.com/TykTechnologies/tyk/issues/2779#issuecomment-593985740) 1. Handle the case of listen plan containing trailing slash 2. Add test cases 3. Fix test cases of URLRewrite case

view details

push time in a month

startedrichardanaya/libw

started time in a month

pull request commentTykTechnologies/tyk

Avoid the "dispatch_hook" reference on every request

This is part of #2903 now.

matiasinsaurralde

comment created time in a month

issue openedTykTechnologies/tyk

Optimize dispatcher references when using Python plugins

Branch/Environment/Version

  • Branch/Version: Master
  • Environment: All

Describe the bug Before 2.9, we initialized reusable references in Python_NewDispatcher, this included not just the dispatcher module but also the dispatch_hook method. This is found here.

In 2.9, after implementing the dynamic Python loader, a similar behavior was implemented but the dispatch_hook reference is retrieved on every Dispatch call, on every request:

Enhancement Because method references can be safely reused, we could move this reference to the dispatcher initialization block. This will reduce the number of Python objects in memory and it's also one less cgo call.

PR is #2898.

created time in a month

startednextstrain/ncov

started time in a month

startedpython-recsys/benchy

started time in a month

startedpythonprofilers/memory_profiler

started time in a month

startedsysread/pyprof

started time in a month

startedalekseyl1992/cpython_async_extension

started time in a month

startedwazuh/wazuh

started time in a month

fork matiasinsaurralde/stackimpact-python

StackImpact Python Profiler - Production-Grade Performance Profiler: CPU, memory allocations, blocking calls, exceptions, metrics, and more

https://stackimpact.com

fork in a month

startedstackimpact/stackimpact-python

started time in a month

issue commentTykTechnologies/tyk

Additional hook for plugin middlewares to modify Response

@letzya The above PR was only for other types of plugins.

billxinli

comment created time in a month

PR opened TykTechnologies/tyk

Avoid the "dispatch_hook" reference on every request

This gets the reference on initialization and keeps it global, just like other dispatcher references. Complementary to #2895 (#2894).

+9 -12

0 comment

1 changed file

pr created time in a month

more