HTTPS support - Githubissues

Waziup / WaziCloud

WAZIUP Cloud and local platform

31 stars 28 forks source link

HTTPS support #159

Closed j-forster closed 7 years ago

j-forster commented 7 years ago

broker.waziup.io, orion.waziup.io and historicaldata.waziup.io lack https support.

HTTPS is required when accessing broker data from other webapps that use https, as a request to a non-secure location gets blocked by CORS.

Regarding #148 (Waziup new API), https should be enabled by default.

cdupont commented 7 years ago

HI @j-forster, do you know how to do it? A pull request would be highly appreciated :)

j-forster commented 7 years ago

I'm struggling with a local waziup instance to test my changes. How can i test changes made to identity/proxy/identityproxy.conf?

# Waziup API Endpoint, HTTPS only
<VirtualHost *:443>
  ServerName api.waziup.io

  SSLEngine on
  SSLCertificateFile /etc/ssl/certs/apache.crt
  SSLCertificateKeyFile /etc/ssl/private/apache.key

  # Manage OPTIONS requests and CORS stuff
  RewriteEngine On 
  Header always set Access-Control-Allow-Origin "*"
  Header always set Access-Control-Allow-Methods "POST, PUT, PATCH, GET, DELETE, OPTIONS"
  Header always set Access-Control-Allow-Headers "Origin, X-Requested-With, Content-Type, Accept, Authorization, Fiware-ServicePath, Fiware-Service"
  LogLevel debug
  RewriteCond %{REQUEST_METHOD} OPTIONS 
  RewriteRule ^(.*)$ $1 [R=200,L] 

  # Waziup API v1
  <Location /v1/broker>
    ProxyPass        "http://orion.waziup:1026"
    ProxyPassReverse "http://orion.waziup:1026"
  </Location>

  <Location /v1/historical>
    ProxyPass        "http://sth-comet.waziup:8666/"
    ProxyPassReverse "http://sth-comet.waziup:8666/"
  </Location>

  <Location /v1/sms/send>
     LogLevel debug
     ProxyPass        "https://messaging.mergdata.com/api/v1/sms/send"
     ProxyPassReverse "https://messaging.mergdata.com/api/v1/sms/send"
  </Location>

  <Location /v1/sms/receive>
     ProxyPass        "http://smsapp.waziup:8000/v1/sms/receive"
     ProxyPassReverse "http://smsapp.waziup:8000/v1/sms/receive"
  </Location>

  <Location /v1/sms/register>
     ProxyPass        "http://smsapp.waziup:8000/v1/sms/register"
     ProxyPassReverse "http://smsapp.waziup:8000/v1/sms/register"
  </Location>
</VirtualHost>

cdupont commented 7 years ago

Hi Johann, sorry for the late reply. I'm working on the docker-compose file now. It should be ready today.

cdupont commented 7 years ago

I made some progress in the branch dockerize. You should be able to start the whole platform with this docker-compose: https://github.com/Waziup/Platform/blob/dockerize/docker-compose.yml

git clone git@github.com:Waziup/Platform.git
git checkout dockerize
git submodule update --init --recursive
cd Platform
docker-compose build
docker-compose up

The API is as discussed: https://github.com/Waziup/Platform/blob/dockerize/proxy/proxy.conf

The dashboard will not work yet because I need to include the default configuration into keycloak.

cdupont commented 7 years ago

I let you include the SSL endpoints :)

j-forster commented 7 years ago

Thanks for the dockerize progress! I easily managed to run the platform using docker-compose. But this command is not going to map/expose the ports, or is it?

cdupont commented 7 years ago

It's exposing the API on localhost, for example http://localhost/api/v1/orion/v2/entities for Orion.

j-forster commented 7 years ago

Using the "Docker Quickstart Terminal" creates a virtual machine with a different IP.. I didn't know that. However, I made a pull request that resolves the https issue - what do you think?

cdupont commented 7 years ago

@j-forster I think we can close this one?