From ca787422d65c0befa135cdfab394f77e675d0e79 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Sat, 27 Apr 2019 13:30:50 -0300 Subject: [PATCH 01/11] circuit breaker doc draft --- content/en/consumer/circuit-breaker.md | 17 +++++++++++++++++ 1 file changed, 17 insertions(+) diff --git a/content/en/consumer/circuit-breaker.md b/content/en/consumer/circuit-breaker.md index 0fb82a4c..c87040a6 100644 --- a/content/en/consumer/circuit-breaker.md +++ b/content/en/consumer/circuit-breaker.md @@ -9,3 +9,20 @@ aliases: [] toc: false draft: false --- + +Circuit breaker can be used through Http2Client::getRequestService method, it uses a request wrapped by java.util.concurrent.CompletableFuture producer, in other words, whenever execute CircuitBreaker::call, it create a new request and execute it. + +There is a specifc configuration on client.yml, e.g.: + +```yml +request: + errorThreshold: 5 + timeout: 3000 + resetTimeout: 600000 +``` + +* errorThreshold: amount of timeout errors before change state for open (default value: 5). +* timeout: amount of time in milliseconds for wait for response of a request (default value: 3000). +* resetTimeout: amount of time in milliseconds for keep state open before change for half open (default value: 600000). + +whether is not provided a value for any parameter, is adoted default value. \ No newline at end of file From a926668598568615e249c8c6a91addf3611f8521 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Sat, 27 Apr 2019 13:51:36 -0300 Subject: [PATCH 02/11] pt-br initial commit --- content/pt-br/_index.md | 71 +++++++++++++++++++++++++++++++++++++++++ 1 file changed, 71 insertions(+) create mode 100644 content/pt-br/_index.md diff --git a/content/pt-br/_index.md b/content/pt-br/_index.md new file mode 100644 index 00000000..db2c7cef --- /dev/null +++ b/content/pt-br/_index.md @@ -0,0 +1,71 @@ +--- +title: "Consumidor de serviço" +date: 2019-04-27T13:37:28-03:00 +description: "" +categories: [] +keywords: [] +menu: + docs: + parent: "consumer" + weight: 1 +weight: 1 +aliases: [] +toc: false +draft: false +--- + +Maioria dessas seções neste site são como construir, implantar e gerenciar serviços. +Esta seção discutirá arquitetura de microserviços e melhores práticas da perspectiva do consumidor. + +Ao contrário de monolitos web services JavaEE com somente um cliente e um servidor, há muitos microserviços +envolvidos em uma requisição externa e é muito importante a latência geral na eficiência na comunicação cliente e servidor. + +A definição de cliente vs servidor ou consumidor vs provedor é ofuscada como um serviço que pode ser o servidor para um outro serviço +e ao mesmo tempo isto pode ser um cliente para outro serviço. + +O menu abaixo contém arquitetura, design e melhores práticas: + +- [Client Module](/consumer/client-module/) + * [Which Jar Files](/consumer/jar-files/) + * [TLS Connection](/consumer/tls-connection/) + * [HTTP 2.0](/consumer/http2/) + * [Security](/architecture/security/) + + [Subject Token](/consumer/subject-token/) + + [Access Token](/consumer/access-token/) + + [Customized Grant Type](/consumer/customized-grant/) + + [Get Token in Startup](/consumer/token-startup/) + + [Long Lived Token](/consumer/long-lived-token/) + + [Key Distribution](/architecture/key-distribution/) + + [Secret Encryption](/consumer/secret-encryption/) + + [SPA Stateful](/consumer/spa-session-jwt/) + + [SPA Stateless](/consumer/spa-cookie-jwt/) + + [SPA CSRF Prevention](/consumer/spa-csrf/) + + [SPA XSS Prevention](/consumer/spa-xss/) + + [SPA BFF](/consumer/spa-bff/) + * [Traceability](/consumer/traceability/) + + [Traceability Id](/consumer/traceability-id/) + + [Correlation Id](/consumer/correlation-id/) + * [Circuit Breaker](/consumer/circuit-breaker/) + * [CompletableFuture](/consumer/completable-future/) +- [light-consumer-4j](/consumer/light-consumer-4j/) +- [Service Discovery](/consumer/service-discovery/) + * [Registry](/consumer/registry/) + + [Standalone](/consumer/standalone-registry/) + + [Docker](/consumer/docker-registry/) + + [Kubernetes](/consumer/kubernetes-registry/) + * [Discovery](/consumer/discovery/) + + [Consul](/consumer/consul-discovery/) + + [Zookeeper](/consumer/zookeeper-discovery/) + * [SPA and Mobile](/consumer/spa-mobile/) +- [Load Balance](/consumer/load-balance/) + * [Round Robin](/consumer/round-robin/) + * [Local First](/consumer/local-first/) + * [Consistent Hash](/consumer/consistent-hash/) +- [Light Router](/consumer/light-router/) + * [Use Cases](/consumer/router-use-case/) + * [Location and Ownership](/service/router/location-ownership/) +- [Single Page Application](/consumer/spa/) + * [React](/consumer/react/) + * [React-schema-form](/consumer/react-schema-form/) + * [Vue](/consumer/vue/) + * [Angular](/consumer/angular/) From 29a2451521b49394c87e95dfc671604d98268aa4 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Wed, 1 May 2019 20:48:46 -0300 Subject: [PATCH 03/11] adds an index and circuit breaker translated to pt-br --- content/pt-br/_index.md | 121 ++++++++++------------ content/pt-br/consumer/_index.md | 71 +++++++++++++ content/pt-br/consumer/circuit-breaker.md | 28 +++++ 3 files changed, 155 insertions(+), 65 deletions(-) create mode 100644 content/pt-br/consumer/_index.md create mode 100644 content/pt-br/consumer/circuit-breaker.md diff --git a/content/pt-br/_index.md b/content/pt-br/_index.md index db2c7cef..328ce8f7 100644 --- a/content/pt-br/_index.md +++ b/content/pt-br/_index.md @@ -1,71 +1,62 @@ --- -title: "Consumidor de serviço" -date: 2019-04-27T13:37:28-03:00 -description: "" -categories: [] -keywords: [] -menu: - docs: - parent: "consumer" - weight: 1 -weight: 1 -aliases: [] -toc: false -draft: false ---- +title: "A High Throughput, Low Latency and Small Memory Footprint API Platform" +date: 2017-03-02T12:00:00-05:00 +features: + - heading: Blistering Speed and Small Memory Footprint + image_path: /images/icon-fast.svg + tagline: Save 10x to 100x on production provision costs + copy: You need hundreds of instances of Spring Boot with Tomcat embedded to match one instance of light-4j in "Hello World" for the same throughput and latency. + + - heading: Embedded Gateway to Address all Cross-cutting Concerns + image_path: /images/icon-content-management.svg + tagline: Maximize developers productivity by focusing on business logic only + copy: Plugin architecture that allows middleware handlers to be injected into the request/response chain to handler security, metrics, audit etc. -Maioria dessas seções neste site são como construir, implantar e gerenciar serviços. -Esta seção discutirá arquitetura de microserviços e melhores práticas da perspectiva do consumidor. + - heading: Design and Test Driven Development + image_path: /images/icon-shortcodes.svg + tagline: OpenAPI specification, Unit, Integration, End-to-End and Client Tests + copy: Generate code from specification and encourage unit tests, integration tests, end-to-end test as well as client tests to ensure quality and interoperability. -Ao contrário de monolitos web services JavaEE com somente um cliente e um servidor, há muitos microserviços -envolvidos em uma requisição externa e é muito importante a latência geral na eficiência na comunicação cliente e servidor. + - heading: Built-in DevOps Tool Chain for CI/CD + image_path: /images/icon-built-in-templates.svg + tagline: Light-bot pipeline, Ansible playbook, Docker and Kubernetes + copy: The entire tool chain (pipeline) and infrastructure (logging, metrics, messaging, security etc.) are integrated together for microservices and services are dockerized and orchestrated by Kubernetes. -A definição de cliente vs servidor ou consumidor vs provedor é ofuscada como um serviço que pode ser o servidor para um outro serviço -e ao mesmo tempo isto pode ser um cliente para outro serviço. + - heading: Multi-Style Support for Different Products + image_path: /images/icon-multilingual2.svg + tagline: Both synchronous request/response and asynchronous event driven frameworks + copy: Support Restful(light-rest-4j), Graphql(light-graphql-4j), Hybrid(light-hybrid-4j) and Eventuate Consistency(light-eventuate-4j). Also Saga(light-saga-4j) for transaction orchestration between services. -O menu abaixo contém arquitetura, design e melhores práticas: + - heading: OAuth2, Portal and Services to Form an Ecosystem + image_path: /images/icon-custom-outputs.svg + tagline: Provide a platform for on-premise solutions as well as hosted solutions + copy: light-oauth2 for security and light-portal is for service runtime monitoring and management and API marketplace. Kafka for messaging, ELK for logging, InfluxDB and Grafana for metrics and ArangoDB for DB. +sections: + - heading: "Cross-Cutting Concerns" + cta: Check out light-4j middleware handlers. + link: /concern/ + color_classes: bg-primary-color-light black + image: /images/home-page-templating-example.png + copy: "Light-4j and related frameworks provide dozens of middleware handlers that can be injected into the request/response chain to give your service an embedded gateway." + - heading: "Interaction Styles" + cta: Use the right framework for the right product. + link: /architecture/category/ + color_classes: bg-primary-color-light black + image: /images/home-page-templating-example.png + copy: "Restful for public API, Graphql for mobile and Sing Page Application, Hybrid for serverless and take advantage of both Monolithic and Microservices architecture. Eventuate for event driven." + - heading: "Infrastructure Services" + cta: OAuth2, Portal and other infrastructure services. + link: /service/ + color_classes: bg-primary-color-light black + image: /images/home-page-templating-example.png + copy: "OAuth2 provider is responsible for centralize policy management and services are responsible for policy enforcement. Portal is API management and marketplace. Others are third party services." + - heading: "Tool Chains" + cta: Tool chain for code generation, devops and CI/CD. + link: /tool/ + color_classes: bg-primary-color-light black + image: /images/home-page-templating-example.png + copy: "Light-codegen is used for scaffolding project from OpenAPI spec, GraphQL IDL or Hybrid Schema. Light-bot Pipeline for building, packaging, releasing and dockerizing. Kubernetes is for service orchestration." + +--- -- [Client Module](/consumer/client-module/) - * [Which Jar Files](/consumer/jar-files/) - * [TLS Connection](/consumer/tls-connection/) - * [HTTP 2.0](/consumer/http2/) - * [Security](/architecture/security/) - + [Subject Token](/consumer/subject-token/) - + [Access Token](/consumer/access-token/) - + [Customized Grant Type](/consumer/customized-grant/) - + [Get Token in Startup](/consumer/token-startup/) - + [Long Lived Token](/consumer/long-lived-token/) - + [Key Distribution](/architecture/key-distribution/) - + [Secret Encryption](/consumer/secret-encryption/) - + [SPA Stateful](/consumer/spa-session-jwt/) - + [SPA Stateless](/consumer/spa-cookie-jwt/) - + [SPA CSRF Prevention](/consumer/spa-csrf/) - + [SPA XSS Prevention](/consumer/spa-xss/) - + [SPA BFF](/consumer/spa-bff/) - * [Traceability](/consumer/traceability/) - + [Traceability Id](/consumer/traceability-id/) - + [Correlation Id](/consumer/correlation-id/) - * [Circuit Breaker](/consumer/circuit-breaker/) - * [CompletableFuture](/consumer/completable-future/) -- [light-consumer-4j](/consumer/light-consumer-4j/) -- [Service Discovery](/consumer/service-discovery/) - * [Registry](/consumer/registry/) - + [Standalone](/consumer/standalone-registry/) - + [Docker](/consumer/docker-registry/) - + [Kubernetes](/consumer/kubernetes-registry/) - * [Discovery](/consumer/discovery/) - + [Consul](/consumer/consul-discovery/) - + [Zookeeper](/consumer/zookeeper-discovery/) - * [SPA and Mobile](/consumer/spa-mobile/) -- [Load Balance](/consumer/load-balance/) - * [Round Robin](/consumer/round-robin/) - * [Local First](/consumer/local-first/) - * [Consistent Hash](/consumer/consistent-hash/) -- [Light Router](/consumer/light-router/) - * [Use Cases](/consumer/router-use-case/) - * [Location and Ownership](/service/router/location-ownership/) -- [Single Page Application](/consumer/spa/) - * [React](/consumer/react/) - * [React-schema-form](/consumer/react-schema-form/) - * [Vue](/consumer/vue/) - * [Angular](/consumer/angular/) +Light means light-weight, lighting fast and shed light on how to program with modern Java SE. diff --git a/content/pt-br/consumer/_index.md b/content/pt-br/consumer/_index.md new file mode 100644 index 00000000..0d121be9 --- /dev/null +++ b/content/pt-br/consumer/_index.md @@ -0,0 +1,71 @@ +--- +title: "Consumidor de serviço" +date: 2019-04-27T13:37:28-03:00 +description: "" +categories: [] +keywords: [] +menu: + docs: + parent: "consumer" + weight: 1 +weight: 1 +aliases: [] +toc: false +draft: true +--- + +Maioria dessas seções neste site são como construir, implantar e gerenciar serviços. +Esta seção discutirá arquitetura de microserviços e melhores práticas da perspectiva do consumidor. + +Ao contrário de monolitos web services JavaEE com somente um cliente e um servidor, há muitos microserviços +envolvidos em uma requisição externa e é muito importante a latência geral na eficiência na comunicação cliente e servidor. + +A definição de cliente vs servidor ou consumidor vs provedor é ofuscada como um serviço que pode ser o servidor para um outro serviço +e ao mesmo tempo isto pode ser um cliente para outro serviço. + +O menu abaixo contém arquitetura, design e melhores práticas: + +- [Client Module](/consumer/client-module/) + * [Which Jar Files](/consumer/jar-files/) + * [TLS Connection](/consumer/tls-connection/) + * [HTTP 2.0](/consumer/http2/) + * [Security](/architecture/security/) + + [Subject Token](/consumer/subject-token/) + + [Access Token](/consumer/access-token/) + + [Customized Grant Type](/consumer/customized-grant/) + + [Get Token in Startup](/consumer/token-startup/) + + [Long Lived Token](/consumer/long-lived-token/) + + [Key Distribution](/architecture/key-distribution/) + + [Secret Encryption](/consumer/secret-encryption/) + + [SPA Stateful](/consumer/spa-session-jwt/) + + [SPA Stateless](/consumer/spa-cookie-jwt/) + + [SPA CSRF Prevention](/consumer/spa-csrf/) + + [SPA XSS Prevention](/consumer/spa-xss/) + + [SPA BFF](/consumer/spa-bff/) + * [Traceability](/consumer/traceability/) + + [Traceability Id](/consumer/traceability-id/) + + [Correlation Id](/consumer/correlation-id/) + * [Circuit Breaker](/consumer/circuit-breaker/) + * [CompletableFuture](/consumer/completable-future/) +- [light-consumer-4j](/consumer/light-consumer-4j/) +- [Service Discovery](/consumer/service-discovery/) + * [Registry](/consumer/registry/) + + [Standalone](/consumer/standalone-registry/) + + [Docker](/consumer/docker-registry/) + + [Kubernetes](/consumer/kubernetes-registry/) + * [Discovery](/consumer/discovery/) + + [Consul](/consumer/consul-discovery/) + + [Zookeeper](/consumer/zookeeper-discovery/) + * [SPA and Mobile](/consumer/spa-mobile/) +- [Load Balance](/consumer/load-balance/) + * [Round Robin](/consumer/round-robin/) + * [Local First](/consumer/local-first/) + * [Consistent Hash](/consumer/consistent-hash/) +- [Light Router](/consumer/light-router/) + * [Use Cases](/consumer/router-use-case/) + * [Location and Ownership](/service/router/location-ownership/) +- [Single Page Application](/consumer/spa/) + * [React](/consumer/react/) + * [React-schema-form](/consumer/react-schema-form/) + * [Vue](/consumer/vue/) + * [Angular](/consumer/angular/) diff --git a/content/pt-br/consumer/circuit-breaker.md b/content/pt-br/consumer/circuit-breaker.md new file mode 100644 index 00000000..9b173d2f --- /dev/null +++ b/content/pt-br/consumer/circuit-breaker.md @@ -0,0 +1,28 @@ +--- +title: "Circuit Breaker" +date: 2019-04-25T14:58:19-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +Circuit breaker pode ser utilizado através do método Http2Client::getRequestService, isto utiliza uma requisição envolvida por um produtor de java.util.concurrent.CompletableFuture, ou seja, toda vez que executa CircuitBreaker::call, cria uma nova requisição e executa a requisição. + +Há uma configuração específica no client.yml, exemplo: + +```yml +request: + errorThreshold: 5 + timeout: 3000 + resetTimeout: 600000 +``` + +* errorThreshold: quantidade de errors de timeout antes de mudar o estado de aberto (valor padrão: 5). +* timeout: quantidade de tempo em milisegundos para esperar pela resposta de uma requisição (valor padrão: 5000) +* resetTimeout: quantidade de tempo em milisegundos para manter estado aberto antes de mudar para meio aberto (valor padrão: 60000). + +se não é provido um valor para qualquer parâmetro, é adotado valor padrão. \ No newline at end of file From b11e200534d742a1b71fdb30a4837c4ae355b3ea Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Sun, 5 May 2019 11:33:42 -0300 Subject: [PATCH 04/11] improves pt-br translation --- content/pt-br/consumer/_index.md | 38 ++++++++++++++++---------------- 1 file changed, 19 insertions(+), 19 deletions(-) diff --git a/content/pt-br/consumer/_index.md b/content/pt-br/consumer/_index.md index 0d121be9..24d3d149 100644 --- a/content/pt-br/consumer/_index.md +++ b/content/pt-br/consumer/_index.md @@ -25,26 +25,26 @@ e ao mesmo tempo isto pode ser um cliente para outro serviço. O menu abaixo contém arquitetura, design e melhores práticas: -- [Client Module](/consumer/client-module/) - * [Which Jar Files](/consumer/jar-files/) - * [TLS Connection](/consumer/tls-connection/) +- [Módulo cliente](/consumer/client-module/) + * [Arquivos jar](/consumer/jar-files/) + * [Conexão TLS](/consumer/tls-connection/) * [HTTP 2.0](/consumer/http2/) - * [Security](/architecture/security/) - + [Subject Token](/consumer/subject-token/) - + [Access Token](/consumer/access-token/) - + [Customized Grant Type](/consumer/customized-grant/) - + [Get Token in Startup](/consumer/token-startup/) - + [Long Lived Token](/consumer/long-lived-token/) - + [Key Distribution](/architecture/key-distribution/) - + [Secret Encryption](/consumer/secret-encryption/) + * [Segurança](/architecture/security/) + + [Token de entidade](/consumer/subject-token/) + + [Token de acesso](/consumer/access-token/) + + [Tipo de concessão personalizado](/consumer/customized-grant/) + + [Obter token no Startup](/consumer/token-startup/) + + [Token de longa duração](/consumer/long-lived-token/) + + [Distribuição de chave](/architecture/key-distribution/) + + [Criptografia secreta](/consumer/secret-encryption/) + [SPA Stateful](/consumer/spa-session-jwt/) + [SPA Stateless](/consumer/spa-cookie-jwt/) - + [SPA CSRF Prevention](/consumer/spa-csrf/) - + [SPA XSS Prevention](/consumer/spa-xss/) + + [SPA prevenção de CSRF](/consumer/spa-csrf/) + + [SPA prevença de XSS](/consumer/spa-xss/) + [SPA BFF](/consumer/spa-bff/) - * [Traceability](/consumer/traceability/) - + [Traceability Id](/consumer/traceability-id/) - + [Correlation Id](/consumer/correlation-id/) + * [Rastreabilidade](/consumer/traceability/) + + [Id da Rastreabilidade](/consumer/traceability-id/) + + [Id de correlação](/consumer/correlation-id/) * [Circuit Breaker](/consumer/circuit-breaker/) * [CompletableFuture](/consumer/completable-future/) - [light-consumer-4j](/consumer/light-consumer-4j/) @@ -56,14 +56,14 @@ O menu abaixo contém arquitetura, design e melhores práticas: * [Discovery](/consumer/discovery/) + [Consul](/consumer/consul-discovery/) + [Zookeeper](/consumer/zookeeper-discovery/) - * [SPA and Mobile](/consumer/spa-mobile/) + * [SPA e móvel](/consumer/spa-mobile/) - [Load Balance](/consumer/load-balance/) * [Round Robin](/consumer/round-robin/) * [Local First](/consumer/local-first/) * [Consistent Hash](/consumer/consistent-hash/) - [Light Router](/consumer/light-router/) - * [Use Cases](/consumer/router-use-case/) - * [Location and Ownership](/service/router/location-ownership/) + * [Casos de uso](/consumer/router-use-case/) + * [localização e propriedade](/service/router/location-ownership/) - [Single Page Application](/consumer/spa/) * [React](/consumer/react/) * [React-schema-form](/consumer/react-schema-form/) From 9351c72b107df7a9b0a660a8c250968f4a7a6f6d Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Sun, 5 May 2019 11:48:57 -0300 Subject: [PATCH 05/11] improves pt-br translation --- content/pt-br/consumer/_index.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/content/pt-br/consumer/_index.md b/content/pt-br/consumer/_index.md index 24d3d149..5c08889e 100644 --- a/content/pt-br/consumer/_index.md +++ b/content/pt-br/consumer/_index.md @@ -63,7 +63,7 @@ O menu abaixo contém arquitetura, design e melhores práticas: * [Consistent Hash](/consumer/consistent-hash/) - [Light Router](/consumer/light-router/) * [Casos de uso](/consumer/router-use-case/) - * [localização e propriedade](/service/router/location-ownership/) + * [Localização e propriedade](/service/router/location-ownership/) - [Single Page Application](/consumer/spa/) * [React](/consumer/react/) * [React-schema-form](/consumer/react-schema-form/) From d146791bf6c5cd4d71425a2f4120a7173ca98803 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Sun, 5 May 2019 11:56:05 -0300 Subject: [PATCH 06/11] Merged --- content/en/consumer/circuit-breaker.md | 12 +++++++----- content/en/service/consul/_index.md | 1 + content/en/tutorial/portal/_index.md | 2 ++ 3 files changed, 10 insertions(+), 5 deletions(-) diff --git a/content/en/consumer/circuit-breaker.md b/content/en/consumer/circuit-breaker.md index c87040a6..27482a63 100644 --- a/content/en/consumer/circuit-breaker.md +++ b/content/en/consumer/circuit-breaker.md @@ -8,9 +8,10 @@ slug: "" aliases: [] toc: false draft: false +reviewed: true --- -Circuit breaker can be used through Http2Client::getRequestService method, it uses a request wrapped by java.util.concurrent.CompletableFuture producer, in other words, whenever execute CircuitBreaker::call, it create a new request and execute it. +The circuit breaker can be used through Http2Client::getRequestService method, it uses a request wrapped by java.util.concurrent.CompletableFuture producer, in other words, whenever to execute CircuitBreaker::call, it creates a new request and executes it. There is a specifc configuration on client.yml, e.g.: @@ -21,8 +22,9 @@ request: resetTimeout: 600000 ``` -* errorThreshold: amount of timeout errors before change state for open (default value: 5). -* timeout: amount of time in milliseconds for wait for response of a request (default value: 3000). -* resetTimeout: amount of time in milliseconds for keep state open before change for half open (default value: 600000). +* errorThreshold: the number of timeout errors before change state for open (default value: 5). +* timeout: the amount of time in milliseconds for wait for the response of a request (default value: 3000). +* resetTimeout: the amount of time in milliseconds to keep state open before the change for half open (default value: 600000). + +Whether it is not provided a value for any parameter, is adopted default value. -whether is not provided a value for any parameter, is adoted default value. \ No newline at end of file diff --git a/content/en/service/consul/_index.md b/content/en/service/consul/_index.md index d5044ef5..1f09d5f8 100644 --- a/content/en/service/consul/_index.md +++ b/content/en/service/consul/_index.md @@ -15,5 +15,6 @@ There are numeric options for service registry and discovery in the light platfo For production, the deployment is more complicated. If you have multiple data centers, you'd better use the enterprise edition and let HashiCorp install it. For simple cloud deployment, you can follow the [consul tutorial] to install a three nodes cluster. When using the light platform, there is no need to install the agent to the service host. A three nodes cluster of Consul server would be enough to support hundreds or thousands of service instances. +[consul checklist]: /tool/consul/checklist/ [discovery tutorial]: /tutorial/common/discovery/consul/ [consul tutorial]: /tool/consul/cluster-install/ diff --git a/content/en/tutorial/portal/_index.md b/content/en/tutorial/portal/_index.md index 64076440..e848c63e 100644 --- a/content/en/tutorial/portal/_index.md +++ b/content/en/tutorial/portal/_index.md @@ -23,6 +23,7 @@ Most services for portal can be found in the [light-portal][] repository on gith * [light-bot portal build][] - Build portal services with light-bot * [start portal service][] - Start both command side and query side portal services +* [start local light-router][] - Start light-router instance for service discovery and UI. ### Command Services: @@ -45,3 +46,4 @@ Most services for portal can be found in the [light-portal][] repository on gith [view]: https://github.com/networknt/light-portal/tree/master/view [light-config-test]: https://github.com/networknt/light-config-test/tree/master/light-router/light-portal/lightapi [portal view]: /tutorial/portal/view/ +[start local light-router]: /tutorial/portal/local-router/ From 09e78a652c81c37df8722a1aa5a93aa2a9667610 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Sun, 5 May 2019 11:56:05 -0300 Subject: [PATCH 07/11] Merged --- content/en/consumer/circuit-breaker.md | 12 +- content/en/service/consul/_index.md | 1 + content/en/service/consul/checklist.md | 51 ++++++ content/en/tutorial/portal/_index.md | 2 + .../en/tutorial/portal/local-router/_index.md | 23 +++ .../portal/local-router/deploy-view.md | 13 ++ .../portal/local-router/light-oauth2.md | 162 ++++++++++++++++++ .../portal/local-router/light-router.md | 102 +++++++++++ .../portal/local-router/portal-view.md | 64 +++++++ .../local-router/prepare-environment.md | 59 +++++++ .../portal/local-router/start-consul.md | 46 +++++ content/pt-br/consumer/access-token.md | 26 +++ content/pt-br/consumer/angular.md | 17 ++ 13 files changed, 573 insertions(+), 5 deletions(-) create mode 100644 content/en/service/consul/checklist.md create mode 100644 content/en/tutorial/portal/local-router/_index.md create mode 100644 content/en/tutorial/portal/local-router/deploy-view.md create mode 100644 content/en/tutorial/portal/local-router/light-oauth2.md create mode 100644 content/en/tutorial/portal/local-router/light-router.md create mode 100644 content/en/tutorial/portal/local-router/portal-view.md create mode 100644 content/en/tutorial/portal/local-router/prepare-environment.md create mode 100644 content/en/tutorial/portal/local-router/start-consul.md create mode 100644 content/pt-br/consumer/access-token.md create mode 100644 content/pt-br/consumer/angular.md diff --git a/content/en/consumer/circuit-breaker.md b/content/en/consumer/circuit-breaker.md index c87040a6..27482a63 100644 --- a/content/en/consumer/circuit-breaker.md +++ b/content/en/consumer/circuit-breaker.md @@ -8,9 +8,10 @@ slug: "" aliases: [] toc: false draft: false +reviewed: true --- -Circuit breaker can be used through Http2Client::getRequestService method, it uses a request wrapped by java.util.concurrent.CompletableFuture producer, in other words, whenever execute CircuitBreaker::call, it create a new request and execute it. +The circuit breaker can be used through Http2Client::getRequestService method, it uses a request wrapped by java.util.concurrent.CompletableFuture producer, in other words, whenever to execute CircuitBreaker::call, it creates a new request and executes it. There is a specifc configuration on client.yml, e.g.: @@ -21,8 +22,9 @@ request: resetTimeout: 600000 ``` -* errorThreshold: amount of timeout errors before change state for open (default value: 5). -* timeout: amount of time in milliseconds for wait for response of a request (default value: 3000). -* resetTimeout: amount of time in milliseconds for keep state open before change for half open (default value: 600000). +* errorThreshold: the number of timeout errors before change state for open (default value: 5). +* timeout: the amount of time in milliseconds for wait for the response of a request (default value: 3000). +* resetTimeout: the amount of time in milliseconds to keep state open before the change for half open (default value: 600000). + +Whether it is not provided a value for any parameter, is adopted default value. -whether is not provided a value for any parameter, is adoted default value. \ No newline at end of file diff --git a/content/en/service/consul/_index.md b/content/en/service/consul/_index.md index d5044ef5..1f09d5f8 100644 --- a/content/en/service/consul/_index.md +++ b/content/en/service/consul/_index.md @@ -15,5 +15,6 @@ There are numeric options for service registry and discovery in the light platfo For production, the deployment is more complicated. If you have multiple data centers, you'd better use the enterprise edition and let HashiCorp install it. For simple cloud deployment, you can follow the [consul tutorial] to install a three nodes cluster. When using the light platform, there is no need to install the agent to the service host. A three nodes cluster of Consul server would be enough to support hundreds or thousands of service instances. +[consul checklist]: /tool/consul/checklist/ [discovery tutorial]: /tutorial/common/discovery/consul/ [consul tutorial]: /tool/consul/cluster-install/ diff --git a/content/en/service/consul/checklist.md b/content/en/service/consul/checklist.md new file mode 100644 index 00000000..48efc79c --- /dev/null +++ b/content/en/service/consul/checklist.md @@ -0,0 +1,51 @@ +--- +title: "Consul Registry Checklist" +date: 2019-04-28T23:46:04-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +When you are using Consul for service registry and discovery, the following configuration updates need to be done to connect to the consul cluster. + +* client.truststore and client.keystore + +The Consul certificate needs to be imported into the client.truststore. + +* client.yml + +If the consul cluster doesn't have a domain name, you need to set the verifyHostname to false + +* consul.yml + +update the consulUrl and other parameters. User httpCheck if possible. + +* secret.yml + +make sure that the consul token is in this file. + +* server.yml + +enableRegisty to true. If dynamicPort is true, you need to specify minPort and MaxPort + +* service.yml + +add the section for consul registry + +* docker-compose + +make sure that host network is used and DOCKER_HOST_IP is passed in. + +* handler.yml + +If httpCheck is used, you may need to update the handler.yml to add health/{serviceId} endpoint. + +* If httpCheck is used, make sure that you have firewall open for the port + +* If host network is used, all references in for the docker service need to be changed to a real IP address instead of the service name. + diff --git a/content/en/tutorial/portal/_index.md b/content/en/tutorial/portal/_index.md index 64076440..e848c63e 100644 --- a/content/en/tutorial/portal/_index.md +++ b/content/en/tutorial/portal/_index.md @@ -23,6 +23,7 @@ Most services for portal can be found in the [light-portal][] repository on gith * [light-bot portal build][] - Build portal services with light-bot * [start portal service][] - Start both command side and query side portal services +* [start local light-router][] - Start light-router instance for service discovery and UI. ### Command Services: @@ -45,3 +46,4 @@ Most services for portal can be found in the [light-portal][] repository on gith [view]: https://github.com/networknt/light-portal/tree/master/view [light-config-test]: https://github.com/networknt/light-config-test/tree/master/light-router/light-portal/lightapi [portal view]: /tutorial/portal/view/ +[start local light-router]: /tutorial/portal/local-router/ diff --git a/content/en/tutorial/portal/local-router/_index.md b/content/en/tutorial/portal/local-router/_index.md new file mode 100644 index 00000000..99650684 --- /dev/null +++ b/content/en/tutorial/portal/local-router/_index.md @@ -0,0 +1,23 @@ +--- +title: "Local Portal Light-Router" +date: 2019-04-30T08:33:04-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +We now have some users who want to work on the light-portal to add more services and customize the UI to meet their requirements. In this tutorial, we are going to explore how to get the light-portal services started and exposed from light-router. With all the services available locally, we are going to demo how to use the proxy in React SPA to build UI with hot reload. In addition, we are going to show how to build and deploy the developed SPA to the router instance so that CORS can be avoided and maximize the performance. + +This tutorial helps users to learn how to set up production like environment locally and how each component interact with each other to form an ecosystem. It provides an option for you to deploy these open source services on the cloud if you want to leverage them for your organization. + +* [Prepare Environment](/tutorial/portal/local-router/prepare-environment/) +* [Start Consul](/tutorial/portal/local-router/start-consul/) +* [Start light-oauth2](/tutorial/portal/local-router/light-oauth2/) +* [Start light-router](/tutorial/portal/local-router/light-router/) +* [Portal View](/tutorial/portal/local-router/portal-view/) +* [Deploy View](/tutorial/portal/local-router/deploy-view/) diff --git a/content/en/tutorial/portal/local-router/deploy-view.md b/content/en/tutorial/portal/local-router/deploy-view.md new file mode 100644 index 00000000..76e53d33 --- /dev/null +++ b/content/en/tutorial/portal/local-router/deploy-view.md @@ -0,0 +1,13 @@ +--- +title: "Deploy Portal View" +date: 2019-05-02T11:26:43-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +To be written \ No newline at end of file diff --git a/content/en/tutorial/portal/local-router/light-oauth2.md b/content/en/tutorial/portal/local-router/light-oauth2.md new file mode 100644 index 00000000..15aa00b2 --- /dev/null +++ b/content/en/tutorial/portal/local-router/light-oauth2.md @@ -0,0 +1,162 @@ +--- +title: "Light OAuth 2.0 Services" +date: 2019-04-30T16:06:17-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +In the previous step, we have [started the consul][] server locally, now let's start the light-oauth2 services as they are part of the portal. We will start more services later on, but here we use the light-oauth2 services to demo the process. + +We cannot use the docker-compose-oauth2-mysql.yml in light-docker as the configuration there are not using consul registry. To use the consul registry and discovery, all services should be bound to the host network instead of docker network. + +To use the consul registry, I have created another folder in the light-config-test repository. The docker-compose file and configuration files are copied from the light-docker. + + +``` +cd ~/networknt/light-config-test/light-oauth2/local-consul +docker-compose up -d +``` + +If this is the first time you start the docker-compose, it will take a while to download all images. Once all service is up, go to the consul UI again to check if all services are registered. + +``` +http://lightapi.net:8500/ui/dc1/services?status=passing +``` + +You should find 7 services registered on the consul, and they are all healthy. + +The light-oauth/local-consul config files are copied from the light-docker/light-oauth2/mysql with the following modifications. + +### client.yml + +Add client.yml, client.keystore, and client.truststore to the config folder so that the client module can be used to connect to the local consul server. + +There is no need to add these files as we are not using TLS to connect to consul; however, it is always a good idea to add these files in case we move to the official test environment with a Consul cluster only offer HTTP/S connection. + +### secret.yml + +In this file, we need to add the consulToken that match the master token used in the consul contain. + +``` +consulToken: the_one_ring +``` + +### server.yml + +In this config file, we need to change the enableRegistry to true. Since all light-oauth2 services have their port numbers allocated, we don't need `dynamicPort` to be enabled. + +``` +enableRegistry: true +``` + +### service.yml + +We need to add the section for the registry, load balance, and cluster support at the beginning of the file. + +``` +- com.networknt.registry.URL: + - com.networknt.registry.URLImpl: + protocol: light + host: localhost + port: 8080 + path: consul + parameters: + registryRetryPeriod: '30000' +- com.networknt.consul.client.ConsulClient: + - com.networknt.consul.client.ConsulClientImpl +- com.networknt.registry.Registry: + - com.networknt.consul.ConsulRegistry +- com.networknt.balance.LoadBalance: + - com.networknt.balance.RoundRobinLoadBalance +- com.networknt.cluster.Cluster: + - com.networknt.cluster.LightCluster + +``` + +For all services, it needs to connect to the MySQL database. Let's update the jdbcUrl with lightapi.net as the hostname. + +``` +- javax.sql.DataSource: + - com.zaxxer.hikari.HikariDataSource: + jdbcUrl: jdbc:mysql://lightapi.net:3306/oauth2?useSSL=false&disableMariaDbDriver + username: mysqluser + password: mysqlpw + maximumPoolSize: 2 + useServerPrepStmts: true + cachePrepStmts: true + cacheCallableStmts: true + prepStmtCacheSize: 4096 + prepStmtCacheSqlLimit: 2048 + +``` + +### consul.yml + +We also need to create a new file to specify the parameters for ConsulClient. + +``` +# Consul URL for accessing APIs +consulUrl: http://lightapi.net:8500 +# number of requests before reset the shared connection. +maxReqPerConn: 1000000 +# deregister the service after the amount of time after health check failed. +deregisterAfter: 2m +# health check interval for TCP or HTTP check. Or it will be the TTL for TTL check. Every 10 seconds, +# TCP or HTTP check request will be sent. Or if there is no heart beat request from service after 10 seconds, +# then mark the service is critical. +checkInterval: 10s +# One of the following health check approach will be selected. Two passive (TCP and HTTP) and one active (TTL) +# enable health check TCP. Ping the IP/port to ensure that the service is up. This should be used for most of +# the services with simple dependencies. If the port is open on the address, it indicates that the service is up. +tcpCheck: false +# enable health check HTTP. A http get request will be sent to the service to ensure that 200 response status is +# coming back. This is suitable for service that depending on database or other infrastructure services. You should +# implement a customized health check handler that checks dependencies. i.e. if db is down, return status 400. +httpCheck: true +# enable health check TTL. When this is enabled, Consul won't actively check your service to ensure it is healthy, +# but your service will call check endpoint with heart beat to indicate it is alive. This requires that the service +# is built on top of light-4j and the above options are not available. For example, your service is behind NAT. +ttlCheck: false +# endpoints that support blocking will also honor a wait parameter specifying a maximum duration for the blocking request. +# This is limited to 10 minutes.This value can be specified in the form of "10s" or "5m" (i.e., 10 seconds or 5 minutes, +# respectively). +wait: 600s +``` + +Here you can see that we are using lightapi.net as the hostname in the `consulUrl` and `httpCheck` is set to true. + +### docker-compose.yml + +We need to update the copied docker-compose.yml to switch to the host network. + +Here is one of the services. + + +``` + oauth2-token: + image: networknt/oauth2-token + ports: + - "6882:6882" + volumes: + - ./light-oauth2/mysql/config/oauth2-token:/config + environment: + - STATUS_HOST_IP=lightapi.net + network_mode: host + depends_on: + - mysqldb +``` + +The network mode is set as `host` and a new environment variable is added to map the `STATUS_HOST_IP` to `lightapi.net`. + +For the source code of the docker-compose and config files, please visit https://github.com/networknt/light-config-test/tree/master/light-oauth2/local-consul + +In the next step, we are going to [start the router][] instance to serve the SPA and proxy the request from the SPA to light-oauth2 services. + +[started the consul]: /tutorial/portal/local-router/start-consul/ +[start the router]: /tutorial/portal/local-router/light-router/ diff --git a/content/en/tutorial/portal/local-router/light-router.md b/content/en/tutorial/portal/local-router/light-router.md new file mode 100644 index 00000000..a4beb837 --- /dev/null +++ b/content/en/tutorial/portal/local-router/light-router.md @@ -0,0 +1,102 @@ +--- +title: "Start Local Light Router" +date: 2019-05-01T15:38:25-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +In the previous step, we have [started the light-oauth2][] services locally. Now let's start the light-router instance to be responsible for service discovery and serving the resources later. + +For development, we are going to use the proxy from the create-react-app to connect to the light-router for all API accesses. Once the development is done, the SPA application will be built and copied to a folder named lightapi which match the domain lightapi.net + +To start the local light-router instance, we are going to use a docker-compose. + +``` +cd ~/networknt/light-config-test/light-router/local-portal +docker-compose up -d +``` + +The above commands will start a light-router container, and it will listen to port 8443. The local-portal folder above is almost identical as light-portal in the same parent folder with the following modifications. + +### client.yml + +As we are starting the light-oauth2 services with Docker containers without Let's Encrypt certificates that match the domain names. In the light-router configuration folder, we need to update the client.yml to disable the `verfyHostname`. + +``` +verifyHostname: false +``` + +### consul.yml + +The `consulUrl` is changed from the static IP to the lightapi.net host and switched from `https` to `http`. + +``` +consulUrl: http://lightapi.net:8500 +``` + +### docker-compose.yml + +In the docker-compose.yml, we are going to map port 443 to container port 8443. In a production deployment, we usually use `iptables` to map the ports instead of exposing 443 from the Docker. + +``` +version: '2' + +services: + + light-router: + image: networknt/light-router:latest + networks: + - localnet + ports: + - 443:8443 + volumes: + - ./config:/config + - ./faucet/build:/faucet/build + - ./webclient/build:/webclient/build + - ./lightapi/build:/lightapi/build + - ./taiji/build:/taiji/build + +# +# Networks +# +networks: + localnet: + # driver: bridge + external: true + +``` + +After the router instance is started, you should have access to the virtual host site https://lightapi.net + +### Test + +To ensure that the light-oauth2 APIs can be accessed from the router, let's test with light-oauth2 client service. + +Calling the client service directly. + +``` +curl -k https://lightapi.net:6884/oauth2/client?page=1 +``` + +Calling the client service through light-router. + +``` +curl -k https://lightapi.net/oauth2/client?page=1 +``` + +Both above commands should have the same response. + +``` +[{"clientId":"f7d42348-c647-4efb-a52d-4c5787421e72","clientSecret":null,"clientType":"public","clientProfile":"mobile","clientName":"PetStore Web Server","clientDesc":"PetStore Web Server that calls PetStore API","ownerId":"admin","scope":"petstore.r petstore.w","customClaim":"{\"c1\": \"361\", \"c2\": \"67\"}","redirectUri":"http://localhost:8080/authorization","authenticateClass":null,"derefClientId":null}] +``` + +At this moment, all backend services are up and running. Let's [start portal view][] SPA from the light-portal repository in the next step. + +[started the light-oauth2]: /tutorial/portal/local-router/light-oauth2/ +[start portal view]: /tutorial/portal/local-router/portal-view/ diff --git a/content/en/tutorial/portal/local-router/portal-view.md b/content/en/tutorial/portal/local-router/portal-view.md new file mode 100644 index 00000000..eac458de --- /dev/null +++ b/content/en/tutorial/portal/local-router/portal-view.md @@ -0,0 +1,64 @@ +--- +title: "Portal View" +date: 2019-05-01T16:35:49-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +In the previous step, we have [started the light-router][] instance for the local portal. It listens 443 for the host lightapi.net + +In this step, we are going to explore the lightapi.net UI implementation with a focus on the light-oauth2 view. + +For development, we are going to use a proxy to access APIs through light-router. The light-portal view can be accessed from light-portal/view folder. + +https://github.com/networknt/light-portal/tree/master/view + + +### proxy + +In the src folder, there is a setupProxy.js which contains all the paths for APIs and the target host mapping. + +``` +const proxy = require('http-proxy-middleware'); + +module.exports = function(app) { + app.use(proxy('/portal/command', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/portal/query', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/oauth2/client', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/oauth2/code', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/oauth2/key', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/oauth2/refresh_token', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/oauth2/service', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/oauth2/token', { target: 'https://lightapi.net', secure: false })); + app.use(proxy('/oauth2/user', { target: 'https://lightapi.net', secure: false })); +}; + +``` + +### Start + +If you haven't run the `yarn install` in the view folder, please do so first. + +To start the testing Nodejs server. + +``` +yarn start +``` + +A browser tab will be automatically started, and any code change in the React SPA will be hot loaded by the browser. + +The SPA is connecting to the proxy on port 3000 of the localhost, and all API access is proxied to the https://lightapi.net with the path prefix defined in the above setupProxy.js + +You can now click the OAuth 2 menu on the browser to access the light-oauth2 view. When you change the view source code, it will be reflected immediately on the browser. + +In the next step, we are going to build the view SPA and [deploy][] it to the light-router local instance. When the light-router serves the view, there is no need to have any proxy and the performance of the SPA application will be much better due to the CORS is skipped. + + +[started the light-router]: /tutorial/portal/local-router/light-router/ +[deploy]: /tutorial/portal/local-router/deploy-view/ diff --git a/content/en/tutorial/portal/local-router/prepare-environment.md b/content/en/tutorial/portal/local-router/prepare-environment.md new file mode 100644 index 00000000..92d89f0f --- /dev/null +++ b/content/en/tutorial/portal/local-router/prepare-environment.md @@ -0,0 +1,59 @@ +--- +title: "Prepare Environment" +date: 2019-04-30T08:55:57-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +Before starting portal services locally, we need to make sure that docker is installed. This tutorial is based on Ubuntu Linux, and I am sure that Mac OS should work the same. However, I am not sure that it will work on Windows. It would be great if someone can help to test it on the Windows environment. + +### Check out + +We have docker-compose and config files checked into some repositories on the GitHub.com, and we need to check out these repositories. If you want to make a code change for one of the light-portal services, then you need to check out more repositories and build docker images locally. + +As usual, I am using networknt under my home directory as the workspace. + +``` +cd ~/networknt +git clone https://github.com/networknt/light-docker.git +git clone https://github.com/networknt/light-config-test.git +git clone https://github.com/networknt/light-portal.git +``` + +light-docker contains most commonly used docker compose files and their config files. +light-config-test contains vary config files and script for daily development and test/prod deployment. +light-portal contains the view that is a React SPA to access the services through the router. + + +### /etc/hosts + +When we use the consul for service discovery, we need to use docker host network, and all the services will be bound to the same IP/host with different ports. In order to simplify the service reference and later we can use the domain name to access the SPA from the browser, let's create a hostname lightapi.net in the /etc/hosts to point to the network address. + +First, use the following command to find out your local network IP address. + +``` +ifconfig +``` + +The local IP address is 192.168.1.144 on my desktop. You cannot use the 127.0.0.1 or localhost as they mean local address within a Docker container. + +Now, let's add a line into the /etc/hosts file with `sudo vi /etc/hosts` + +``` +192.168.1.144 lightapi.net +``` + +Note that your local IP address might be different than mine. Please update the above line accordingly. + +In the next step, we are going to [start a consul][] container to mimic a consul cluster on a test/prod environment. + +[start a consul]: /tutorial/portal/local-router/start-consul/ + + + diff --git a/content/en/tutorial/portal/local-router/start-consul.md b/content/en/tutorial/portal/local-router/start-consul.md new file mode 100644 index 00000000..02281e10 --- /dev/null +++ b/content/en/tutorial/portal/local-router/start-consul.md @@ -0,0 +1,46 @@ +--- +title: "Start Consul" +date: 2019-04-30T10:34:26-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +In the previous step, we have the [environment parepared][]. In this step, we are going to start the consul server for other subsequent services to register and discover services. + +All portal services will be registered to the Consul cluster on the official test/prod environment. To make sure that the local dev environment works the same. We are going to start the consul server locally with a docker-compose in the light-docker repository. + +``` +cd ~/networknt/light-docker +docker-compose -f docker-compose-consul.yml +``` + +The above docker-compose starts a container with only one consul node. The docker-compose uses `localnet` as network name for it is a standalone service. All other services should be using the host network to register to the consul instance. + +In the config, we have set the `"acl_master_token":"the_one_ring"` so we need to setup consul-token to `the_one_ring` in the secret.yml for all services. + +After the docker-compose is up, we can go to the UI to check the services on the browser. + +Put the following URL into the address bar of your browser, and you can see there is one service named consul that is health from the Services tab. + +``` +http://localhost:8500 +``` + +As we have added lightapi.net into the /etc/hosts, you can also use the following URL to access the consul UI. + +``` +http://lightapi.net:8500 +``` + +If you want to learn more about the docker-compose-consul.yml, please visit the source code in the local folder or on GitHub at https://github.com/networknt/light-docker/blob/master/docker-compose-consul.yml + +In the next step, we are going to [start the light-oauth2][] services and let them register to the consul instance just started. + +[environment parepared]: /tutorial/portal/local-router/prepare-environment/ +[start the light-oauth2]: /tutorial/portal/local-router/light-oauth2/ diff --git a/content/pt-br/consumer/access-token.md b/content/pt-br/consumer/access-token.md new file mode 100644 index 00000000..ebddacce --- /dev/null +++ b/content/pt-br/consumer/access-token.md @@ -0,0 +1,26 @@ +--- +title: "Access Token" +date: 2018-03-01T21:37:48-05:00 +description: "" +categories: [] +keywords: [] +weight: 60 +aliases: [] +toc: false +draft: false +--- + +Access token é utilizado para invocação de serviço a serviço ou aplicação standalone que invoca um serviço. +Geralmente, este token é recebido de um provedor OAuth2 2.0 através do fluxo de permissionamento de +credenciais do cliente. +O token não tem qualquer informação sobre o usuário mas somente tem client_id para indicar quem é a +aplicação que invocou. + +Access token é muito importante para escopos de serviço que invoca como [Token de entidade][], +na cadeia de invocação não terá escopos para todos os serviços. + +Se access token é somente o token disponível, isso é passado em Authorization header caso contrário, +isso é passado em um X-Scope-Token na requisição. + + +[Token de entidade]: /consumer/subject-token/ diff --git a/content/pt-br/consumer/angular.md b/content/pt-br/consumer/angular.md new file mode 100644 index 00000000..c80c0e21 --- /dev/null +++ b/content/pt-br/consumer/angular.md @@ -0,0 +1,17 @@ +--- +title: "Angular" +date: 2018-12-24T18:27:22-05:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +Junto com React, Angular é outro framework javascript para consturir single page applications, há mutios usuários que tem construído angular SPA e acessa serviços/APIs construído no topo da plataforma light. Quando há múltiplos serviços no backend e esses serviços são implantados na nuvem, +light-router será utilizado como um único ponto de acesso para o SPA. O light-router é também responsável por servir ao SPA para eliminar dependência de C.O.R.S. middleware handler na instância light-router para ganhar melhor performance. + +o seguinte é a lista de projetos open source que utilizam Angular como UI. + From 0307771ea1d7af282b7a3ac84cb1a26610bb1751 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Tue, 7 May 2019 22:48:20 -0300 Subject: [PATCH 08/11] translation pt-br improved --- content/pt-br/consumer/client-module.md | 36 +++++++++++++++++++++ content/pt-br/consumer/correlation-id.md | 11 +++++++ content/pt-br/consumer/customized-grant.md | 11 +++++++ content/pt-br/consumer/discovery.md | 37 ++++++++++++++++++++++ 4 files changed, 95 insertions(+) create mode 100644 content/pt-br/consumer/client-module.md create mode 100644 content/pt-br/consumer/correlation-id.md create mode 100644 content/pt-br/consumer/customized-grant.md create mode 100644 content/pt-br/consumer/discovery.md diff --git a/content/pt-br/consumer/client-module.md b/content/pt-br/consumer/client-module.md new file mode 100644 index 00000000..4cfe9b3d --- /dev/null +++ b/content/pt-br/consumer/client-module.md @@ -0,0 +1,36 @@ +--- +title: "Módulo Cliente" +date: 2018-03-01T21:33:09-05:00 +description: "" +categories: [] +keywords: [] +weight: 10 +aliases: [] +toc: false +draft: false +--- + +O [módulo cliente][] em light-4j é um componente muito importante na plataforma light para +interações entre cliente para serviço ou serviço para serviço em requisições/respostas sincronas +sobre HTTPS e HTTP2. Microserviços são esperado ter alta performance a baixa latência para +que múltiplos serviços podem ser encadeados juntos para cumprir uma requisição externa. +Isso é porque o módulo cliente é desenhado para conexão direta entre consumidor e provedor com o +HTTP 2.0 sobre conexão TLS cacheado no lado do consumidor para maioria de aplicações de alto rendimento. +Para consumidores de baixo rendimento, a conexão pode ser fechada depois da requisição e reaberta quando +a próxima requisição chega. + +Há muitas funcionalidades no módulo cliente e esses deveriam ser utilizado em certos cenários. +A seguinte seçao mostra como usar o módulo cliente para casos de uso comum e os detalhes é documentado +aqui também. + +- [Conexão TLS](/consumer/tls-connection/) +- [HTTP 2.0](/consumer/http2/) +- [OAuth 2.0 JWT Token](/consumer/oauth2-jwt/) + * [Token de entidade](/consumer/subject-token/) + * [Token de acesso](/consumer/access-token/) + * [Tipo de concessão personalizado](/consumer/customized-grant/) + * [Obter Token no Startup](/consumer/token-startup/) + * [Token de longa duração](/consumer/long-lived-token/) + + +[Módulo cliente]: /concern/client/ \ No newline at end of file diff --git a/content/pt-br/consumer/correlation-id.md b/content/pt-br/consumer/correlation-id.md new file mode 100644 index 00000000..14017778 --- /dev/null +++ b/content/pt-br/consumer/correlation-id.md @@ -0,0 +1,11 @@ +--- +title: "Correlation Id" +date: 2018-03-01T21:39:20-05:00 +description: "" +categories: [] +keywords: [] +weight: 120 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/customized-grant.md b/content/pt-br/consumer/customized-grant.md new file mode 100644 index 00000000..2a9df49c --- /dev/null +++ b/content/pt-br/consumer/customized-grant.md @@ -0,0 +1,11 @@ +--- +title: "Customized Grant" +date: 2018-03-01T21:38:00-05:00 +description: "" +categories: [] +keywords: [] +weight: 70 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/discovery.md b/content/pt-br/consumer/discovery.md new file mode 100644 index 00000000..3aee8215 --- /dev/null +++ b/content/pt-br/consumer/discovery.md @@ -0,0 +1,37 @@ +--- +title: "Descoberta de serviços" +date: 2018-03-01T21:40:21-05:00 +description: "" +categories: [] +keywords: [] +weight: 180 +aliases: [] +toc: false +draft: false +--- +Quando implantar microserviços para um cluster kubernete na nuvem, há nenhum IP estático e número de porta para esses +serviços. Para invocar esses serviços, ou você usa proxies provido por seu fornecedor de cluster kubernetes ou manipula +isso com serviço de registro da plataforma light e descoberta na rede do host. + +Fizemos um teste de desempenho com um de nossos clientes no cluster Openhift e encontramos os seguintes números interessantes com um dos serviços criados sobre o light-rest-4j. + +### Uso de proxies Openshift + +* Taxa de transferência: 2450 +* Latência: 68ms + +### Uso de descoberta de serviço Consul + +* Taxa de transferência: 20000 +* Latência: 6ms + +Como você pode ver, quando os proxies são usados no Openshift, todo o cluster só pode ter um total de aproximadamente 2.500 solicitações por segundo. Imagine que você tenha centenas de serviços compartilhando o mesmo throughput, então cada serviço terá apenas várias solicitações por segundo. + +Acima está a razão pela qual temos que fornecer nosso próprio registro de serviço e descoberta para que nossos serviços possam se comunicar entre si sem passar por qualquer proxy. Isso significa que não precisamos de nenhum salto extra na rede. Como temos conexão direta com o HTTP 2.0 que suporta multiplexação, podemos cachear a conexão por alguns minutos ou várias solicitações para acelerar ainda mais a interação dos serviços. + +### Resumo + +Há vários produtos de código aberto que suportam registro de serviço e descoberta no mercado. Nós implementamos o módulo em light-4j para suportar tanto [Consul] [] quanto [Zookeeper] []. + +[Consul]: /consumer/consul-discovery/ +[Zookeeper]: /consumer/zookeeper-discovery/ From a156946360515e048336721fd482073b3f583c15 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Thu, 9 May 2019 19:37:23 -0300 Subject: [PATCH 09/11] improving pt-br translation --- content/pt-br/consumer/docker-registry.md | 11 ++++ content/pt-br/consumer/http2.md | 69 +++++++++++++++++++++++ content/pt-br/consumer/jar-files.md | 68 ++++++++++++++++++++++ 3 files changed, 148 insertions(+) create mode 100644 content/pt-br/consumer/docker-registry.md create mode 100644 content/pt-br/consumer/http2.md create mode 100644 content/pt-br/consumer/jar-files.md diff --git a/content/pt-br/consumer/docker-registry.md b/content/pt-br/consumer/docker-registry.md new file mode 100644 index 00000000..42b3434c --- /dev/null +++ b/content/pt-br/consumer/docker-registry.md @@ -0,0 +1,11 @@ +--- +title: "Docker Registry" +date: 2018-03-01T21:39:58-05:00 +description: "" +categories: [] +keywords: [] +weight: 160 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/http2.md b/content/pt-br/consumer/http2.md new file mode 100644 index 00000000..0dd34459 --- /dev/null +++ b/content/pt-br/consumer/http2.md @@ -0,0 +1,69 @@ +--- +title: "HTTP 2.0" +date: 2018-03-01T21:37:12-05:00 +description: "" +categories: [] +keywords: [] +weight: 30 +aliases: [] +toc: false +draft: false +--- + +Por padrão, os serviços construídos em cima da plataforma light têm o HTTP 2.0 ativado automaticamente +no light-codegen. O servidor também suporta conexão HTTP 1.1 se o cliente não puder +negociar o HTTP 2.0 com o servidor. + +Existem muitos benefícios com o HTTP 2.0, mas o JDK 8 ou menor não suportam nativamente. Apesar +que existem algumas alternativas, nenhuma delas é uma solução prática. Dada a situação, temos +construído módulo cliente baseado no núcleo Undertow para suporte a HTTP 2.0. + +Segue alguns links a respeito de HTTP 2.0 e HTTP 1.1 + +https://www.pacwebhosting.co.uk/insight/News/NewsItem/View/31/http11-vs-http2-whats-the-difference + +https://imagekit.io/demo/http2-vs-http1 + +https://www.upwork.com/hiring/development/the-http2-protocol-its-pros-cons-and-how-to-start-using-it/ + +### Configuração do servidor + +Para habilitar HTTP 2.0 no lado do servidor, você precisa garantir que enableHttp2 possui o valor true no +arquivo de configuração server.yml. + +Por favor referencie ao [server module] e configuração do server.yml para mais informações. + +### Módulo cliente + +Ao usar o módulo do cliente light-4j para fazer uma solicitação HTTP para o servidor, o HTTP 2.0 não está ativado +por padrão. Você precisa especificar explicitamente que deseja estabelecer uma conexão HTTP 2.0. + +Aqui está o exemplo de código para criar essa conexão: +```java + if(connection == null || !connection.isOpen()) { + try { + connection = client.connect(new URI(apibHost), Http2Client.WORKER, Http2Client.SSL, Http2Client.POOL, OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).get(); + } catch (Exception e) { + logger.error("Exeption:", e); + throw new ClientException(e); + } + } +``` + +A opção abaixo criará uma conexão HTTP 2.0 +```java + +OptionMap.create(UndertowOptions.ENABLE_HTTP2, true) + +``` + +Se você tem certeza de que o serviço é construído em light-4j e o HTTP 2.0 não está desabilitado. Então você deveria +usar o HTTP 2.0 do lado do consumidor para aproveitar a velocidade rápida e multiplexação de conexão única. + +### Outro HTTP cliente java + +A maioria dos clientes HTTP Java não suporta HTTP 2.0 ou você tem que encontrar uma solução alternativa para fazer isso com +bootclasspath jar file por versão do JDK em Java 8. Se você estiver usando o Java 9, então ele tem +suporte para HTTP 2.0; no entanto, nunca foi testado com o framework básico. + +[server module]: /concern/server/ diff --git a/content/pt-br/consumer/jar-files.md b/content/pt-br/consumer/jar-files.md new file mode 100644 index 00000000..30fee104 --- /dev/null +++ b/content/pt-br/consumer/jar-files.md @@ -0,0 +1,68 @@ +--- +title: "Arquivos Jar" +date: 2018-05-07T12:30:59-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +Ao usar o módulo cliente a partir de qualquer aplicativo Java construído sobre o Java 8, mas não na plataforma light, vários módulos precisam ser incluídos juntos para executar várias funções, incluindo solicitação HTTP/2, descoberta de serviço, balanceamento de carga e suporte a cluster. Esses arquivos jar são pequenos e contêm apenas de 2 a 5 classes. A lista a seguir inclui todos os arquivos jar relacionados do Maven Central ao usar o módulo do cliente. + + +Para todos os módulos listados abaixo, há 3 arquivos de configurações que precisa ser externalizado para funcionar, são: + +1. client.yml - Define configuração do cliente e comunicação OAuth 2.0. É apenas utilizado pelo módulo cliente. +2. service.yml - balance, cluster, registry, consul e configuração de decifradora são definidas nesse arquivo. +3. secret.yml - OAuth 2.0 client secret e senha de certificado etc. são definidos neste arquivo para facilitar o gerenciamento de segredos. Todos os secredos podem ser encriptados em texto não claros para ser visto no arquivo de +configuração. + +* [client.jar][] + +É o arquivo jar principal que é responsável por criar uma conexão HTTP/2, enviar solicitações e invocar chamadas de retorno do cliente. Ele também lida com a renovação automática de tokens JWT do provedor do OAuth 2.0 e passa pelo correlationId e traceabilityId. + +* [config.jar][] + +Ele carrega arquivos de configuração dentro do módulo, aplicativo ou diretório externalizado. + +* [balance.jar][] + +É o módulo para lidar com o balanceamento de carga do lado do cliente. Suporta três estratégias integradas: Round Robin, Local First e Consistent Hashing. + +* [cluster.jar][] + +Suporte de cluster no lado do cliente, ele usa o módulo de balanceamento para pegar um candidato (IP e porta) de uma lista de instâncias descobertas. + +* [registry.jar][] + +Ele fornece lógica de descoberta de serviço geral junto com implementações concretas como Consul ou Zookeeper. + +* [consul.jar][] + +É um módulo cliente para a comunicação do agente Consul. + +* [service.jar][] + +Serviço de injeção de dependência que é responsável por conectar todos os outros módulos. + +* [decryptor.jar][] + +É um módulo opcional se você quiser criptografar dados confidenciais dos arquivos de configuração. + +* [common.jar][] + +É um módulo opcional e usado pelo decifrador pelo DecryptUtil.java. + +[client.jar]: /concern/client/ +[config.jar]: /concern/config/ +[balance.jar]: /concern/balance/ +[cluster.jar]: /concern/cluster/ +[registry.jar]: /concern/registry/ +[consul.jar]: /concern/consul/ +[service.jar]: /concern/service/ +[decryptor.jar]: /concern/decryptor/ +[common.jar]: /concern/common/ + From 98f23f4edf98f0fbd6bf12ead6ea5e8f46e840f1 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Thu, 9 May 2019 19:37:23 -0300 Subject: [PATCH 10/11] improving pt-br translation --- content/pt-br/consumer/docker-registry.md | 11 ++ content/pt-br/consumer/http2.md | 69 ++++++++ content/pt-br/consumer/jar-files.md | 68 ++++++++ content/pt-br/consumer/kubernetes-registry.md | 11 ++ content/pt-br/consumer/light-consumer-4j.md | 157 ++++++++++++++++++ content/pt-br/consumer/light-router.md | 11 ++ content/pt-br/consumer/load-balance.md | 11 ++ content/pt-br/consumer/local-first.md | 11 ++ content/pt-br/consumer/long-lived-token.md | 11 ++ content/pt-br/consumer/react-schema-form.md | 18 ++ content/pt-br/consumer/react.md | 18 ++ content/pt-br/consumer/registry.md | 11 ++ content/pt-br/consumer/round-robin.md | 11 ++ content/pt-br/consumer/router-location.md | 11 ++ content/pt-br/consumer/router-use-case.md | 11 ++ content/pt-br/consumer/secret-encryption.md | 107 ++++++++++++ content/pt-br/consumer/service-discovery.md | 11 ++ content/pt-br/consumer/spa-bff.md | 28 ++++ content/pt-br/consumer/spa-csrf.md | 16 ++ content/pt-br/consumer/spa-mobile.md | 43 +++++ content/pt-br/consumer/spa-session-jwt.md | 36 ++++ content/pt-br/consumer/spa-xss.md | 11 ++ content/pt-br/consumer/spa.md | 20 +++ content/pt-br/consumer/standalone-registry.md | 11 ++ content/pt-br/consumer/subject-token.md | 33 ++++ content/pt-br/consumer/tls-connection.md | 81 +++++++++ content/pt-br/consumer/token-startup.md | 11 ++ content/pt-br/consumer/traceability-id.md | 11 ++ content/pt-br/consumer/traceability.md | 11 ++ content/pt-br/consumer/vue.md | 15 ++ content/pt-br/consumer/zookeeper-discovery.md | 16 ++ 31 files changed, 901 insertions(+) create mode 100644 content/pt-br/consumer/docker-registry.md create mode 100644 content/pt-br/consumer/http2.md create mode 100644 content/pt-br/consumer/jar-files.md create mode 100644 content/pt-br/consumer/kubernetes-registry.md create mode 100644 content/pt-br/consumer/light-consumer-4j.md create mode 100644 content/pt-br/consumer/light-router.md create mode 100644 content/pt-br/consumer/load-balance.md create mode 100644 content/pt-br/consumer/local-first.md create mode 100644 content/pt-br/consumer/long-lived-token.md create mode 100644 content/pt-br/consumer/react-schema-form.md create mode 100644 content/pt-br/consumer/react.md create mode 100644 content/pt-br/consumer/registry.md create mode 100644 content/pt-br/consumer/round-robin.md create mode 100644 content/pt-br/consumer/router-location.md create mode 100644 content/pt-br/consumer/router-use-case.md create mode 100644 content/pt-br/consumer/secret-encryption.md create mode 100644 content/pt-br/consumer/service-discovery.md create mode 100644 content/pt-br/consumer/spa-bff.md create mode 100644 content/pt-br/consumer/spa-csrf.md create mode 100644 content/pt-br/consumer/spa-mobile.md create mode 100644 content/pt-br/consumer/spa-session-jwt.md create mode 100644 content/pt-br/consumer/spa-xss.md create mode 100644 content/pt-br/consumer/spa.md create mode 100644 content/pt-br/consumer/standalone-registry.md create mode 100644 content/pt-br/consumer/subject-token.md create mode 100644 content/pt-br/consumer/tls-connection.md create mode 100644 content/pt-br/consumer/token-startup.md create mode 100644 content/pt-br/consumer/traceability-id.md create mode 100644 content/pt-br/consumer/traceability.md create mode 100644 content/pt-br/consumer/vue.md create mode 100644 content/pt-br/consumer/zookeeper-discovery.md diff --git a/content/pt-br/consumer/docker-registry.md b/content/pt-br/consumer/docker-registry.md new file mode 100644 index 00000000..42b3434c --- /dev/null +++ b/content/pt-br/consumer/docker-registry.md @@ -0,0 +1,11 @@ +--- +title: "Docker Registry" +date: 2018-03-01T21:39:58-05:00 +description: "" +categories: [] +keywords: [] +weight: 160 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/http2.md b/content/pt-br/consumer/http2.md new file mode 100644 index 00000000..0dd34459 --- /dev/null +++ b/content/pt-br/consumer/http2.md @@ -0,0 +1,69 @@ +--- +title: "HTTP 2.0" +date: 2018-03-01T21:37:12-05:00 +description: "" +categories: [] +keywords: [] +weight: 30 +aliases: [] +toc: false +draft: false +--- + +Por padrão, os serviços construídos em cima da plataforma light têm o HTTP 2.0 ativado automaticamente +no light-codegen. O servidor também suporta conexão HTTP 1.1 se o cliente não puder +negociar o HTTP 2.0 com o servidor. + +Existem muitos benefícios com o HTTP 2.0, mas o JDK 8 ou menor não suportam nativamente. Apesar +que existem algumas alternativas, nenhuma delas é uma solução prática. Dada a situação, temos +construído módulo cliente baseado no núcleo Undertow para suporte a HTTP 2.0. + +Segue alguns links a respeito de HTTP 2.0 e HTTP 1.1 + +https://www.pacwebhosting.co.uk/insight/News/NewsItem/View/31/http11-vs-http2-whats-the-difference + +https://imagekit.io/demo/http2-vs-http1 + +https://www.upwork.com/hiring/development/the-http2-protocol-its-pros-cons-and-how-to-start-using-it/ + +### Configuração do servidor + +Para habilitar HTTP 2.0 no lado do servidor, você precisa garantir que enableHttp2 possui o valor true no +arquivo de configuração server.yml. + +Por favor referencie ao [server module] e configuração do server.yml para mais informações. + +### Módulo cliente + +Ao usar o módulo do cliente light-4j para fazer uma solicitação HTTP para o servidor, o HTTP 2.0 não está ativado +por padrão. Você precisa especificar explicitamente que deseja estabelecer uma conexão HTTP 2.0. + +Aqui está o exemplo de código para criar essa conexão: +```java + if(connection == null || !connection.isOpen()) { + try { + connection = client.connect(new URI(apibHost), Http2Client.WORKER, Http2Client.SSL, Http2Client.POOL, OptionMap.create(UndertowOptions.ENABLE_HTTP2, true)).get(); + } catch (Exception e) { + logger.error("Exeption:", e); + throw new ClientException(e); + } + } +``` + +A opção abaixo criará uma conexão HTTP 2.0 +```java + +OptionMap.create(UndertowOptions.ENABLE_HTTP2, true) + +``` + +Se você tem certeza de que o serviço é construído em light-4j e o HTTP 2.0 não está desabilitado. Então você deveria +usar o HTTP 2.0 do lado do consumidor para aproveitar a velocidade rápida e multiplexação de conexão única. + +### Outro HTTP cliente java + +A maioria dos clientes HTTP Java não suporta HTTP 2.0 ou você tem que encontrar uma solução alternativa para fazer isso com +bootclasspath jar file por versão do JDK em Java 8. Se você estiver usando o Java 9, então ele tem +suporte para HTTP 2.0; no entanto, nunca foi testado com o framework básico. + +[server module]: /concern/server/ diff --git a/content/pt-br/consumer/jar-files.md b/content/pt-br/consumer/jar-files.md new file mode 100644 index 00000000..30fee104 --- /dev/null +++ b/content/pt-br/consumer/jar-files.md @@ -0,0 +1,68 @@ +--- +title: "Arquivos Jar" +date: 2018-05-07T12:30:59-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +Ao usar o módulo cliente a partir de qualquer aplicativo Java construído sobre o Java 8, mas não na plataforma light, vários módulos precisam ser incluídos juntos para executar várias funções, incluindo solicitação HTTP/2, descoberta de serviço, balanceamento de carga e suporte a cluster. Esses arquivos jar são pequenos e contêm apenas de 2 a 5 classes. A lista a seguir inclui todos os arquivos jar relacionados do Maven Central ao usar o módulo do cliente. + + +Para todos os módulos listados abaixo, há 3 arquivos de configurações que precisa ser externalizado para funcionar, são: + +1. client.yml - Define configuração do cliente e comunicação OAuth 2.0. É apenas utilizado pelo módulo cliente. +2. service.yml - balance, cluster, registry, consul e configuração de decifradora são definidas nesse arquivo. +3. secret.yml - OAuth 2.0 client secret e senha de certificado etc. são definidos neste arquivo para facilitar o gerenciamento de segredos. Todos os secredos podem ser encriptados em texto não claros para ser visto no arquivo de +configuração. + +* [client.jar][] + +É o arquivo jar principal que é responsável por criar uma conexão HTTP/2, enviar solicitações e invocar chamadas de retorno do cliente. Ele também lida com a renovação automática de tokens JWT do provedor do OAuth 2.0 e passa pelo correlationId e traceabilityId. + +* [config.jar][] + +Ele carrega arquivos de configuração dentro do módulo, aplicativo ou diretório externalizado. + +* [balance.jar][] + +É o módulo para lidar com o balanceamento de carga do lado do cliente. Suporta três estratégias integradas: Round Robin, Local First e Consistent Hashing. + +* [cluster.jar][] + +Suporte de cluster no lado do cliente, ele usa o módulo de balanceamento para pegar um candidato (IP e porta) de uma lista de instâncias descobertas. + +* [registry.jar][] + +Ele fornece lógica de descoberta de serviço geral junto com implementações concretas como Consul ou Zookeeper. + +* [consul.jar][] + +É um módulo cliente para a comunicação do agente Consul. + +* [service.jar][] + +Serviço de injeção de dependência que é responsável por conectar todos os outros módulos. + +* [decryptor.jar][] + +É um módulo opcional se você quiser criptografar dados confidenciais dos arquivos de configuração. + +* [common.jar][] + +É um módulo opcional e usado pelo decifrador pelo DecryptUtil.java. + +[client.jar]: /concern/client/ +[config.jar]: /concern/config/ +[balance.jar]: /concern/balance/ +[cluster.jar]: /concern/cluster/ +[registry.jar]: /concern/registry/ +[consul.jar]: /concern/consul/ +[service.jar]: /concern/service/ +[decryptor.jar]: /concern/decryptor/ +[common.jar]: /concern/common/ + diff --git a/content/pt-br/consumer/kubernetes-registry.md b/content/pt-br/consumer/kubernetes-registry.md new file mode 100644 index 00000000..4464c8cd --- /dev/null +++ b/content/pt-br/consumer/kubernetes-registry.md @@ -0,0 +1,11 @@ +--- +title: "Kubernetes Registry" +date: 2018-03-01T21:40:09-05:00 +description: "" +categories: [] +keywords: [] +weight: 170 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/light-consumer-4j.md b/content/pt-br/consumer/light-consumer-4j.md new file mode 100644 index 00000000..aac8d83c --- /dev/null +++ b/content/pt-br/consumer/light-consumer-4j.md @@ -0,0 +1,157 @@ +--- +title: "Light Consumer 4j" +date: 2018-12-05T13:04:18-05:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +# Light Consumer 4j + +Light Consumer 4h é um módulo que ajuda os consumidores (consumers) a integrar-se facilmente com as apis light-4j. +Ele é construído em cima do Http2Client e java8, possui muitos recursos extras, como pool de conexão, etc. +Ele suporta tanto a URL direta quanto a descoberta de serviço (Cônsul) para chamar as APIs. + +### Uso +Adicione a dependência em seu projeto. + +```xml + + com.networknt + light-consumer-4j + 1.5.26 + +``` + +Métodos disponíveis no ClientBuilder + + Future send() // Envia requisição. + + String getServiceUrl() // obtém o serviceUrl resolvido + + disableHttp2() // Desabilita Http2, por padrão isso é habilitado. + + setClientRequest(ClientRequest reg) // set requisição do cliente ao httpClientRequest. + + setRequestBody(String requestBody) // set requestBody ao httpClientRequest. + + setHeaderValue(HttpString headerName,..) // set headerName e headerValue ao httpClientRequest. + + setApiHost(String apiUrl) // set apiUrl em httpClientRequest para chamar api com url direta. + + setConnectionCacheTTLms(long tTLms) // set timeout de connexão de cache. + + setRequestTimeout(TimeoutDef timeout) // set timeout da requisição. + + setConnectionRequestTimeout(TimeoutDef t)// set timeout da conexão de requisição. + + setAuthToken(String authToken) // Set o token de autenticação na requisição. + + getAuthToken() // get token de autenticação + + addCCToken() // adicione o token de acesso no header da requisição e também checa a expiração do token de acesso. + + setServiceDef(ServiceDef serviceDef) // set protocolo, service id, ambiente e requestKey para chamada da API via consul. + + setMaxReqCount(int maxReqCount) // habilita cache de conexão pelo número da requisição. + + + #### Aqui um exemplo de código para chamar a API. + +Chame a API com URL direta: + +Exemplo 1: +``` +Future clientRequest = new HttpClientBuilder() + + //set direct url + .setApiHost("https://localhost:8453") + .setClientRequest(new ClientRequest().setPath("/v1/customers/1").setMethod(Methods.GET)) + .setLatch(new CountDownLatch(1)) + .disableHttp2() + .addCCToken() + .setConnectionRequestTimeout(new TimeoutDef(100, TimeUnit.SECONDS)) + .setRequestTimeout(new TimeoutDef(100, TimeUnit.SECONDS)) + .setRequestBody("") + .setConnectionCacheTTLms(10000) + .setMaxReqCount(5) + .send(); +ClientResponse clientResponse = clientRequest.get(); + +``` +Exemplo 2: + +``` + public static final String CUSTOMERS_URL = "https://localhost:8453"; + private static final String CUSTOMERS_PATH = "/v1/customers/{id}"; + + HttpClientBuilder clientBuilder = new HttpClientBuilder(); + + ClientRequest clientRequest = new ClientRequest().setMethod(Methods.GET) + .setPath(CUSTOMERS_PATH.replace("{id}", id)); + + clientBuilder.setClientRequest(clientRequest); + clientBuilder.setLatch(new CountDownLatch(1)); + if (!Server.config.isEnableHttp2()) { + clientBuilder.disableHttp2(); + } + clientBuilder.setApiHost(CUSTOMERS_URL); + clientBuilder.setConnectionCacheTTLms(20000); + clientBuilder.setMaxReqCount(5) + clientBuilder.setConnectionRequestTimeout(new TimeoutDef(10, TimeUnit.SECONDS)); + Future clientBuilderRequest = clientBuilder.send(); + ClientResponse clientResponse = clientBuilderRequest.get(); +``` + +Chave a API via descoberta de serviço (Consul): + +Exemplo 1: + +``` +Future clientRequest = new HttpClientBuilder() + + //set protocol,service id , environment and requestKey + .setServiceDef(new ServiceDef("https", "training.customers-1.00.00","training", null)) + .setClientRequest(new ClientRequest().setPath("/v1/customers/1").setMethod(Methods.GET)) + .setLatch(new CountDownLatch(1)) + .disableHttp2() + .addCCToken() + .setConnectionRequestTimeout(new TimeoutDef(100, TimeUnit.SECONDS)) + .setRequestTimeout(new TimeoutDef(100, TimeUnit.SECONDS)) + .setRequestBody("") + .setConnectionCacheTTLms(10000) + .setMaxReqCount(5) + .send(); +ClientResponse clientResponse = clientRequest.get(); + +``` +Exemplo 2: + +``` + public static final String CUSTOMERS_SERVICE = "training.customers-1.00.00"; + private static final String CUSTOMERS_PATH = "/v1/customers/{id}"; + + HttpClientBuilder clientBuilder = new HttpClientBuilder(); + + ClientRequest clientRequest = new ClientRequest().setMethod(Methods.GET) + .setPath(CUSTOMERS_PATH.replace("{id}", id)); + + clientBuilder.setClientRequest(clientRequest); + clientBuilder.setLatch(new CountDownLatch(1)); + if (!Server.config.isEnableHttp2()) { + clientBuilder.disableHttp2(); + } + clientBuilder.setServiceDef(new ServiceDef("https", CUSTOMERS_SERVICE, "training", null)); + clientBuilder.setConnectionCacheTTLms(20000); + clientBuilder.setMaxReqCount(5); + clientBuilder.setConnectionRequestTimeout(new TimeoutDef(10, TimeUnit.SECONDS)); + Future clientBuilderRequest = clientBuilder.send(); + ClientResponse clientResponse = clientBuilderRequest.get(); +``` + + + diff --git a/content/pt-br/consumer/light-router.md b/content/pt-br/consumer/light-router.md new file mode 100644 index 00000000..4fcc5207 --- /dev/null +++ b/content/pt-br/consumer/light-router.md @@ -0,0 +1,11 @@ +--- +title: "Light Router" +date: 2018-03-01T21:33:43-05:00 +description: "" +categories: [] +keywords: [] +weight: 250 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/load-balance.md b/content/pt-br/consumer/load-balance.md new file mode 100644 index 00000000..9fb9a592 --- /dev/null +++ b/content/pt-br/consumer/load-balance.md @@ -0,0 +1,11 @@ +--- +title: "Load Balance" +date: 2018-03-01T21:33:34-05:00 +description: "" +categories: [] +keywords: [] +weight: 210 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/local-first.md b/content/pt-br/consumer/local-first.md new file mode 100644 index 00000000..ca8a7382 --- /dev/null +++ b/content/pt-br/consumer/local-first.md @@ -0,0 +1,11 @@ +--- +title: "Local First" +date: 2018-03-01T21:41:09-05:00 +description: "" +categories: [] +keywords: [] +weight: 230 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/long-lived-token.md b/content/pt-br/consumer/long-lived-token.md new file mode 100644 index 00000000..212a202e --- /dev/null +++ b/content/pt-br/consumer/long-lived-token.md @@ -0,0 +1,11 @@ +--- +title: "Long Lived Token" +date: 2018-03-01T21:38:46-05:00 +description: "" +categories: [] +keywords: [] +weight: 90 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/react-schema-form.md b/content/pt-br/consumer/react-schema-form.md new file mode 100644 index 00000000..01408fb3 --- /dev/null +++ b/content/pt-br/consumer/react-schema-form.md @@ -0,0 +1,18 @@ +--- +title: "React Schema Form" +date: 2018-12-24T19:00:30-05:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +[React schema form][] é baseado no esquema JSON para geração e validação de formulários. É uma porta do projeto de formulário de esquema angular usando material-ui para os componentes subjacentes. + +Para a aplicação de exemplo que utiliza react-schema-form, dê uma olhada ao [web-client][] de taiji-blockchain + +[React schema form]: https://github.com/networknt/react-schema-form +[web-client]: https://github.com/taiji-chain/web-client/tree/master/server/view diff --git a/content/pt-br/consumer/react.md b/content/pt-br/consumer/react.md new file mode 100644 index 00000000..92ac6055 --- /dev/null +++ b/content/pt-br/consumer/react.md @@ -0,0 +1,18 @@ +--- +title: "React" +date: 2018-12-24T18:27:16-05:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +React é um dos mais populares bibliotecas Javascript para Single Page Applications, é muito bom na construção de componentes +auto encapsulado. + +Internamente, estamos usando o React para quase todas as interfaces para vários serviços. Para acelerar o desenvolvimento, também desenvolvemos [react-schema-form] [], que pode gerar formulários e lógica para interagir com os serviços de back-end de forma unificada. + +[react-schema-form]: /consumer/react-schema-form/ diff --git a/content/pt-br/consumer/registry.md b/content/pt-br/consumer/registry.md new file mode 100644 index 00000000..785a6068 --- /dev/null +++ b/content/pt-br/consumer/registry.md @@ -0,0 +1,11 @@ +--- +title: "Registry" +date: 2018-03-01T21:39:34-05:00 +description: "" +categories: [] +keywords: [] +weight: 140 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/round-robin.md b/content/pt-br/consumer/round-robin.md new file mode 100644 index 00000000..4b155860 --- /dev/null +++ b/content/pt-br/consumer/round-robin.md @@ -0,0 +1,11 @@ +--- +title: "Round Robin" +date: 2018-03-01T21:41:01-05:00 +description: "" +categories: [] +keywords: [] +weight: 220 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/router-location.md b/content/pt-br/consumer/router-location.md new file mode 100644 index 00000000..3df92329 --- /dev/null +++ b/content/pt-br/consumer/router-location.md @@ -0,0 +1,11 @@ +--- +title: "Router Location" +date: 2018-03-01T21:44:37-05:00 +description: "" +categories: [] +keywords: [] +weight: 270 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/router-use-case.md b/content/pt-br/consumer/router-use-case.md new file mode 100644 index 00000000..9a8ed257 --- /dev/null +++ b/content/pt-br/consumer/router-use-case.md @@ -0,0 +1,11 @@ +--- +title: "Router Use Case" +date: 2018-03-01T21:44:28-05:00 +description: "" +categories: [] +keywords: [] +weight: 260 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/secret-encryption.md b/content/pt-br/consumer/secret-encryption.md new file mode 100644 index 00000000..f35157c4 --- /dev/null +++ b/content/pt-br/consumer/secret-encryption.md @@ -0,0 +1,107 @@ +--- +title: "Secret Encryption" +date: 2018-03-07T21:17:38-05:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +A plataforma Light tem um [decodificador] [] que pode ser injetado no aplicativo para descriptografar códigos criptografados em arquivos de configuração. Existe um utilitário separado que é usado para criptografar o secret.yml ou outros arquivos de configuração que contêm informações confidenciais. + +Da perspectiva do consumidor, somente secret.yml será usado, a menos que o aplicativo cliente esteja tentando usar o +recurso para proteger outros arquivos de configuração específicos do cliente. + +A seguir, um exemplo de secret.yml que pode ser usado junto com keystores client.yml e TLS. + +```yaml +# This file contains all the secrets for the server and client in order to manage and +# secure all of them in the same place. In Kubernetes, this file will be mapped to +# Secrets and all other config files will be mapped to mapConfig + +--- + +# Sever section + +# Key store password, the path of keystore is defined in server.yml +serverKeystorePass: password + +# Key password, the key is in keystore +serverKeyPass: password + +# Trust store password, the path of truststore is defined in server.yml +serverTruststorePass: password + + +# Client section + +# Key store password, the path of keystore is defined in server.yml +clientKeystorePass: password + +# Key password, the key is in keystore +clientKeyPass: password + +# Trust store password, the path of truststore is defined in server.yml +clientTruststorePass: password + +# Authorization code client secret for OAuth2 server +authorizationCodeClientSecret: f6h1FTI8Q3-7UScPZDzfXA + +# Client credentials client secret for OAuth2 server +clientCredentialsClientSecret: f6h1FTI8Q3-7UScPZDzfXA + +# Key distribution client secret for OAuth2 server +keyClientSecret: f6h1FTI8Q3-7UScPZDzfXA + + +# Consul service registry and discovery + +# Consul Token for service registry and discovery +consulToken: token1 + +# EmailSender password default address is noreply@lightapi.net +emailPassword: change-to-real-password + +``` + + +In most of the cases, the following fields are used by the client. + +```yaml + +# Client section + +# Key store password, the path of keystore is defined in server.yml +clientKeystorePass: password + +# Key password, the key is in keystore +clientKeyPass: password + +# Trust store password, the path of truststore is defined in server.yml +clientTruststorePass: password + +# Authorization code client secret for OAuth2 server +authorizationCodeClientSecret: f6h1FTI8Q3-7UScPZDzfXA + +# Client credentials client secret for OAuth2 server +clientCredentialsClientSecret: f6h1FTI8Q3-7UScPZDzfXA + +# Key distribution client secret for OAuth2 server +keyClientSecret: f6h1FTI8Q3-7UScPZDzfXA + + +# Consul service registry and discovery + +# Consul Token for service registry and discovery +consulToken: token1 + +``` + +Para aprender como usar o encriptador e decodificador, por favor, consulte o [tutorial] []. + +[decryptor]: /concern/decryptor/ +[tutorial]: /tutorial/security/encrypt-decrypt/ + diff --git a/content/pt-br/consumer/service-discovery.md b/content/pt-br/consumer/service-discovery.md new file mode 100644 index 00000000..83ffb217 --- /dev/null +++ b/content/pt-br/consumer/service-discovery.md @@ -0,0 +1,11 @@ +--- +title: "Service Discovery" +date: 2018-03-01T21:33:21-05:00 +description: "" +categories: [] +keywords: [] +weight: 130 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/spa-bff.md b/content/pt-br/consumer/spa-bff.md new file mode 100644 index 00000000..4035bea1 --- /dev/null +++ b/content/pt-br/consumer/spa-bff.md @@ -0,0 +1,28 @@ +--- +title: "Single Page App Proxy" +date: 2018-05-13T23:52:10-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +Ao desenvolver o SPA React com uma estrutura do lado do cliente como o React, é aconselhável aproveitar o WebPack hot loader para obter maior produtividade. Isso requer que iniciemos um servidor Nodejs para servir o SPA ao navegador. Quando o SPA está chamando algumas das APIs, os servidores da API podem estar em outro host ou no mesmo host, mas com um número de porta diferente. Para garantir que o aplicativo Javascript precise especificar apenas o caminho relativo sem se preocupar com o host e a porta, precisamos configurar um proxy no arquivo package.json gerado. + +A seguir é um exemplo que nós estamos utilizando para desenvolvimento. + +``` +proxy: { + "/v1": { + target: "https://localhost:8443", + secure: false + } +} +``` +A configuração acima garantirá que todas as solicitações para o caminho /v1 sejam roteadas para o serviço https://localhost:8443. Como o servidor de destino está ouvindo HTTPS, precisamos definir o secure como false se um certificado autoassinado for usado no servidor. + +Para mais informação sobre configuração do proxy, por favor visitar o https://webpack.js.org/configuration/dev-server/ diff --git a/content/pt-br/consumer/spa-csrf.md b/content/pt-br/consumer/spa-csrf.md new file mode 100644 index 00000000..35072db7 --- /dev/null +++ b/content/pt-br/consumer/spa-csrf.md @@ -0,0 +1,16 @@ +--- +title: "SPA CSRF Prevention" +date: 2018-05-22T12:48:01-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +Cross-Site Request Forgery (CSRF) é um tipo de ataque que ocorre quando um site, email, blog, mensagem instantânea ou programa mal-intencionado faz com que o navegador da Web de um usuário execute uma ação indesejada em um site confiável para o qual o usuário está atualmente autenticado. O impacto de um ataque CSRF bem-sucedido é limitado aos recursos expostos pelo aplicativo vulnerável. Por exemplo, esse ataque pode resultar em uma transferência de fundos, alteração de senha ou compra de um item no contexto do usuário. Com efeito, ataques de CSRF são usados por um invasor para fazer com que um sistema de destino execute uma função através do navegador de destino sem o conhecimento do usuário de destino, pelo menos até que a transação não autorizada seja confirmada. + +Os impactos das explorações bem-sucedidas do CSRF variam muito com base nos privilégios de cada vítima. Ao segmentar um usuário normal, um ataque CSRF bem-sucedido pode comprometer os dados do usuário final e suas funções associadas. Se o usuário final direcionado for uma conta de administrador, um ataque de CSRF pode comprometer todo o aplicativo da web. Os sites com maior probabilidade de serem atacados pelo CSRF são sites da comunidade (redes sociais, email) ou sites que possuem contas de alto valor em dólares associados a eles (bancos, corretoras de valores, serviços de pagamento de contas). Utilizando a engenharia social, um invasor pode incorporar códigos maliciosos de HTML ou JavaScript em um email ou site para solicitar uma "URL de tarefa" específica. A tarefa, em seguida, executa com ou sem o conhecimento do usuário, diretamente ou utilizando uma falha Cross-Site Scripting (ex: Samy MySpace Worm). diff --git a/content/pt-br/consumer/spa-mobile.md b/content/pt-br/consumer/spa-mobile.md new file mode 100644 index 00000000..96357c18 --- /dev/null +++ b/content/pt-br/consumer/spa-mobile.md @@ -0,0 +1,43 @@ +--- +title: "SPA and Mobile Discovery" +date: 2018-04-30T19:58:40-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +reviewed: true +--- + +Often, when we discuss service discovery, only web servers, standalone applications and services are mentioned as clients. We seldom discuss single page application running on the browser and mobile application running on the devices as these are not considered to perform service discovery at all. + +In most cases, these applications connect from the Internet to a static load balancer like F5 and then route to several static addressed BFF instances. So even it is capable of performing discovery from SPA or Mobile, there is no need to do so as BFF instances are accessed directly with IP addresses. Moreover, BFF is responsible for discovering microservices running in the cloud with dynamic IP addresses and port numbers. + +The reason we have this kind of architecture is to address security concerns. Our internal services running in the cloud might connecting to databases, repositories or other important backend systems. They should not be accessed from the Internet directly. They reside in the internal network and can only be accessed from BFFs which are running in DMZ. + +These days, the typical design would be an API gateway acts as a BFF which handles all the external requests and performs security filtering. It works with monolithic web services but not for microservices as the single API gateway is the bottleneck and single point of failure. + +When adopting microservices architecture, we need distributed API gateways so that workload can be balanced to different instances specifically designed for each client. These distributed gateways know the client requests much better and handle the security for the client with the OAuth 2.0 provider to shield the complex logic for client developers. Ideally, these distributed gateways should be built as microservices to ensure scalability in the long run. + + +In the light platform, three components can act as a distributed gateway which is known as a BFF. + + +### Existing Web Server + +If your APIs were built on top of the existing web server and cannot migrate to microservices architecture overnight, you can still use your web server as a gateway for services discovery. It requires that the web server is built on Java 8 and up so that the light-4j client module can be utilized to interact with the OAuth 2.0 provider and with Consul for service discovery. If the web server cannot use the embedded client module, light-router can be used. In this design, the web server acts as an aggregator as well, so that one client request might invoke several microservices in the backend. + +### Custom Aggregator + +For brand new client applications, you can build an aggregator on the light-rest-4j or light-graphql-4j framework as a microservice. It can greatly simply the client invocation logic and make the client side developers lives more comfortable. This layer also hides the details of the backend services so that our APIs of backend services will not expose to the Internet directly. + +### Light Router + +With HTTP 2.0 is getting popular, the needs for aggregator is not that important anymore as a client can access multiple services simultaneously without performance penalty. + +This architecture also opens the door for true microservices which means UI and API are fully combined as one service that handles a specific business function. With client-side frameworks like React or React Native, the limitation is your imagination. + + + diff --git a/content/pt-br/consumer/spa-session-jwt.md b/content/pt-br/consumer/spa-session-jwt.md new file mode 100644 index 00000000..7ef47c90 --- /dev/null +++ b/content/pt-br/consumer/spa-session-jwt.md @@ -0,0 +1,36 @@ +--- +title: "SPA Session JWT" +date: 2018-05-01T09:38:00-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +When building Single Page Applications that consume APIs protected by JWT tokens or simple web token, a lot of articles suggest to put the token into local storage on the browser so that the Javascript application can use the token to access APIs directly. **Please don't do that as it is not safe**. + +As the article [stop using localstorage] states, local storage on the browser is not security. It is subject to cross-site scripting attack, and the information can be retrieved by anyone who has access to the browser physically. + +If you need to store sensitive data, you should always use a server-side session. Here's how to do it: + +* When a user logs into your website, create a session identifier for them and store it in a cryptographically signed cookie. If you're using a web framework, look up “how to create a user session using cookies” and follow that guide. + +* Make sure that whatever cookie library your web framework uses is setting the httpOnly cookie flag. This flag makes it impossible for a browser to read any cookies, which is required in order to safely use server-side sessions with cookies. Read [Jeff Atwood's article][] for more information. He's the man. + +* Make sure that your cookie library also sets the SameSite=strict cookie flag (to prevent [CSRF][] attacks), as well as the secure=true flag (to ensure cookies can only be set over an encrypted connection). + +* Each time a user makes a request to your site, use their session ID (extracted from the cookie they send to you) to retrieve their account details from either a database or a cache (depending on how large your website is) + +* Once you have the user's account info pulled up and verified, feel free to pull any associated sensitive data along with it + +This pattern is simple, straightforward, and most importantly: secure. And yes, you can most definitely scale up a large website using this pattern when using [light-session-4j][] which is a distributed session backed by in-memory data grid. + + +[stop using localstorage]: https://dev.to/rdegges/please-stop-using-local-storage-1i04 +[Jeff Atwood's article]: https://blog.codinghorror.com/protecting-your-cookies-httponly/ +[CSRF]: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) +[light-session-4j]: /sytle/light-session-4j/ + diff --git a/content/pt-br/consumer/spa-xss.md b/content/pt-br/consumer/spa-xss.md new file mode 100644 index 00000000..0e01b5b9 --- /dev/null +++ b/content/pt-br/consumer/spa-xss.md @@ -0,0 +1,11 @@ +--- +title: "Spa Xss" +date: 2018-05-22T12:48:16-04:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/spa.md b/content/pt-br/consumer/spa.md new file mode 100644 index 00000000..31f96956 --- /dev/null +++ b/content/pt-br/consumer/spa.md @@ -0,0 +1,20 @@ +--- +title: "SPA - Single Page Application" +date: 2018-12-24T18:27:09-05:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +When you build microservices, there must be an ultimate consumer somewhere at the top of the food chain, and it is usually a single page application that provides an interface to interact with end users. + +There are so many frameworks and libraries to build single page applications, and we highly recommend [React][]. Along with React, we have a lot of users are using [Vue][] and [Angular][]. + +[React]: /consumer/react/ +[Vue]: /consumer/vue/ +[Angular]: /consumer/angular/ + diff --git a/content/pt-br/consumer/standalone-registry.md b/content/pt-br/consumer/standalone-registry.md new file mode 100644 index 00000000..8fc99264 --- /dev/null +++ b/content/pt-br/consumer/standalone-registry.md @@ -0,0 +1,11 @@ +--- +title: "Standalone Registry" +date: 2018-03-01T21:39:51-05:00 +description: "" +categories: [] +keywords: [] +weight: 150 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/subject-token.md b/content/pt-br/consumer/subject-token.md new file mode 100644 index 00000000..77973cd8 --- /dev/null +++ b/content/pt-br/consumer/subject-token.md @@ -0,0 +1,33 @@ +--- +title: "Subject Token" +date: 2018-03-01T21:37:35-05:00 +description: "" +categories: [] +keywords: [] +weight: 50 +aliases: [] +toc: false +draft: false +--- + +As described in [security architecture][], light platform uses two tokens to secure service +to service calls. One token is the original token from the login user and it has original +caller information and possible additional info for fine-grained authorization. This token +is called Subject Token. + +The Subject Token represents a person and it has user_id and potential additional user info. + +There are two way to get this token. + +* Authorization Grant Flow for OAuth 2.0 provider + +* OpenID Connect + +This token is passed in request header "Authorization" in most of the cases and if the token +contains scope info to access the immediate API/service, then no Access Token is needed. This +is the situation webserver as a client calling APIs. + + +[security architecture]: /architecture/security/ +[Access Token]: /consumer/access-token/ + diff --git a/content/pt-br/consumer/tls-connection.md b/content/pt-br/consumer/tls-connection.md new file mode 100644 index 00000000..3db40d78 --- /dev/null +++ b/content/pt-br/consumer/tls-connection.md @@ -0,0 +1,81 @@ +--- +title: "TLS Connection" +date: 2018-03-01T21:36:44-05:00 +description: "" +categories: [] +keywords: [] +weight: 20 +aliases: [] +toc: false +draft: false +--- + +The light platform supports One-Way SSL by default in the [light-codegen][] and Two-Way SSL by updating server.yml to enable. Unless you are using some old tools that don't support HTTPS, it is recommended to use at least One-Way SSL even in the development phase, so you don't have any surprise when releasing to an official test environment. + +### TLS certificates + +There are four keystore files can be generated from light-codegen depending on the config.json in the model-config repository. + +Here is an example of config.json for light-codegen. + +``` +{ + "name": "apia", + "version": "1.0.0", + "groupId": "com.networknt", + "artifactId": "apia", + "rootPackage": "com.networknt.apia", + "handlerPackage":"com.networknt.apia.handler", + "modelPackage":"com.networknt.apia.model", + "overwriteHandler": true, + "overwriteHandlerTest": true, + "overwriteModel": true, + "httpPort": 7001, + "enableHttp": true, + "httpsPort": 7441, + "enableHttps": true, + "enableRegistry": false, + "supportDb": false, + "supportH2ForTest": false, + "supportClient": true +} + +``` + +By default, the generated code will have server.keystore and server.truststore in the config folder. But if supportClient is true in config.json, then client.keystore and client.truststore will be generated as well. + +For information about keystore files, please refer to [keystore truststore][]. + +The generated keystores and truststores contains self-signed certificates expire in the year 2023, and these should be used for development only. Once move to an official test environment, they need to be replaced with other self-signed certificates or CA-signed certificates. + +Please refer to [self-signed vs. CA-signed certificate][] for details on when to use self-signed or CA-signed certificate. + +### Enable One-Way or Two-Way TLS + +Please refer to the [server config][] for more details. + +### Download certificate from the server + +While connecting to a server with HTTPS, you should ask for the client certificate from the server admin. If you cannot get the certificate from the server admin, you can download it from the server with openssl. + +Please refer to the [public https][] tutorial for more details. + +### Debug TLS connection + +When make TLS connection to the server, you need to add certificates into client.truststore most of the cases. For most developers, it might be a challenge to get it done right in the first place. If you connection is not established to the server, chances are that you have the client.truststore missing the client certifiate. To figure out if the connection issue is due to the certificate, you can enable the tls debug in your IDE. + +Here is an article that contains all the details on [Debugging SSL/TLS Connections][]. + +Baiscally, you need to put the following JVM option when starting your server in IDE. + +``` +-Djavax.net.debug=all +``` + +[keystore truststore]: /tutorial/security/keystore-truststore/ +[self-signed vs CA-signed certificate]: /faq/self-ca-signed-cert/ +[server config]: /concern/server/ +[light-codegen]: /tool/light-codegen/ +[public https]: /tutorial/client/public-https/ +[Debugging SSL/TLS Connections]: https://docs.oracle.com/javase/7/docs/technotes/guides/security/jsse/ReadDebug.html + diff --git a/content/pt-br/consumer/token-startup.md b/content/pt-br/consumer/token-startup.md new file mode 100644 index 00000000..6381b1f9 --- /dev/null +++ b/content/pt-br/consumer/token-startup.md @@ -0,0 +1,11 @@ +--- +title: "Token Startup" +date: 2018-03-01T21:38:25-05:00 +description: "" +categories: [] +keywords: [] +weight: 80 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/traceability-id.md b/content/pt-br/consumer/traceability-id.md new file mode 100644 index 00000000..90660c9f --- /dev/null +++ b/content/pt-br/consumer/traceability-id.md @@ -0,0 +1,11 @@ +--- +title: "Traceability Id" +date: 2018-03-01T21:39:11-05:00 +description: "" +categories: [] +keywords: [] +weight: 110 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/traceability.md b/content/pt-br/consumer/traceability.md new file mode 100644 index 00000000..2e2521d9 --- /dev/null +++ b/content/pt-br/consumer/traceability.md @@ -0,0 +1,11 @@ +--- +title: "Traceability" +date: 2018-03-01T21:39:04-05:00 +description: "" +categories: [] +keywords: [] +weight: 100 +aliases: [] +toc: false +draft: false +--- diff --git a/content/pt-br/consumer/vue.md b/content/pt-br/consumer/vue.md new file mode 100644 index 00000000..69f731ca --- /dev/null +++ b/content/pt-br/consumer/vue.md @@ -0,0 +1,15 @@ +--- +title: "Vue" +date: 2018-12-24T19:47:51-05:00 +description: "" +categories: [] +keywords: [] +slug: "" +aliases: [] +toc: false +draft: false +--- + +Vue is a progressive framework for building user interfaces. Unlike other monolithic frameworks, Vue is designed from the ground up to be incrementally adoptable. The core library is focused on the view layer only, and is easy to pick up and integrate with other libraries or existing projects. On the other hand, Vue is also perfectly capable of powering sophisticated Single-Page Applications when used in combination with modern tooling and supporting libraries. + +The following is a list of open source projects that use Vue as UI. diff --git a/content/pt-br/consumer/zookeeper-discovery.md b/content/pt-br/consumer/zookeeper-discovery.md new file mode 100644 index 00000000..b7df032a --- /dev/null +++ b/content/pt-br/consumer/zookeeper-discovery.md @@ -0,0 +1,16 @@ +--- +title: "Zookeeper Discovery" +date: 2018-03-01T21:40:40-05:00 +description: "" +categories: [] +keywords: [] +weight: 200 +aliases: [] +toc: false +draft: false +--- + +Apache Zookeeper can used as service registry and discovery with [zookeeper][] module in light-4j; however, it is not recommended given it is very heavy and slow. It should only be used when you have the cluster implemented in house already and the number of services running is small. Otherwise, it is recommended to use [Consul][] for service registry and discovery. + +[zookeeper]: /concern/zookeeper/ +[Consul]: /consumer/consul-discovery/ From ec248a7aa74d8af53f90c4fda545085fc735a8a4 Mon Sep 17 00:00:00 2001 From: Jeferson Viana Perito Date: Mon, 13 May 2019 21:01:12 -0300 Subject: [PATCH 11/11] Fixes pt-br files linking --- config.toml | 174 ++++++++++++++++++ content/pt-br/consumer/_index.md | 82 ++++----- content/pt-br/consumer/access-token.md | 2 +- content/pt-br/consumer/client-module.md | 18 +- content/pt-br/consumer/consul-discovery.md | 2 +- content/pt-br/consumer/discovery.md | 4 +- content/pt-br/consumer/react.md | 2 +- content/pt-br/consumer/secret-encryption.md | 2 +- content/pt-br/consumer/spa-session-jwt.md | 2 +- content/pt-br/consumer/spa.md | 6 +- content/pt-br/consumer/subject-token.md | 2 +- content/pt-br/consumer/zookeeper-discovery.md | 2 +- 12 files changed, 236 insertions(+), 62 deletions(-) diff --git a/config.toml b/config.toml index 4c8bf391..49a4ea7a 100644 --- a/config.toml +++ b/config.toml @@ -322,10 +322,19 @@ params = ["categories", "tags"] contentDir = "content/zh" languageName = "中文" weight = 2 + [languages.ptbr] + contentDir = "content/pt-br" + languageName = "Português do Brasil" + weight = 3 ### LANGUAGE-SPECIFIC MENUS ### + + + + + # Chinese menus [[languages.zh.menu.docs]] @@ -486,3 +495,168 @@ params = ["categories", "tags"] identifier = "github" post = "external" url = "https://github.com/networknt/light-4j" + + +# Brazilian portuguese menus + +[[languages.ptbr.menu.docs]] + name = "Light" + weight = 1 + identifier = "about" + url = "/ptbr/about/" + +[[languages.ptbr.menu.docs]] + name = "Documentação" + weight = 5 + identifier = "getting-started" + url = "/ptbr/getting-started/" + + +# Core languages.ptbr.menus + +[[languages.ptbr.menu.docs]] + name = "Arquitetura" + weight = 10 + identifier = "architecture" + post = "expanded" + url = "/ptbr/architecture/" + +[[languages.ptbr.menu.docs]] + name = "Design" + weight = 15 + identifier = "design" + post = "expanded" + url = "/ptbr/design/" + +[[languages.ptbr.menu.docs]] + name = "Referências" + weight = 20 + identifier = "concern" + url = "/ptbr/concern/" + +[[languages.ptbr.menu.docs]] + name = "Estilo" + weight = 25 + identifier = "style" + url = "/ptbr/style/" + +[[languages.ptbr.menu.docs]] + name = "Serviço" + weight = 30 + identifier = "service" + url = "/ptbr/service/" + +[[languages.ptbr.menu.docs]] + name = "Ferramentas" + weight = 35 + post = "expanded" + identifier = "tool" + url = "/ptbr/tool/" + +[[languages.ptbr.menu.docs]] + name = "Biblioteca" + weight = 36 + post = "expanded" + identifier = "library" + url = "/ptbr/library/" + +[[languages.ptbr.menu.docs]] + name = "Consumidor" + weight = 38 + identifier = "consumer" + url = "/ptbr/consumer/" + +[[languages.ptbr.menu.docs]] + name = "Desenvolvimento" + weight = 39 + identifier = "development" + url = "/ptbr/development/" + +[[languages.ptbr.menu.docs]] + name = "Implantação" + weight = 40 + identifier = "deployment" + url = "/ptbr/deployment/" + + +# LOW LEVEL ITEMS + +[[languages.ptbr.menu.docs]] + name = "Exemplo" + weight = 40 + identifier = "example" + url = "/ptbr/example/" + +[[languages.ptbr.menu.docs]] + name = "Tutorial" + weight = 45 + identifier = "tutorial" + url = "/ptbr/tutorial/" + +[[languages.ptbr.menu.docs]] + name = "Benchmark" + weight = 50 + identifier = "benchmark" + url = "/ptbr/benchmark/" + +[[languages.ptbr.menu.docs]] + name = "Solução de problemas" + weight = 60 + identifier = "troubleshooting" + url = "/ptbr/troubleshooting/" + +[[languages.ptbr.menu.docs]] + name = "F.A.Q." + weight = 70 + identifier = "faq" + url = "/ptbr/faq/" + +[[languages.ptbr.menu.docs]] + name = "Milestone" + weight = 90 + identifier = "milestone" + url = "/ptbr/milestone/" + +[[languages.ptbr.menu.docs]] + name = "Contribua" + weight = 100 + post = "break" + identifier = "contribute" + url = "/ptbr/contribute/" + +[[languages.ptbr.menu.global]] + name = "Novidades" + weight = 1 + identifier = "news" + url = "/ptbr/news/" + +[[languages.ptbr.menu.global]] + name = "Documentação" + weight = 5 + identifier = "docs" + url = "/ptbr/documentation/" + + +# Anything with a weight > 100 gets an external icon +[[languages.ptbr.menu.global]] + name = "Comunidade" + weight = 150 + icon = true + identifier = "community" + post = "external" + url = "https://discourse.gohugo.io/" + +[[languages.ptbr.menu.global]] + name = "Reddit" + weight = 160 + icon = true + identifier = "reddit" + post = "external" + url = "https://www.reddit.com/r/lightapi/" + +[[languages.ptbr.menu.global]] + name = "GitHub" + weight = 200 + identifier = "github" + post = "external" + url = "https://github.com/networknt/light-4j" diff --git a/content/pt-br/consumer/_index.md b/content/pt-br/consumer/_index.md index 5c08889e..c7bd5187 100644 --- a/content/pt-br/consumer/_index.md +++ b/content/pt-br/consumer/_index.md @@ -25,47 +25,47 @@ e ao mesmo tempo isto pode ser um cliente para outro serviço. O menu abaixo contém arquitetura, design e melhores práticas: -- [Módulo cliente](/consumer/client-module/) - * [Arquivos jar](/consumer/jar-files/) - * [Conexão TLS](/consumer/tls-connection/) - * [HTTP 2.0](/consumer/http2/) +- [Módulo cliente](/ptbr/consumer/client-module/) + * [Arquivos jar](/ptbr/consumer/jar-files/) + * [Conexão TLS](/ptbr/consumer/tls-connection/) + * [HTTP 2.0](/ptbr/consumer/http2/) * [Segurança](/architecture/security/) - + [Token de entidade](/consumer/subject-token/) - + [Token de acesso](/consumer/access-token/) - + [Tipo de concessão personalizado](/consumer/customized-grant/) - + [Obter token no Startup](/consumer/token-startup/) - + [Token de longa duração](/consumer/long-lived-token/) + + [Token de entidade](/ptbr/consumer/subject-token/) + + [Token de acesso](/ptbr/consumer/access-token/) + + [Tipo de concessão personalizado](/ptbr/consumer/customized-grant/) + + [Obter token no Startup](/ptbr/consumer/token-startup/) + + [Token de longa duração](/ptbr/consumer/long-lived-token/) + [Distribuição de chave](/architecture/key-distribution/) - + [Criptografia secreta](/consumer/secret-encryption/) - + [SPA Stateful](/consumer/spa-session-jwt/) - + [SPA Stateless](/consumer/spa-cookie-jwt/) - + [SPA prevenção de CSRF](/consumer/spa-csrf/) - + [SPA prevença de XSS](/consumer/spa-xss/) - + [SPA BFF](/consumer/spa-bff/) - * [Rastreabilidade](/consumer/traceability/) - + [Id da Rastreabilidade](/consumer/traceability-id/) - + [Id de correlação](/consumer/correlation-id/) - * [Circuit Breaker](/consumer/circuit-breaker/) - * [CompletableFuture](/consumer/completable-future/) -- [light-consumer-4j](/consumer/light-consumer-4j/) -- [Service Discovery](/consumer/service-discovery/) - * [Registry](/consumer/registry/) - + [Standalone](/consumer/standalone-registry/) - + [Docker](/consumer/docker-registry/) - + [Kubernetes](/consumer/kubernetes-registry/) - * [Discovery](/consumer/discovery/) - + [Consul](/consumer/consul-discovery/) - + [Zookeeper](/consumer/zookeeper-discovery/) - * [SPA e móvel](/consumer/spa-mobile/) -- [Load Balance](/consumer/load-balance/) - * [Round Robin](/consumer/round-robin/) - * [Local First](/consumer/local-first/) - * [Consistent Hash](/consumer/consistent-hash/) -- [Light Router](/consumer/light-router/) - * [Casos de uso](/consumer/router-use-case/) + + [Criptografia secreta](/ptbr/consumer/secret-encryption/) + + [SPA Stateful](/ptbr/consumer/spa-session-jwt/) + + [SPA Stateless](/ptbr/consumer/spa-cookie-jwt/) + + [SPA prevenção de CSRF](/ptbr/consumer/spa-csrf/) + + [SPA prevença de XSS](/ptbr/consumer/spa-xss/) + + [SPA BFF](/ptbr/consumer/spa-bff/) + * [Rastreabilidade](/ptbr/consumer/traceability/) + + [Id da Rastreabilidade](/ptbr/consumer/traceability-id/) + + [Id de correlação](/ptbr/consumer/correlation-id/) + * [Circuit Breaker](/ptbr/consumer/circuit-breaker/) + * [CompletableFuture](/ptbr/consumer/completable-future/) +- [light-consumer-4j](/ptbr/consumer/light-consumer-4j/) +- [Service Discovery](/ptbr/consumer/service-discovery/) + * [Registry](/ptbr/consumer/registry/) + + [Standalone](/ptbr/consumer/standalone-registry/) + + [Docker](/ptbr/consumer/docker-registry/) + + [Kubernetes](/ptbr/consumer/kubernetes-registry/) + * [Discovery](/ptbr/consumer/discovery/) + + [Consul](/ptbr/consumer/consul-discovery/) + + [Zookeeper](/ptbr/consumer/zookeeper-discovery/) + * [SPA e móvel](/ptbr/consumer/spa-mobile/) +- [Load Balance](/ptbr/consumer/load-balance/) + * [Round Robin](/ptbr/consumer/round-robin/) + * [Local First](/ptbr/consumer/local-first/) + * [Consistent Hash](/ptbr/consumer/consistent-hash/) +- [Light Router](/ptbr/consumer/light-router/) + * [Casos de uso](/ptbr/consumer/router-use-case/) * [Localização e propriedade](/service/router/location-ownership/) -- [Single Page Application](/consumer/spa/) - * [React](/consumer/react/) - * [React-schema-form](/consumer/react-schema-form/) - * [Vue](/consumer/vue/) - * [Angular](/consumer/angular/) +- [Single Page Application](/ptbr/consumer/spa/) + * [React](/ptbr/consumer/react/) + * [React-schema-form](/ptbr/consumer/react-schema-form/) + * [Vue](/ptbr/consumer/vue/) + * [Angular](/ptbr/consumer/angular/) diff --git a/content/pt-br/consumer/access-token.md b/content/pt-br/consumer/access-token.md index ebddacce..5c9cfae9 100644 --- a/content/pt-br/consumer/access-token.md +++ b/content/pt-br/consumer/access-token.md @@ -23,4 +23,4 @@ Se access token é somente o token disponível, isso é passado em Authorization isso é passado em um X-Scope-Token na requisição. -[Token de entidade]: /consumer/subject-token/ +[Token de entidade]: /ptbr/consumer/subject-token/ diff --git a/content/pt-br/consumer/client-module.md b/content/pt-br/consumer/client-module.md index 4cfe9b3d..6a11af32 100644 --- a/content/pt-br/consumer/client-module.md +++ b/content/pt-br/consumer/client-module.md @@ -10,7 +10,7 @@ toc: false draft: false --- -O [módulo cliente][] em light-4j é um componente muito importante na plataforma light para +O [Módulo Cliente][] em light-4j é um componente muito importante na plataforma light para interações entre cliente para serviço ou serviço para serviço em requisições/respostas sincronas sobre HTTPS e HTTP2. Microserviços são esperado ter alta performance a baixa latência para que múltiplos serviços podem ser encadeados juntos para cumprir uma requisição externa. @@ -23,14 +23,14 @@ Há muitas funcionalidades no módulo cliente e esses deveriam ser utilizado em A seguinte seçao mostra como usar o módulo cliente para casos de uso comum e os detalhes é documentado aqui também. -- [Conexão TLS](/consumer/tls-connection/) -- [HTTP 2.0](/consumer/http2/) -- [OAuth 2.0 JWT Token](/consumer/oauth2-jwt/) - * [Token de entidade](/consumer/subject-token/) - * [Token de acesso](/consumer/access-token/) - * [Tipo de concessão personalizado](/consumer/customized-grant/) - * [Obter Token no Startup](/consumer/token-startup/) - * [Token de longa duração](/consumer/long-lived-token/) +- [Conexão TLS](/ptbr/consumer/tls-connection/) +- [HTTP 2.0](/ptbr/consumer/http2/) +- [OAuth 2.0 JWT Token](/ptbr/consumer/oauth2-jwt/) + * [Token de entidade](/ptbr/consumer/subject-token/) + * [Token de acesso](/ptbr/consumer/access-token/) + * [Tipo de concessão personalizado](/ptbr/consumer/customized-grant/) + * [Obter Token no Startup](/ptbr/consumer/token-startup/) + * [Token de longa duração](/ptbr/consumer/long-lived-token/) [Módulo cliente]: /concern/client/ \ No newline at end of file diff --git a/content/pt-br/consumer/consul-discovery.md b/content/pt-br/consumer/consul-discovery.md index 0909a5fc..7cf0227f 100644 --- a/content/pt-br/consumer/consul-discovery.md +++ b/content/pt-br/consumer/consul-discovery.md @@ -14,4 +14,4 @@ draft: false Serviço de descoberta do Consul é habilitada pelo [consul][] módulo em light-4j e isso é a melhor solução geral para o registro de serviço e descoberta na plataforma light. Você pode também escolher zookeeper mas isso não é recomendável. [consul]: /concern/consul/ -[zookeeper]: /consumer/zookeeper-discovery/ +[zookeeper]: /ptbr/consumer/zookeeper-discovery/ diff --git a/content/pt-br/consumer/discovery.md b/content/pt-br/consumer/discovery.md index 3aee8215..435208fe 100644 --- a/content/pt-br/consumer/discovery.md +++ b/content/pt-br/consumer/discovery.md @@ -33,5 +33,5 @@ Acima está a razão pela qual temos que fornecer nosso próprio registro de ser Há vários produtos de código aberto que suportam registro de serviço e descoberta no mercado. Nós implementamos o módulo em light-4j para suportar tanto [Consul] [] quanto [Zookeeper] []. -[Consul]: /consumer/consul-discovery/ -[Zookeeper]: /consumer/zookeeper-discovery/ +[Consul]: /ptbr/consumer/consul-discovery/ +[Zookeeper]: /ptbr/consumer/zookeeper-discovery/ diff --git a/content/pt-br/consumer/react.md b/content/pt-br/consumer/react.md index 92ac6055..b10f97cc 100644 --- a/content/pt-br/consumer/react.md +++ b/content/pt-br/consumer/react.md @@ -15,4 +15,4 @@ auto encapsulado. Internamente, estamos usando o React para quase todas as interfaces para vários serviços. Para acelerar o desenvolvimento, também desenvolvemos [react-schema-form] [], que pode gerar formulários e lógica para interagir com os serviços de back-end de forma unificada. -[react-schema-form]: /consumer/react-schema-form/ +[react-schema-form]: /ptbr/consumer/react-schema-form/ diff --git a/content/pt-br/consumer/secret-encryption.md b/content/pt-br/consumer/secret-encryption.md index f35157c4..e99f9d41 100644 --- a/content/pt-br/consumer/secret-encryption.md +++ b/content/pt-br/consumer/secret-encryption.md @@ -1,5 +1,5 @@ --- -title: "Secret Encryption" +title: "Codificador de segredos" date: 2018-03-07T21:17:38-05:00 description: "" categories: [] diff --git a/content/pt-br/consumer/spa-session-jwt.md b/content/pt-br/consumer/spa-session-jwt.md index a211b4f1..90dc70f5 100644 --- a/content/pt-br/consumer/spa-session-jwt.md +++ b/content/pt-br/consumer/spa-session-jwt.md @@ -31,5 +31,5 @@ Esse padrão é simples, direto e, o mais importante: seguro. E sim, você pode [pare de usar localstorage]: https://dev.to/rdegges/please-stop-using-local-storage-1i04 [artigo do Jeff Atwood]: https://blog.codinghorror.com/protecting-your-cookies-httponly/ [CSRF]: https://www.owasp.org/index.php/Cross-Site_Request_Forgery_(CSRF) -[light-session-4j]: /sytle/light-session-4j/ +[light-session-4j]: /ptbr/sytle/light-session-4j/ diff --git a/content/pt-br/consumer/spa.md b/content/pt-br/consumer/spa.md index 921e7352..e4799cef 100644 --- a/content/pt-br/consumer/spa.md +++ b/content/pt-br/consumer/spa.md @@ -14,7 +14,7 @@ Quando você constrói microsserviços, deve haver um consumidor final em algum Existem muitos frameworks e bibliotecas para construir SPAs, e nós recomendamos fortemente [React][]. Juntamente com o React, temos muitos usuários usando [Vue][] e [Angular][]. -[React]: /consumer/react/ -[Vue]: /consumer/vue/ -[Angular]: /consumer/angular/ +[React]: /ptbr/consumer/react/ +[Vue]: /ptbr/consumer/vue/ +[Angular]: /ptbr/consumer/angular/ diff --git a/content/pt-br/consumer/subject-token.md b/content/pt-br/consumer/subject-token.md index 25ddb512..87741bcc 100644 --- a/content/pt-br/consumer/subject-token.md +++ b/content/pt-br/consumer/subject-token.md @@ -33,5 +33,5 @@ is the situation webserver as a client calling APIs. [security architecture]: /architecture/security/ -[Access Token]: /consumer/access-token/ +[Access Token]: /ptbr/consumer/access-token/ diff --git a/content/pt-br/consumer/zookeeper-discovery.md b/content/pt-br/consumer/zookeeper-discovery.md index 7a024f64..0d1c7e15 100644 --- a/content/pt-br/consumer/zookeeper-discovery.md +++ b/content/pt-br/consumer/zookeeper-discovery.md @@ -13,4 +13,4 @@ draft: false O Apache Zookeeper pode ser usado como registro de serviço e descoberta com o módulo [zookeeper][] na light-4j; no entanto, não é recomendado, pois é muito pesado e lento. Ele só deve ser usado quando você já tiver o cluster implementado em casa e o número de serviços em execução for pequeno. Caso contrário, recomenda-se usar [Consul][] para registro e descoberta de serviço. [zookeeper]: /concern/zookeeper/ -[Consul]: /consumer/consul-discovery/ +[Consul]: /ptbr/consumer/consul-discovery/