The Uniport-Gateway acts as an reverse proxy for all requests in Uniport.

There are some unique requirements that could not be fulfilled by an existing implementation including, but not limited to:

• Relying party as a reverse proxy with routing
• Handling parallel authentication requests
• Session bag - only the session cookie leaves the platform
• HA deployment on Kubernetes
• Maximum flexibility with minimal components

Regarding the architecture it is heavily inspired by traefik.

The Uniport-Gateway build on top of the concepts of entrypoints, routers, middlewares, services and providers:

• An entrypoint configures the port it is listening on
• A router configures a rule to route requests, e.g. based on the request's host or path
• A router may have middlewares to manipulate a request
• A router passes the request to a service that forward the request to the destination server
• A provider reads configuration, e.g. from a file, and provisions the router, middlewares and services accordingly.

The Uniport-Gateway has two different types of configuration, a static configuration and dynamic configurations:

• The static configuration is the minimal configuration needed to start the Uniport-Gateway and cannot be changed at runtime. It consists of entrypoints and providers.
• The dynamic configuration configures routers, middlewares and services. It can be dynamically updated and applied at runtime.

The simplest provider is the file provider. It reads the configuration from a JSON file and searches at the following locations:

1. File pointed at by the environment variable UNIPORT_GATEWAY_JSON
2. File pointed at by the system property UNIPORT_GATEWAY_JSON
3. File uniport-gateway.json in the /etc/uniport-gateway/default/ directory
4. File uniport-gateway.json in the current working directory

mvn clean install

Note: Your configuration at ~/.m2/settings.xml needs to exist with the following content:

<servers>
    <server>
        <id>inventage-portal-group</id>
        <username>username</username>
        <password>password</password>
    </server>
</servers>

(It is also possible to use user tokens, instead of username/password)

If you do not have a login, then it is also possible to build with the following command (by disabling the download of private dependencies; this does not build the helm chart):

mvn clean install -pl '!helm' -Dpublic=true

Alternatively, the latest releases are available on the GitHub Container Registry: https://github.com/uniport/uniport-gateway/pkgs/container/uniport-gateway

A simple setup can be launched by first starting some background services with docker compose, and then run the Uniport-Gateway with the launch config Launch (router-rules) (VSCode) or the run config UniportGateway (IntelliJ).

docker compose -f server/src/test/resources/configs/router-rules/docker-compose.yml up

Then visit http://localhost:20000

Note: To use the run config in IntelliJ, the plugin net.ashald.envfile has to be installed.

Alternatively, a similar configuration can be launched by running docker compose.

docker compose -f starter-kit/docker-compose.yml up

Then visit http://localhost:20000

Important: For the service discovery of the docker provider to work, the /var/run/docker.sock has to be available and have permissions set to 666. There are some security aspects involved.