Restructuring middleware docs pages (#1190)

* First pass at restructuring the middleware docs pages

* Tweaks

* Updating custom middleware instructions.
Grammatical tweak re: secrets in metadata values.

* Adding descriptions for each middleware component to the supported middleware table

* Table allignment

* Various tweaks

* its versus it's

* Making Quickstart capitalized again

* Better OAuth spec links for the two grant flows currently supported

* Fixing two sentences

* Update middleware-overview.md

* Update middleware-bearer.md

* Update middleware-oauth2.md

* Update middleware-oauth2clientcredentials.md

* Update middleware-opa.md

* Update middleware-rate-limit.md

* Update middleware-uppercase.md

* Update middleware-rate-limit.md

* Update middleware-opa.md

* Update middleware-oauth2.md

* Update middleware-bearer.md

* Update middleware-oauth2.md

* Update middleware-bearer.md

* Update middleware-oauth2clientcredentials.md

* Update middleware-opa.md

* Update middleware-rate-limit.md

* Update middleware-uppercase.md

* Update daprdocs/content/en/developing-applications/middleware/supported-middleware/middleware-oauth2clientcredentials.md

Co-authored-by: Mukundan Sundararajan <musundar@microsoft.com>

* Update daprdocs/content/en/developing-applications/middleware/supported-middleware/middleware-rate-limit.md

Co-authored-by: Mukundan Sundararajan <musundar@microsoft.com>

* Update daprdocs/content/en/developing-applications/middleware/supported-middleware/middleware-opa.md

Co-authored-by: Mukundan Sundararajan <musundar@microsoft.com>

* Update daprdocs/content/en/developing-applications/middleware/middleware-overview.md

Co-authored-by: Mukundan Sundararajan <musundar@microsoft.com>

* Tweaks per PR

* Small tweak

* Small tweak

Co-authored-by: Mark Fussell <mfussell@microsoft.com>
Co-authored-by: Mukundan Sundararajan <musundar@microsoft.com>
Co-authored-by: Ori Zohar <orzohar@microsoft.com>
This commit is contained in:
Phil Kedy 2021-02-12 19:25:24 -05:00 committed by GitHub
parent de25be0407
commit bbc10f8b4d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
13 changed files with 447 additions and 77 deletions

View File

@ -33,34 +33,7 @@ spec:
type: middleware.http.uppercase
```
## Writing a custom middleware
Dapr uses [FastHTTP](https://github.com/valyala/fasthttp) to implement it's HTTP server. Hence, your HTTP middleware needs to be written as a FastHTTP handler. Your middleware needs to implement a middleware interface, which defines a **GetHandler** method that returns a **fasthttp.RequestHandler**:
```go
type Middleware interface {
GetHandler(metadata Metadata) (func(h fasthttp.RequestHandler) fasthttp.RequestHandler, error)
}
```
Your handler implementation can include any inbound logic, outbound logic, or both:
```go
func GetHandler(metadata Metadata) fasthttp.RequestHandler {
return func(h fasthttp.RequestHandler) fasthttp.RequestHandler {
return func(ctx *fasthttp.RequestCtx) {
// inboud logic
h(ctx) // call the downstream handler
// outbound logic
}
}
}
```
## Adding new middleware components
Your middleware component can be contributed to the [components-contrib repository](https://github.com/dapr/components-contrib/tree/master/middleware).
Then submit another pull request against the [Dapr runtime repository](https://github.com/dapr/dapr) to register the new middleware type. You'll need to modify the **Load()** method in [registry.go]( https://github.com/dapr/dapr/blob/master/pkg/components/middleware/http/registry.go) to register your middleware using the **Register** method.
## Next steps
* [Middleware overview]({{< ref middleware-overview.md >}})
* [How-To: Configure API authorization with OAuth]({{< ref oauth.md >}})

View File

@ -3,5 +3,5 @@ type: docs
title: "Middleware"
linkTitle: "Middleware"
weight: 50
description: "Customize Dapr processing pipelines by adding middleware components"
description: "Customize processing pipelines by adding middleware components"
---

View File

@ -0,0 +1,85 @@
---
type: docs
title: "Overview"
linkTitle: "Overview"
description: "General overview on set up of middleware components for Dapr"
weight: 10000
type: docs
---
Dapr allows custom processing pipelines to be defined by chaining a series of middleware components. Middleware pipelines are defined in Dapr configuration files.
As with other [building block components]({{< ref component-schema.md >}}), middleware components are extensible and can be found in the [components-contrib repo](https://github.com/dapr/components-contrib/tree/master/middleware/http).
Middleware in Dapr is described using a `Component` file with the following schema:
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: <COMPONENT NAME>
namespace: <NAMESPACE>
spec:
type: middleware.http.<MIDDLEWARE TYPE>
version: v1
metadata:
- name: <KEY>
value: <VALUE>
- name: <KEY>
value: <VALUE>
...
```
The type of middleware is determined by the `type` field. Component setting values such as rate limits, OAuth credentials and other settings are put in the `metadata` section.
Even though metadata values can contain secrets in plain text, it is recommended that you use a [secret store]({{< ref component-secrets.md >}}).
Next, a Dapr [configuration]({{< ref configuration-overview.md >}}) defines the pipeline of middleware components for your application.
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: <COMPONENT NAME>
type: middleware.http.<MIDDLEWARE TYPE>
- name: <COMPONENT NAME>
type: middleware.http.<MIDDLEWARE TYPE>
```
## Writing a custom middleware
Dapr uses [FastHTTP](https://github.com/valyala/fasthttp) to implement its HTTP server. Hence, your HTTP middleware needs to be written as a FastHTTP handler. Your middleware needs to implement a middleware interface, which defines a **GetHandler** method that returns a **fasthttp.RequestHandler**:
```go
type Middleware interface {
GetHandler(metadata Metadata) (func(h fasthttp.RequestHandler) fasthttp.RequestHandler, error)
}
```
Your handler implementation can include any inbound logic, outbound logic, or both:
```go
func GetHandler(metadata Metadata) fasthttp.RequestHandler {
return func(h fasthttp.RequestHandler) fasthttp.RequestHandler {
return func(ctx *fasthttp.RequestCtx) {
// inboud logic
h(ctx) // call the downstream handler
// outbound logic
}
}
}
```
## Adding new middleware components
Your middleware component can be contributed to the [components-contrib repository](https://github.com/dapr/components-contrib/tree/master/middleware).
After the components-contrib change has been accepted, submit another pull request against the [Dapr runtime repository](https://github.com/dapr/dapr) to register the new middleware type. You'll need to modify **[runtime.WithHTTPMiddleware](https://github.com/dapr/dapr/blob/f4d50b1369e416a8f7b93e3e226c4360307d1313/cmd/daprd/main.go#L394-L424)** method in [cmd/daprd/main.go](https://github.com/dapr/dapr/blob/master/cmd/daprd/main.go) to register your middleware with Dapr's runtime.
## Related links
* [Middleware pipelines concept]({{< ref middleware-concept.md >}})
* [Component schema]({{< ref component-schema.md >}})
* [Configuration overview]({{< ref configuration-overview.md >}})
* [Middleware quickstart](https://github.com/dapr/quickstarts/tree/master/middleware)

View File

@ -1,34 +0,0 @@
---
type: docs
title: "How-To: Rate limiting"
linkTitle: "Rate limiting"
weight: 1000
description: "Use Dapr rate limit middleware to limit requests per second"
type: docs
---
The Dapr Rate limit [HTTP middleware]({{< ref middleware-concept.md >}}) allows restricting the maximum number of allowed HTTP requests per second.
## Middleware component definition
In the following definition, the maximum requests per second are set to 10:
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: ratelimit
spec:
type: middleware.http.ratelimit
metadata:
- name: maxRequestsPerSecond
value: 10
```
Once the limit is reached, the request will return *HTTP Status code 429: Too Many Requests*.
## Referencing the rate limit middleware
To be applied, the middleware must be referenced in a [Dapr Configuration]({{< ref configuration-concept.md >}}). See [Middleware pipelines]({{< ref "middleware-concept.md#customize-processing-pipeline">}}).
## Related links
- [Middleware concept]({{< ref middleware-concept.md >}})
- [Dapr configuration]({{< ref configuration-concept.md >}})

View File

@ -0,0 +1,19 @@
---
type: docs
title: "Supported middleware"
linkTitle: "Supported middleware"
weight: 30000
description: List of all the supported middleware components that can be injected in Dapr's processing pipeline.
no_list: true
---
### HTTP
| Name | Description | Status |
|--------------------------------------------------------------------------------|---------------------------------------------------------------------------------------------------------------------------------|----------------------------|
| [Rate limit]({{< ref middleware-rate-limit.md >}}) | Restricts the maximum number of allowed HTTP requests per second | Alpha |
| [OAuth2]({{< ref middleware-oauth2.md >}}) | Enables the [OAuth2 Authorization Grant flow](https://tools.ietf.org/html/rfc6749#section-4.1) on a Web API | Alpha |
| [OAuth2 client credentials]({{< ref middleware-oauth2clientcredentials.md >}}) | Enables the [OAuth2 Client Credentials Grant flow](https://tools.ietf.org/html/rfc6749#section-4.4) on a Web API | Alpha |
| [Bearer]({{< ref middleware-bearer.md >}}) | Verifies a [Bearer Token](https://tools.ietf.org/html/rfc6750) using [OpenID Connect](https://openid.net/connect/) on a Web API | Alpha |
| [Open Policy Agent]({{< ref middleware-opa.md >}}) | Applies [Rego/OPA Policies](https://www.openpolicyagent.org/) to incoming Dapr HTTP requests | Alpha |
| [Uppercase]({{< ref middleware-uppercase.md >}}) | Converts the body of the request to uppercase letters | GA (For local development) |

View File

@ -0,0 +1,55 @@
---
type: docs
title: "Bearer"
linkTitle: "Bearer"
weight: 4000
description: "Use bearer middleware to secure HTTP endpoints by verifying bearer tokens"
type: docs
---
The bearer [HTTP middleware]({{< ref middleware-concept.md >}}) verifies a [Bearer Token](https://tools.ietf.org/html/rfc6750) using [OpenID Connect](https://openid.net/connect/) on a Web API without modifying the application. This design separates authentication/authorization concerns from the application, so that application operators can adopt and configure authentication/authorization providers without impacting the application code.
## Component format
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: bearer-token
spec:
type: middleware.http.bearer
version: v1
metadata:
- name: clientId
value: "<your client ID>"
- name: issuerURL
value: "https://accounts.google.com"
```
## Spec metadata fields
| Field | Details | Example |
|----------------|---------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------|
| clientId | The client ID of your application that is created as part of a credential hosted by a OpenID Connect platform | |
| issuerURL | URL identifier for the service. | `"https://accounts.google.com"`, `"https://login.salesforce.com"` |
## Dapr configuration
To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware-concept.md#customize-processing-pipeline">}}).
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: bearer-token
type: middleware.http.bearer
```
## Related links
- [Middleware concept]({{< ref middleware-concept.md >}})
- [Configuration concept]({{< ref configuration-concept.md >}})
- [Configuration overview]({{< ref configuration-overview.md >}})

View File

@ -0,0 +1,72 @@
---
type: docs
title: "OAuth2"
linkTitle: "OAuth2"
weight: 2000
description: "Use OAuth2 middleware to secure HTTP endpoints"
---
The OAuth2 [HTTP middleware]({{< ref middleware-concept.md >}}) enables the [OAuth2 Authorization Code flow](https://tools.ietf.org/html/rfc6749#section-4.1) on a Web API without modifying the application. This design separates authentication/authorization concerns from the application, so that application operators can adopt and configure authentication/authorization providers without impacting the application code.
## Component format
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: oauth2
spec:
type: middleware.http.oauth2
version: v1
metadata:
- name: clientId
value: "<your client ID>"
- name: clientSecret
value: "<your client secret>"
- name: scopes
value: "https://www.googleapis.com/auth/userinfo.email"
- name: authURL
value: "https://accounts.google.com/o/oauth2/v2/auth"
- name: tokenURL
value: "https://accounts.google.com/o/oauth2/token"
- name: redirectURL
value: "http://dummy.com"
- name: authHeaderName
value: "authorization"
- name: forceHTTPS
value: "false"
```
## Spec metadata fields
| Field | Details | Example |
|----------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|------------------------------------------------|
| clientId | The client ID of your application that is created as part of a credential hosted by a OAuth-enabled platform | |
| clientSecret | The client secret of your application that is created as part of a credential hosted by a OAuth-enabled platform | |
| scopes | A list of space-delimited, case-sensitive strings of [scopes](https://tools.ietf.org/html/rfc6749#section-3.3) which are typically used for authorization in the application | `"https://www.googleapis.com/auth/userinfo.email"` |
| authURL | The endpoint of the OAuth2 authorization server | `"https://accounts.google.com/o/oauth2/v2/auth"` |
| tokenURL | The endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token | `"https://accounts.google.com/o/oauth2/token"` |
| redirectURL | The URL of your web application that the authorization server should redirect to once the user has authenticated | `"https://myapp.com"` |
| authHeaderName | The authorization header name to forward to your application | `"authorization"` |
| forceHTTPS | If true, enforces the use of TLS/SSL | `"true"`,`"false"` |
## Dapr configuration
To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware-concept.md#customize-processing-pipeline">}}).
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: oauth2
type: middleware.http.oauth2
```
## Related links
- [Configure API authorization with OAuth]({{< ref oauth >}})
- [Middleware OAuth quickstart](https://github.com/dapr/quickstarts/tree/master/middleware)
- [Middleware concept]({{< ref middleware-concept.md >}})
- [Configuration concept]({{< ref configuration-concept.md >}})
- [Configuration overview]({{< ref configuration-overview.md >}})

View File

@ -0,0 +1,72 @@
---
type: docs
title: "OAuth2 client credentials"
linkTitle: "OAuth2 client credentials"
weight: 3000
description: "Use OAuth2 client credentials middleware to secure HTTP endpoints"
---
The OAuth2 client credentials [HTTP middleware]({{< ref middleware-concept.md >}}) enables the [OAuth2 Client Credentials flow](https://tools.ietf.org/html/rfc6749#section-4.4) on a Web API without modifying the application. This design separates authentication/authorization concerns from the application, so that application operators can adopt and configure authentication/authorization providers without impacting the application code.
## Component format
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: oauth2clientcredentials
spec:
type: middleware.http.oauth2clientcredentials
version: v1
metadata:
- name: clientId
value: "<your client ID>"
- name: clientSecret
value: "<your client secret>"
- name: scopes
value: "https://www.googleapis.com/auth/userinfo.email"
- name: tokenURL
value: "https://accounts.google.com/o/oauth2/token"
- name: headerName
value: "authorization"
```
## Spec metadata fields
| Field | Details | Example |
|---------------------|-----------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|----------------------------------------------------|
| clientId | The client ID of your application that is created as part of a credential hosted by a OAuth-enabled platform | |
| clientSecret | The client secret of your application that is created as part of a credential hosted by a OAuth-enabled platform | |
| scopes | A list of space-delimited, case-sensitive strings of [scopes](https://tools.ietf.org/html/rfc6749#section-3.3) which are typically used for authorization in the application | `"https://www.googleapis.com/auth/userinfo.email"` |
| tokenURL | The endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token | `"https://accounts.google.com/o/oauth2/token"` |
| headerName | The authorization header name to forward to your application | `"authorization"` |
| endpointParamsQuery | Specifies additional parameters for requests to the token endpoint | `true` |
| authStyle | Optionally specifies how the endpoint wants the client ID & client secret sent. See the table of possible values below | `0` |
### Possible values for `authStyle`
| Value | Meaning |
|-------|---------|
| `1` | Sends the "client_id" and "client_secret" in the POST body as application/x-www-form-urlencoded parameters. |
| `2` | Sends the "client_id" and "client_secret" using HTTP Basic Authorization. This is an optional style described in the [OAuth2 RFC 6749 section 2.3.1](https://tools.ietf.org/html/rfc6749#section-2.3.1). |
| `0` | Means to auto-detect which authentication style the provider wants by trying both ways and caching the successful way for the future. |
## Dapr configuration
To be applied, the middleware must be referenced in a [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware-concept.md#customize-processing-pipeline">}}).
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: oauth2clientcredentials
type: middleware.http.oauth2clientcredentials
```
## Related links
- [Middleware concept]({{< ref middleware-concept.md >}})
- [Configuration concept]({{< ref configuration-concept.md >}})
- [Configuration overview]({{< ref configuration-overview.md >}})

View File

@ -1,15 +1,14 @@
---
type: docs
title: "How-To: Apply Open Policy Agent (OPA) policies"
linkTitle: "Apply OPA policies"
weight: 2000
description: "Use Dapr middleware to apply Open Policy Agent (OPA) policies on incoming requests"
type: docs
title: "Apply Open Policy Agent (OPA) policies"
linkTitle: "Open Policy Agent (OPA)"
weight: 6000
description: "Use middleware to apply Open Policy Agent (OPA) policies on incoming requests"
---
The Dapr Open Policy Agent (OPA) [HTTP middleware]({{< ref middleware-concept.md >}}) allows applying [OPA Policies](https://www.openpolicyagent.org/) to incoming Dapr HTTP requests. This can be used to apply reusable authorization policies to app endpoints.
The Open Policy Agent (OPA) [HTTP middleware]({{< ref middleware-concept.md >}}) applys [OPA Policies](https://www.openpolicyagent.org/) to incoming Dapr HTTP requests. This can be used to apply reusable authorization policies to app endpoints.
## Middleware component definition
## Component format
```yaml
apiVersion: dapr.io/v1alpha1
@ -21,8 +20,8 @@ spec:
type: middleware.http.opa
version: v1
metadata:
# `includedHeaders` is a comma-seperated set of case-insensitive headers to include in the request input.
# Request headers are not passed to the policy by default. Include to recieve incoming request headers in
# `includedHeaders` is a comma-separated set of case-insensitive headers to include in the request input.
# Request headers are not passed to the policy by default. Include to receive incoming request headers in
# the input
- name: includedHeaders
value: "x-my-custom-header, x-jwt-header"
@ -69,6 +68,30 @@ spec:
You can prototype and experiment with policies using the [official opa playground](https://play.openpolicyagent.org). For example, [you can find the example policy above here](https://play.openpolicyagent.org/p/oRIDSo6OwE).
## Spec metadata fields
| Field | Details | Example |
|-----------------|-------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|-------------------------------------------------------------------|
| rego | The Rego policy language | See above |
| defaultStatus | The status code to return for denied responses | `"https://accounts.google.com"`, `"https://login.salesforce.com"` |
| includedHeaders | A comma-separated set of case-insensitive headers to include in the request input. Request headers are not passed to the policy by default. Include to receive incoming request headers in the input | `"x-my-custom-header, x-jwt-header"` |
## Dapr configuration
To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware-concept.md#customize-processing-pipeline">}}).
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: my-policy
type: middleware.http.opa
```
## Input
This middleware supplies a [`HTTPRequest`](#httprequest) as input.
@ -95,7 +118,7 @@ type HTTPRequest struct {
query map[string][]string
// The request headers
// NOTE: By default, no headers are included. You must specify what headers
// you want to recieve via `spec.metadata.includedHeaders` (see above)
// you want to receive via `spec.metadata.includedHeaders` (see above)
headers map[string]string
// The request scheme (e.g. http, https)
scheme string
@ -184,4 +207,7 @@ type Result struct {
## Related links
- [Open Policy Agent](https://www.openpolicyagent.org)
- [HTTP API Example](https://www.openpolicyagent.org/docs/latest/http-api-authorization/)
- [HTTP API example](https://www.openpolicyagent.org/docs/latest/http-api-authorization/)
- [Middleware concept]({{< ref middleware-concept.md >}})
- [Configuration concept]({{< ref configuration-concept.md >}})
- [Configuration overview]({{< ref configuration-overview.md >}})

View File

@ -0,0 +1,57 @@
---
type: docs
title: "Rate limiting"
linkTitle: "Rate limiting"
weight: 1000
description: "Use rate limit middleware to limit requests per second"
---
The rate limit [HTTP middleware]({{< ref middleware-concept.md >}}) allows restricting the maximum number of allowed HTTP requests per second. Rate limiting can protect your application from denial of service (DOS) attacks. DOS attacks can be initiated by malicious 3rd parties but also by bugs in your software (a.k.a. a "friendly fire" DOS attack).
## Component format
In the following definition, the maximum requests per second are set to 10:
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: ratelimit
spec:
type: middleware.http.ratelimit
metadata:
- name: maxRequestsPerSecond
value: 10
```
## Spec metadata fields
| Field | Details | Example |
|----------------------|------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------|---------|
| maxRequestsPerSecond | The maximum requests per second by remote IP and path. Something to consider is that **the limit is enforced independently in each Dapr sidecar and not cluster wide** | `10` |
Once the limit is reached, the request will return *HTTP Status code 429: Too Many Requests*.
Alternatively, the [max concurrency setting]({{< ref control-concurrency.md >}}) can be used to rate limit applications and applies to all traffic regardless of remote IP or path.
## Dapr configuration
To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware-concept.md#customize-processing-pipeline">}}).
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: ratelimit
type: middleware.http.ratelimit
```
## Related links
- [Control max concurrently]({{< ref control-concurrency.md >}})
- [Middleware concept]({{< ref middleware-concept.md >}})
- [Dapr configuration]({{< ref configuration-concept.md >}})
- [Configuration overview]({{< ref configuration-overview.md >}})

View File

@ -0,0 +1,45 @@
---
type: docs
title: "Uppercase request body"
linkTitle: "Uppercase"
weight: 9999
description: "Test your HTTP pipeline is functioning with the uppercase middleware"
---
The uppercase [HTTP middleware]({{< ref middleware-concept.md >}}) converts the body of the request to uppercase letters and is used for testing that the pipeline is functioning. It should only be used for local development.
## Component format
In the following definition, the maximum requests per second are set to 10:
```yaml
apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
name: uppercase
spec:
type: middleware.http.uppercase
```
This component has no `metadata` to configure.
## Dapr configuration
To be applied, the middleware must be referenced in [configuration]({{< ref configuration-concept.md >}}). See [middleware pipelines]({{< ref "middleware-concept.md#customize-processing-pipeline">}}).
```yaml
apiVersion: dapr.io/v1alpha1
kind: Configuration
metadata:
name: appconfig
spec:
httpPipeline:
handlers:
- name: uppercase
type: middleware.http.uppercase
```
## Related links
- [Middleware concept]({{< ref middleware-concept.md >}})
- [Configuration concept]({{< ref configuration-concept.md >}})
- [Configuration overview]({{< ref configuration-overview.md >}})

View File

@ -33,7 +33,7 @@ spec:
```
The type of pub/sub is determined by the `type` field, and properties such as connection strings and other metadata are put in the `.metadata` section.
Even though you can put plain text secrets in there, it is recommended you use a [secret store]({{< ref component-secrets.md >}}) using a `secretKeyRef`
Even though metadata values can contain secrets in plain text, it is recommended you use a [secret store]({{< ref component-secrets.md >}}) using a `secretKeyRef`.
Visit [this guide]({{< ref "howto-publish-subscribe.md#step-2-publish-a-topic" >}}) for instructions on configuring and using pub/sub components.

View File

@ -30,7 +30,7 @@ spec:
```
The type of database is determined by the `type` field, and things like connection strings and other metadata are put in the `.metadata` section.
Even though you can put plain text secrets in there, it is recommended you use a [secret store]({{< ref component-secrets.md >}}).
Even though metadata values can contain secrets in plain text, it is recommended you use a [secret store]({{< ref component-secrets.md >}}).
Visit [this guide]({{< ref "howto-get-save-state.md#step-1-setup-a-state-store" >}}) on how to configure a state store component.