API Signing Proxy

About

API signing proxy is a module that accepts HTTP requests without authorization headers and redirects every request to the specified API URL appending authorization header with a digital signature.

Requirements

Hardware Requirements

• RAM 2 GB
• CPU 2 core 2Ghz
• Storage: 8 GB

System Requirements:

• Any actual Linux distro
• Docker
• Access to the Internet

Launch steps

Generate keys:

sudo mkdir -p /srv/api-proxy
sudo openssl ecparam -name prime256v1 -genkey -out /srv/api-proxy/private.pem
sudo openssl ec -in /srv/api-proxy/private.pem -pubout -out /srv/api-proxy/public.pem

Request Merchant ID from the vendor and send the public.pem file to the vendor.

For example Merchant ID = 723

Launch docker container with proxy listening on 8888 port:

sudo docker run -d --rm -p 8888:80 \
  -e ASPNETCORE_PROXY__APIURL=https://merchant.s1mpl.com/api/external/v1 \
  -e ASPNETCORE_PROXY__SERVICE=merchants/723 \
  -e ASPNETCORE_PROXY__KEYPATH=/private.pem \
  -v /srv/api-proxy/private.pem:/private.pem \
  public.ecr.aws/luxena/api-signing-proxy:2021-10-20.1

For example the server where proxy is launched has IP address 10.0.0.1, the every request to http://10.0.0.1:8888 will be redirected to https://merchant.s1mpl.com/api/external/v1 with authorization digital signature appended.