A set of middleware plugins / libraries build on Pangea to add pangea security to the most popular API frameworks and API gateways thus acting as a drop-in centralized security solution.
- Docker with Docker compose
- Visit Pangea.cloud and get Pangea IP Intel token and pangea domain
- Clone the repo
git clone https://github.com/godwinpinto/pangea-connect.git
cd pangea-connect
- Setup the environment (rename example.env to .env) file in the root directory with the values from step 1
- Use docker compose with folder name to run the respective solution
docker compose up redis httpbin <folder_name>
# Test for a service which is malicous. Fire 2-3 times before getting forbidden
curl --location --request GET 'http://localhost:8080/get' \
--header 'X-Forwarded-For: 190.28.74.251' \
--header 'Content-Type: application/json'
# Test for a service which is regular. Fire 2-3 times to verify, should always result in success response
curl --location --request GET 'http://localhost:8080/get' \
--header 'X-Forwarded-For: 190.28.74.252' \
--header 'Content-Type: application/json'
Note on testing: Kong works on Port 8000
Below is the roadmap for Connect's collection with Pangea services
Note: An improved approach could also be to publish the plugins on central packaged registeries for Teams adopting as is usage. IP Intel service = IP Reputation
Framework | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
gin gonic | ✓ | ✗ | ✗ | ✗ |
fiber | ✓ | ✗ | ✗ | ✗ |
echo | ✗ | ✗ | ✗ | ✗ |
chi | ✗ | ✗ | ✗ | ✗ |
Framework | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
Spring boot | ✓ | ✗ | ✗ | ✗ |
Spring webflux | ✓ | ✗ | ✗ | ✗ |
Quarkus | ✗ | ✗ | ✗ | ✗ |
Quarkus Reactive | ✓ | ✗ | ✗ | ✗ |
Vertx | ✗ | ✗ | ✗ | ✗ |
Micronaut | ✗ | ✗ | ✗ | ✗ |
Framework | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
Express.js | ✓ | ✗ | ✗ | ✗ |
NestJS | ✗ | ✗ | ✗ | ✗ |
Fastify | ✗ | ✗ | ✗ | ✗ |
Framework | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
Actix-web | ✗ | ✗ | ✗ | ✗ |
Axum | ✗ | ✗ | ✗ | ✗ |
Framework | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
Django | ✗ | ✗ | ✗ | ✗ |
Flask | ✗ | ✗ | ✗ | ✗ |
Fast API | ✗ | ✗ | ✗ | ✗ |
Platform | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
Kong | ✓ | ✗ | ✗ | ✗ |
Krakend | ✓ | ✗ | ✗ | ✗ |
Spring Cloud | ✓ | ✗ | ✗ | ✗ |
Tyk | ✗ | ✗ | ✗ | ✗ |
Traefik | ✗ | ✗ | ✗ | ✗ |
Gravitee | ✗ | ✗ | ✗ | ✗ |
Apache APISix | ✗ | ✗ | ✗ | ✗ |
Apigee | ✗ | ✗ | ✗ | ✗ |
Platform | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
Nginx | ✗ | ✗ | ✗ | ✗ |
Platform | IP Intel | Secure Audit Log | Embargo | File Intel |
---|---|---|---|---|
Nginx | ✗ | ✗ | ✗ | ✗ |
- Revisiting the solution by comparing other middleware / plugin (doing it right) for each platform / framework
- Unit Tests, Performance Test, etc
- Basic development hygience (code comments, code analysis)
- CI pipelines
- Extending Connect to other Pangea services that can be centralized and easy to configure