glare/etc/glare-paste.ini

# Use this pipeline for trusted auth - DEFAULT
# Auth token has format user:tenant:roles
[pipeline:glare-api]
pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler trustedauth glarev1api

# Use this pipeline for keystone auth
[pipeline:glare-api-keystone]
pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler authtoken context glarev1api

# Use this pipeline for Keycloak auth
[pipeline:glare-api-keycloak]
pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler keycloak context glarev1api

# Use this pipeline when you want to specify context params manually
[pipeline:glare-api-noauth]
pipeline = cors faultwrapper healthcheck http_proxy_to_wsgi versionnegotiation osprofiler context glarev1api

[app:glarev1api]
paste.app_factory = glare.api.v1.router:API.factory

[filter:healthcheck]
paste.filter_factory = oslo_middleware:Healthcheck.factory
backends = disable_by_file
disable_by_file_path = /etc/glare/healthcheck_disable

[filter:versionnegotiation]
paste.filter_factory = glare.api.middleware.version_negotiation:GlareVersionNegotiationFilter.factory

[filter:faultwrapper]
paste.filter_factory = glare.api.middleware.fault:GlareFaultWrapperFilter.factory

[filter:context]
paste.filter_factory = glare.api.middleware.context:ContextMiddleware.factory

[filter:trustedauth]
paste.filter_factory = glare.api.middleware.context:TrustedAuthMiddleware.factory

[filter:authtoken]
paste.filter_factory = keystonemiddleware.auth_token:filter_factory
delay_auth_decision = true

[filter:keycloak]
paste.filter_factory = glare.api.middleware.keycloak_auth:KeycloakAuthMiddleware.factory

[filter:osprofiler]
paste.filter_factory = osprofiler.web:WsgiMiddleware.factory

[filter:cors]
use = egg:oslo.middleware#cors
oslo_config_project = glare

[filter:http_proxy_to_wsgi]
paste.filter_factory = oslo_middleware:HTTPProxyToWSGI.factory