Dr. Siddharth Agarwal
Back to Tutorial
1 2 3 4 5 6 7 8

Chapter 04 of 8

Request Middleware

How the Gateway transforms and authenticates incoming requests through the middleware chain.

Middleware Authentication Transformation

🛡️ What is Request Middleware?

Middleware in OpenFaaS Gateway is software that sits between the incoming HTTP request and the final handler, processing requests in a chain-like fashion to add functionality like authentication, logging, and request transformation.

Middleware Characteristics:

  • Executes before and after request processing
  • Can modify requests and responses
  • Provides cross-cutting concerns
  • Executes in a specific order (chain)

🔗 Middleware Pipeline Flow

The middleware pipeline processes requests in a specific sequence, with each middleware component having the opportunity to inspect, modify, or reject the request.

Request Flow Through Middleware:

1.

Request Arrival

HTTP request reaches the Gateway

2.

CORS Middleware

Handles cross-origin requests

3.

Authentication

Validates API keys or tokens

4.

Rate Limiting

Checks request frequency limits

5.

Logging

Records request details

6.

Handler Execution

Request reaches the final handler

🔐 Authentication Middleware

The authentication middleware is responsible for validating the identity of clients making requests to the OpenFaaS Gateway.

API Key Authentication

Validates API keys from request headers or query parameters. Supports multiple key formats and validation strategies.

JWT Token Validation

Validates JSON Web Tokens for more sophisticated authentication scenarios with expiration and claims validation.

Basic Authentication

Supports HTTP Basic Authentication for simple username/password scenarios.

OAuth Integration

Integrates with OAuth providers for enterprise authentication scenarios.

🔄 Request Transformation

Middleware can transform incoming requests to add additional context, modify headers, or prepare the request for processing.

Common Transformations:

Header Addition

Adds request ID, timestamp, or user context

Request Enrichment

Adds metadata from authentication or logging

Content Modification

Transforms request body or query parameters

Context Injection

Injects request context for downstream handlers

💻 Middleware Implementation Example

Here's how middleware is implemented in the OpenFaaS Gateway codebase.

// Middleware chain setup
func setupMiddleware(router *mux.Router) {

// CORS middleware
router.Use(middleware.CORS())

// Authentication middleware
router.Use(middleware.Auth())

// Rate limiting
router.Use(middleware.RateLimit())

// Request logging
router.Use(middleware.Logging())
}

// Custom middleware example
func AuthMiddleware(next http.Handler) http.Handler {
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
// Validate API key
if !validateAPIKey(r) {
http.Error(w, "Unauthorized", http.StatusUnauthorized)
return
}
// Continue to next handler
next.ServeHTTP(w, r)
})
}

🔒 Security Features

The middleware layer provides essential security features to protect the OpenFaaS Gateway from various types of attacks and abuse.

Rate Limiting

Prevents abuse by limiting the number of requests from a single client within a time window.

Input Validation

Validates and sanitizes input to prevent injection attacks and malformed requests.

CORS Protection

Controls which domains can access the API to prevent unauthorized cross-origin requests.

Request Logging

Logs all requests for security auditing and monitoring suspicious activity.

➡️ What's Next?

Now that you understand how requests are processed through middleware, let's explore how functions are invoked synchronously and asynchronously.

🚀 Continue to Chapter 5: Request Handling