Can caddy v2 be made to operate as an API proxy that behaves so:
- clients can present an API key, say
APIKey1
- different from the API key (APIKey2
) that an upstream API service (RealService
) expects. - It’s caddy (or a plugin) that rewrites
a.APIKey1
→APIKey2
, transparently so thatRealService
doesn’t seeAPIKey1
(which it will reject) butAPIKey2
b. the URL for the client request to map toRealService
, transparently
c. It would be awesome if we can rewrite anAPIKey1
that’s in the Authorization header toAPIKey2
in a query parameter or combinations thereof
Order of priority:
i. rewrite API keys and endpoint (API proxy)
ii. cache responses (cache)
iii. persist these cached responses so that caddy can be restarted/another instance started and have the cached responses apply (potentially: souin/plugins/caddy at master · darkweak/souin · GitHub)
The usecases are:
I have a webapp that needs access to a paid RealService
- where each API call is expensive but doesn’t change over time - think of a stock ticker service.
If I code in the API Key (APIKey2
) for RealService
into my webapp, then any user of the webapp can trivially gain access to APIKey2
and make calls to RealService
directly, leaving me paying for those charges.
This is why I would like to rewrite APIKey1
→ APIKey2
, where I issue the APIKey1
and have them map to APIKey2
in my pipeline.
Also, since the response doesn’t change over time, I would further like to cache responses from RealService
(and persist them for future use) - but priority is rewriting API keys first (over caching).