Documentation

Middle Man: API facilitator

The MiM service will negotiate the communication to a remote resource (remote resource here is a resource accessible from the network. It could be internal resource which will need a secured tunnel or a direct exposed resource to internet).

For instance you will be able to query a database via HTTP, or even to consult an IMAP server. It is even possible to execute shell commands using the SSH protocol.

Basically, the Middle Man is able to call a remote service and to restore the result as is or modified.

How it works

To define a MiM you will have to fulfill 3 steps:

Definition: To specify how to contact the remote resource (url, credentials, SSH Tunnel ...). Possibly describe also the queries if the resource is a database.

Authorization: To create a right policy which will be apply to each call of the MiM.

Transformation: To manipulate the data (payload and/or header) of the response of the MiM.

Protocols

MiM can currently handle the following protocols:

  • http / https
  • mongodb
  • mysql
  • pop3 / pop3s and imap / imaps
  • ssh
  • Yours is missing? contact us

Inputs

Dashboard (member homepage)
Header buttons
Create a new user associated to your account. Note that this button may be inactive if your account already contains the maximum of users.
Create a new MiM. This is where all begins. Note that this button may be inactive if your account already contains the maximum of MiM.
View the MiM report. Once your MiM is in LIVE, you will have a new entry if this report every time the MiM is called. The report will contains information about the MiM transaction, as duration, url, IP...
Redirection to the contact page.
Log out the user.
MiM list buttons
Edit the configuration of the MiM. The version is automatically increased every time the MiM is put in LIVE. Changing a MiM configuration will not affect the LIVE MiM.
A MiM in LIVE will be accessible from external, through it's url which is mainly hosted in zzm.im domain name. You can find this url n the list of MiM.
Remove the MiM from LIVE, the MiM will not be anymore exposed to the internet.
Update the LIVE version with the current development version.
MiM edition
Redirection to the homepage (dashboard).
Save the MiM configuration. You have to save every changes before test them. Saving the MiM will not affect the MiM in LIVE.
MiM Definition
Name MiM's name: it appears in the report and in the list of MiM in the dashboard.
Target URL The URL of the remote resource.
MiM Uri The URI to access the MiM (ie: if you set foo, the MiM will be accessible via https://mut.zzm.im/foo)
Queries manage allows to define one query to one HTTP verb (such GET, PUT or POST). It is where you will associate the orders to your means. In other word, the GET (for instance) could be translate to a query in a database (for instance) and the result of this query will be forwarded as a HTTP response.
This is where you can configure your SSH Tunnel. The simplest way to use a SSH Tunnel is to copy the public SSH Izzyway's key to your SSH server (it's a SSH standard procedure). Note that this configuration will only be take into account if the checkbox SSH Tunnel is checked in the configuration of your MiM.
Authentication - None No authentication will be used to call the remote resource.
Authentication - Login Password A login/password will be added in the request header (Basic authentication) or the credentials will be used to connect to the database or ssh server.
Authentication - Token in query string The token will be added to the query string of the call to the remote resource.
Authentication - Token in header The header will be added to the request used to call the remote resource.
Authentication - SSH Tunnel Checked, the SSH Tunnel configuration will be used.
Authentication - Input/Login Login or query string name or token name.
Authentication - Password/Value Password or query string value or token value.
MiM Authentication
None The MiM will be accessible without any restriction (no right).
Login Password The MiM will be accessible through a login password passed into the authentication header (Authorization: Basic base64(login:password)).
Token in quey string The MiM will be accessible only if the query string contains the specified token.
Token in header The MiM will be accessible only if the request header contains the specified token.
IP restriction The MiM will be accessible only for the given IP.
Only secured connexion Only the secured request (https) will be accepted to access the MiM.
MiM Transformation
All the transformations will be apply in the specified order.
Transformation for the response header ([H]): the CORS header will be added to the response headers, it allows to call the MiM from every where (avoid the cross-domain error).
Transformation for the response content ([B]): Compress the body of the response (gzip compression).
Transformation for the response content ([B]): Transform the body into JSON.
Transformation for the response status code ([S]): The MiM will always responds 200 OK.
Transformation for the response status code ([S]): The MiM will follow the redirection.
Transformation for the request header ([H]): Remove the headers of the request (normally they are forwarded to the remote resource).
Transformation for the request query-string ([Q]): Does not forward the query-string to the remote resource.
Transformation for the request cookie ([C]): Does not forward the request cookie to the remote resource.
Transformation for the request header ([H]): Add a header to the request header.
Transformation for the response status code ([S]): Set the status code of the response.
Transformation for the response body ([B]): replace response body with the extracted data from the Regex.
Transformation for the response body ([B]): keep only a part of the JSON response.

MySQL example

The goal is to create a MySQL API hosted in the server XX.YY.ZZ via a SSH connection

Once clicked on the button , you can follow the steps:

1 Put the database url here. For the example, it's jdbc:mysql://localhost/database_name because the connection will be established from the SSH server (see point 3) which has the database in local.

2Check the login/password option to specify the login password (point 4) of the database.

3Check the SSH Tunnel option to use SSL protocol to connect to the remote server.

4Provide the credentials of the database.

5Click here to configure the SSH Tunnel (see point 10).

6Click here to configure the API verb (see point 8).

7Don't forget to save every step of your MiM.

8Check the HTTP verb you want to handle and associate the MySQL query.

9You can also check the "info" option to have information about the query execution in the API response (such timing or number of row).

10Provide the server address and the user of the SSH server.

11Don't forget to authorized the ssh's user to use the Public MiM key (see the official documentation).

After all these steps you will be able to test your MiM with the TESTER. You can also transform the result if needed and of course you can add a rights policy to restrict the access of the MiM.

Once you are satisfied, the MiM can be This action is available from the dashboard (the first page just after the connection).