include ${NGX_CONF_DIR}/common-includes/server_filters;
include ${NGX_CONF_DIR}/components/${NGX_COMP_DIR_NAME}/ssl_config;
include ${NGX_CONF_DIR}/components/${NGX_COMP_DIR_NAME}/proxy_headers;
include ${NGX_CONF_DIR}/components/${NGX_COMP_DIR_NAME}/config_override;

location /security {
    proxy_pass $scheme://$backend;

    proxy_no_cache 1;
    proxy_cache_bypass 1;

}

location /socket.io {

    # Allow only those connections which are made by clients from which users are already authenticated.
    rewrite_by_lua_file /usr/local/openresty/nginx/lua/authorize_ws.lua;

    # Set backend server where to route all the requests
    proxy_pass $scheme://$backend;
    proxy_http_version 1.1;

    # Required headers for a socket.io connection
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
}

location ~ ^/internaloptions/(.*)$ {
	internal;
	rewrite ^/internaloptions(?<realurl>/.*)$ $realurl break;
  	access_by_lua_file /usr/local/openresty/nginx/lua/checkcorsheaders.lua;
	proxy_pass $scheme://$backend;
	body_filter_by_lua_file  /usr/local/openresty/nginx/lua/cacheoptionsrequests.lua;
}

location / {
	deny all;
    # 421 Misdirected Request
	return 421;
}
