From 530057c23a803ec2e4f05ed8b511c2f8f986ea4a Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Thu, 15 Nov 2018 10:46:46 +0100
Subject: [PATCH 1/8] fix plugin name kong-http-to-https-redirect

---
 README.md       | 2 +-
 src/handler.lua | 2 +-
 2 files changed, 2 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index db30c55..ffb0079 100644
--- a/README.md
+++ b/README.md
@@ -13,7 +13,7 @@ Then in the kong.yml add
 
 ```
 custom_plugins:
-  - http-to-https-redirect
+  - kong-http-to-https-redirect
 ```
 
 Run kong reload or start and add the plugin as normal.
diff --git a/src/handler.lua b/src/handler.lua
index 9b73df5..9cfa3b1 100644
--- a/src/handler.lua
+++ b/src/handler.lua
@@ -4,7 +4,7 @@ local responses = require "kong.tools.responses"
 local HttpFilterHandler = BasePlugin:extend()
 
 function HttpFilterHandler:new()
-  HttpFilterHandler.super.new(self, "http-to-https-redirect")
+  HttpFilterHandler.super.new(self, "kong-http-to-https-redirect")
 end
 
 function HttpFilterHandler:access(conf)

From 32d3825b953f2e592f6a78d254e615a4ab2286ac Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Thu, 15 Nov 2018 10:47:05 +0100
Subject: [PATCH 2/8] add config parameter exclude_uri_pattern

---
 src/handler.lua | 5 ++++-
 src/schema.lua  | 1 +
 2 files changed, 5 insertions(+), 1 deletion(-)

diff --git a/src/handler.lua b/src/handler.lua
index 9cfa3b1..b3937ac 100644
--- a/src/handler.lua
+++ b/src/handler.lua
@@ -11,7 +11,10 @@ function HttpFilterHandler:access(conf)
   HttpFilterHandler.super.access(self)
 
   if ngx.var.https ~= "on" then
-    return ngx.redirect("https://" .. ngx.var.host .. ngx.var.request_uri, ngx.HTTP_MOVED_PERMANENTLY) 
+    local matches_exclude_pattern = conf.exclude_uri_pattern and string.find(ngx.var.request_uri, conf.exclude_uri_pattern)
+    if not matches_exclude_pattern then
+      return ngx.redirect("https://" .. ngx.var.host .. ngx.var.request_uri, ngx.HTTP_MOVED_PERMANENTLY)
+    end
   end  
 end
 
diff --git a/src/schema.lua b/src/schema.lua
index ff2ee2c..0503ceb 100644
--- a/src/schema.lua
+++ b/src/schema.lua
@@ -1,5 +1,6 @@
 return {
   no_consumer = true,
   fields = {
+    exclude_uri_pattern = {type = "string", required = false}
   }
 }

From 9d24102d1f89a68abeb0032632e774f09ace94f5 Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Thu, 15 Nov 2018 10:58:46 +0100
Subject: [PATCH 3/8] add exclude_uri_pattern to Readme.md

---
 README.md | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/README.md b/README.md
index ffb0079..dc6e154 100644
--- a/README.md
+++ b/README.md
@@ -22,7 +22,12 @@ Run kong reload or start and add the plugin as normal.
 We recommend using [kong-docker by dojot](https://github.com/dojot/kong). Copy this repo into the plugins directory of that project and build a custom docker image.
 
 ## Configuration
-As yet, we've had no need for any configuration. Raise an issue if there's anything you'd like to see.
+
+* `exclude_uri_pattern`: 
+    When this value is empty, then a redirect is done in every HTTP (not HTTPS) request.
+    When it is set, then the redirect to https is only done when the called URI doesn't match to the Lua pattern in `exclude_uri_pattern`.
+
+Raise an issue if there's anything more you'd like to see.
 
 ## Misc
 

From 1d4a57ea08cdb993090170f7b8136f6b4738a4a7 Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Thu, 15 Nov 2018 11:20:42 +0100
Subject: [PATCH 4/8] update the plugin's priority

handle redirect after ip-restriction, bot-detection, cors - but before jwt and other authentication plugins
---
 src/handler.lua | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/src/handler.lua b/src/handler.lua
index b3937ac..5eb06e1 100644
--- a/src/handler.lua
+++ b/src/handler.lua
@@ -3,6 +3,10 @@ local responses = require "kong.tools.responses"
 
 local HttpFilterHandler = BasePlugin:extend()
 
+-- handle redirect after ip-restriction, bot-detection, cors - but before jwt and other authentication plugins
+-- see https://docs.konghq.com/0.14.x/plugin-development/custom-logic/
+HttpFilterHandler.PRIORITY = 1500
+
 function HttpFilterHandler:new()
   HttpFilterHandler.super.new(self, "kong-http-to-https-redirect")
 end

From f8328d697379fbdcb42c0452a909ff5fe8f83392 Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Thu, 15 Nov 2018 11:55:34 +0100
Subject: [PATCH 5/8] add info about plugin prio to Readme.md

---
 README.md | 8 ++++++++
 1 file changed, 8 insertions(+)

diff --git a/README.md b/README.md
index dc6e154..16bc3b3 100644
--- a/README.md
+++ b/README.md
@@ -21,6 +21,14 @@ Run kong reload or start and add the plugin as normal.
 ### Docker installation
 We recommend using [kong-docker by dojot](https://github.com/dojot/kong). Copy this repo into the plugins directory of that project and build a custom docker image.
 
+## Info
+
+This plugins priority is set to 1500.
+So it is handled after ip-restriction, bot-detection, cors - but before jwt and other authentication plugins
+(see last paragraph in [Kongo Plugin Documentation - Custom Logic](https://docs.konghq.com/0.14.x/plugin-development/custom-logic/)).
+
+
+
 ## Configuration
 
 * `exclude_uri_pattern`: 

From 58a8c70da7ec8443b3d0b0b4fec8fb520bb427ad Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Mon, 26 Nov 2018 05:39:41 +0100
Subject: [PATCH 6/8] only redirect if x-forwared-for is not set to https

---
 .gitignore      | 1 +
 src/handler.lua | 2 +-
 2 files changed, 2 insertions(+), 1 deletion(-)

diff --git a/.gitignore b/.gitignore
index 6fd0a37..4c4201d 100644
--- a/.gitignore
+++ b/.gitignore
@@ -39,3 +39,4 @@ luac.out
 *.x86_64
 *.hex
 
+/.idea/
diff --git a/src/handler.lua b/src/handler.lua
index 5eb06e1..1e06a72 100644
--- a/src/handler.lua
+++ b/src/handler.lua
@@ -14,7 +14,7 @@ end
 function HttpFilterHandler:access(conf)
   HttpFilterHandler.super.access(self)
 
-  if ngx.var.https ~= "on" then
+  if ngx.var.https ~= "on" and ngx.var.http_x_forwarded_proto ~= "https" then
     local matches_exclude_pattern = conf.exclude_uri_pattern and string.find(ngx.var.request_uri, conf.exclude_uri_pattern)
     if not matches_exclude_pattern then
       return ngx.redirect("https://" .. ngx.var.host .. ngx.var.request_uri, ngx.HTTP_MOVED_PERMANENTLY)

From f1060f1bab76bd5359c8531c165c4a0a95da4163 Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Thu, 27 Dec 2018 13:42:07 +0100
Subject: [PATCH 7/8] remove reference to deprecated kong.tools.responses

---
 src/handler.lua | 1 -
 1 file changed, 1 deletion(-)

diff --git a/src/handler.lua b/src/handler.lua
index 1e06a72..698afc5 100644
--- a/src/handler.lua
+++ b/src/handler.lua
@@ -1,5 +1,4 @@
 local BasePlugin = require "kong.plugins.base_plugin"
-local responses = require "kong.tools.responses"
 
 local HttpFilterHandler = BasePlugin:extend()
 

From 6c0f5dd97b2b2c6a35d643295b6c92ab2be8389e Mon Sep 17 00:00:00 2001
From: Dirk Steinkopf <dirk@steinkopf.net>
Date: Sun, 21 Jul 2024 09:15:12 +0200
Subject: [PATCH 8/8] migrate to kong 3.4

---
 src/handler.lua | 23 +++++++++--------------
 src/schema.lua  | 29 ++++++++++++++++++++++++++---
 2 files changed, 35 insertions(+), 17 deletions(-)

diff --git a/src/handler.lua b/src/handler.lua
index 698afc5..1758096 100644
--- a/src/handler.lua
+++ b/src/handler.lua
@@ -1,18 +1,13 @@
-local BasePlugin = require "kong.plugins.base_plugin"
+local MyPlugin = {
+  -- handle redirect after ip-restriction, bot-detection, cors - but before jwt and other authentication plugins
+  -- see https://docs.konghq.com/0.14.x/plugin-development/custom-logic/
+  PRIORITY = 1500,
+  VERSION = "1.0",
+}
 
-local HttpFilterHandler = BasePlugin:extend()
-
--- handle redirect after ip-restriction, bot-detection, cors - but before jwt and other authentication plugins
--- see https://docs.konghq.com/0.14.x/plugin-development/custom-logic/
-HttpFilterHandler.PRIORITY = 1500
-
-function HttpFilterHandler:new()
-  HttpFilterHandler.super.new(self, "kong-http-to-https-redirect")
-end
-
-function HttpFilterHandler:access(conf)
-  HttpFilterHandler.super.access(self)
+local kong = kong
 
+function MyPlugin:access(conf)
   if ngx.var.https ~= "on" and ngx.var.http_x_forwarded_proto ~= "https" then
     local matches_exclude_pattern = conf.exclude_uri_pattern and string.find(ngx.var.request_uri, conf.exclude_uri_pattern)
     if not matches_exclude_pattern then
@@ -21,4 +16,4 @@ function HttpFilterHandler:access(conf)
   end  
 end
 
-return HttpFilterHandler
+return MyPlugin
diff --git a/src/schema.lua b/src/schema.lua
index 0503ceb..a44b1f9 100644
--- a/src/schema.lua
+++ b/src/schema.lua
@@ -1,6 +1,29 @@
+-- see https://docs.konghq.com/gateway/3.4.x/plugin-development/configuration/
+-- see https://github.com/Kong/kong-plugin/blob/master/kong/plugins/myplugin/schema.lua
+
+local typedefs = require "kong.db.schema.typedefs"
+
+
 return {
-  no_consumer = true,
+  name = "kong-http-to-https-redirect",
   fields = {
-    exclude_uri_pattern = {type = "string", required = false}
-  }
+    {
+      -- this plugin will only be applied to Services or Routes
+      consumer = typedefs.no_consumer
+    },
+    {
+      -- this plugin will only run within Nginx HTTP module
+      protocols = typedefs.protocols_http
+    },
+    {
+      config = {
+        type = "record",
+        fields = {
+          {
+            exclude_uri_pattern = {type = "string", required = false},
+          },
+        },
+      },
+    },
+  },
 }