feat: add middleware comp proper registrations (#3956)

Signed-off-by: Samantha Coyle <[email protected]>

Author: sicoyle

middleware/http/bearer/metadata.yaml

@@ -0,0 +1,29 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: bearer
+version: v1
+status: stable
+title: "Bearer Token Authentication"
+description: |
+  The Bearer middleware provides JWT token authentication for HTTP requests.
+  It validates Bearer tokens in the Authorization header and can extract claims for downstream processing.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-bearer/
+metadata:
+  - name: jwksURL
+    type: string
+    required: true
+    description: "The URL of the JSON Web Key Set (JWKS) endpoint"
+    example: "https://accounts.google.com/.well-known/jwks.json"
+  - name: issuer
+    type: string
+    required: true
+    description: "The expected issuer of the JWT tokens"
+    example: "https://accounts.google.com"
+  - name: audience
+    type: string
+    required: true
+    description: "The expected audience of the JWT tokens"
+    example: "my-app"

middleware/http/oauth2/metadata.yaml

@@ -0,0 +1,66 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: oauth2
+version: v1
+status: alpha
+title: "OAuth2 Authentication"
+description: |
+  The OAuth2 middleware provides OAuth2 authentication for HTTP requests.
+  It handles OAuth2 flows and token validation for securing API endpoints.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-oauth2/
+authenticationProfiles:
+  - title: "OAuth2 Authentication"
+    description: "Configure OAuth2 authentication with any OAuth2 provider"
+    metadata:
+      - name: clientID
+        type: string
+        required: true
+        description: "The OAuth2 client ID from your OAuth2 provider"
+        example: "client-id"
+      - name: clientSecret
+        type: string
+        required: true
+        description: "The OAuth2 client secret from your OAuth2 provider"
+        sensitive: true
+        example: "client-secret"
+      - name: authURL
+        type: string
+        required: true
+        description: "The OAuth2 authorization URL from your provider"
+        example: "https://accounts.google.com/o/oauth2/v2/auth"
+      - name: tokenURL
+        type: string
+        required: true
+        description: "The OAuth2 token URL from your provider"
+        example: "https://oauth2.googleapis.com/token"
+      - name: scopes
+        type: string
+        required: false
+        description: "OAuth2 scopes to request from your provider"
+        example: "openid profile email"
+metadata:
+  - name: redirectURL
+    type: string
+    required: false
+    description: "The OAuth2 redirect URL for your application"
+    example: "http://localhost:8080/callback"
+  - name: authHeaderName
+    type: string
+    required: false
+    description: "The name of the authorization header to use"
+    example: "Authorization"
+    default: "Authorization"
+  - name: forceHTTPS
+    type: string
+    required: false
+    description: "Whether to force HTTPS for the redirect URL"
+    example: "true"
+    default: "false"
+  - name: pathFilter
+    type: string
+    required: false
+    description: "Regular expression to filter which paths require authentication"
+    example: "^/api/.*"

middleware/http/oauth2clientcredentials/metadata.yaml

@@ -0,0 +1,64 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: oauth2clientcredentials
+version: v1
+status: alpha
+title: "OAuth2 Client Credentials"
+description: |
+  The OAuth2 Client Credentials middleware provides OAuth2 client credentials flow authentication.
+  It handles machine-to-machine authentication using client credentials.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/oauth2clientcredentials/
+authenticationProfiles:
+  - title: "OAuth2 Client Credentials"
+    description: "Configure OAuth2 client credentials authentication with any OAuth2 provider"
+    metadata:
+      - name: clientID
+        type: string
+        required: true
+        description: "The client ID of your application that is created as part of a credential hosted by a OAuth-enabled platform"
+        example: "client-id"
+      - name: clientSecret
+        type: string
+        required: true
+        description: "The client secret of your application that is created as part of a credential hosted by a OAuth-enabled platform"
+        sensitive: true
+        example: "client-secret"
+      - name: scopes
+        type: string
+        required: false
+        description: "A list of space-delimited, case-sensitive strings of scopes which are typically used for authorization in the application"
+        example: "https://www.googleapis.com/auth/userinfo.email"
+      - name: tokenURL
+        type: string
+        required: true
+        description: "The endpoint is used by the client to obtain an access token by presenting its authorization grant or refresh token"
+        example: "https://accounts.google.com/o/oauth2/token"
+metadata:
+  - name: pathFilter
+    type: string
+    required: false
+    description: "Regular expression to filter which paths require authentication"
+    example: "^/api/.*"
+  - name: headerName
+    type: string
+    required: true
+    description: "The authorization header name to forward to your application"
+    example: "authorization"
+  - name: endpointParamsQuery
+    type: string
+    required: false
+    description: "Specifies additional parameters for requests to the token endpoint"
+    example: "param1=value1&param2=value2"
+  - name: authStyle
+    type: integer
+    required: false
+    description: "Optionally specifies how the endpoint wants the client ID & client secret sent. 0: Auto-detect (tries both ways and caches the successful way), 1: Sends client_id and client_secret in POST body as application/x-www-form-urlencoded parameters, 2: Sends client_id and client_secret using HTTP Basic Authorization"
+    example: 0
+    default: 0
+    allowedValues:
+      - 0
+      - 1
+      - 2

middleware/http/opa/metadata.yaml

@@ -0,0 +1,34 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: opa
+version: v1
+status: alpha
+title: "Open Policy Agent (OPA)"
+description: |
+  The OPA middleware allows you to enforce policies on HTTP requests using Open Policy Agent (OPA) Rego policies.
+  It evaluates incoming requests against your Rego policies and can allow, deny, or modify requests based on the policy results.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-opa/
+metadata:
+  - name: rego
+    type: string
+    required: true
+    description: "The Rego policy code that will be evaluated for each request. The policy package must be http and the policy must set data.http.allow"
+  - name: defaultStatus
+    type: number
+    required: false
+    description: "The status code to return for denied responses"
+    example: 403
+    default: 403
+  - name: includedHeaders
+    type: string
+    required: false
+    description: "Comma-separated set of case-insensitive headers to include in the request input. Request headers are not passed to the policy by default. Include to receive incoming request headers in the input"
+    example: "x-my-custom-header, x-jwt-header"
+  - name: readBody
+    type: string
+    required: false
+    description: "Controls whether the middleware reads the entire request body in-memory and make it available for policy decisions"
+    example: false

middleware/http/ratelimit/metadata.yaml

@@ -0,0 +1,19 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: ratelimit
+version: v1
+status: stable
+title: "Rate Limiting"
+description: |
+  The Rate Limiting middleware provides request rate limiting functionality.
+  It can limit requests based on various criteria like IP address, user, or custom keys.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-rate-limit/
+metadata:
+  - name: maxRequestsPerSecond
+    type: integer
+    required: true
+    description: "Maximum number of requests allowed per second"
+    example: 100

middleware/http/routerchecker/metadata.yaml

@@ -0,0 +1,18 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: routerchecker
+version: v1
+status: alpha
+title: "Router Checker"
+description: |
+  The RouterChecker HTTP middleware component leverages regexp to check the validity of HTTP request routing to prevent invalid routers from entering the Dapr cluster. In turn, the RouterChecker component filters out bad requests and reduces noise in the telemetry and log data.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-routerchecker/
+metadata:
+  - name: rule
+    type: string
+    required: true
+    description: "Regular expression to filter which paths are allowed"
+    example: "^[A-Za-z0-9/._-]+$"

middleware/http/sentinel/metadata.yaml

@@ -0,0 +1,90 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: sentinel
+version: v1
+status: alpha
+title: "Sentinel"
+description: |
+  Use Sentinel middleware to guarantee the reliability and resiliency of your application.
+  Sentinel is a powerful fault-tolerance component that takes "flow" as the breakthrough point and covers multiple fields including flow control, traffic shaping, concurrency limiting, circuit breaking, and adaptive system protection to guarantee the reliability and resiliency of microservices.
+  
+  The Sentinel HTTP middleware enables Dapr to facilitate Sentinel's powerful abilities to protect your application. You can refer to Sentinel Wiki for more details on Sentinel.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-sentinel/
+metadata:
+  - name: appName
+    type: string
+    required: true
+    description: "The application name for Sentinel"
+    example: "nodeapp"
+  - name: logDir
+    type: string
+    required: false
+    description: "Directory for Sentinel log files"
+    example: "/var/tmp"
+  - name: flowRules
+    type: string
+    required: false
+    description: "JSON array of flow control rules to limit request rate"
+    example: |
+      [
+        {
+          "resource": "POST:/v1.0/invoke/nodeapp/method/neworder",
+          "threshold": 10,
+          "tokenCalculateStrategy": 0,
+          "controlBehavior": 0
+        }
+      ]
+  - name: circuitBreakerRules
+    type: string
+    required: false
+    description: "JSON array of circuit breaker rules to handle failures"
+    example: |
+      [
+        {
+          "resource": "POST:/v1.0/invoke/nodeapp/method/neworder",
+          "minRequestAmount": 5,
+          "statIntervalMs": 1000,
+          "maxAllowedRtMs": 50,
+          "maxSlowRequestRatio": 0.5
+        }
+      ]
+  - name: hotSpotParamRules
+    type: string
+    required: false
+    description: "JSON array of hotspot parameter rules for parameter-based flow control"
+    example: |
+      [
+        {
+          "resource": "POST:/v1.0/invoke/nodeapp/method/neworder",
+          "paramIdx": 0,
+          "threshold": 10,
+          "maxQueueingTimeMs": 500
+        }
+      ]
+  - name: isolationRules
+    type: string
+    required: false
+    description: "JSON array of isolation rules for thread pool isolation"
+    example: |
+      [
+        {
+          "resource": "POST:/v1.0/invoke/nodeapp/method/neworder",
+          "maxConcurrency": 10,
+          "maxQueueingTimeMs": 500
+        }
+      ]
+  - name: systemRules
+    type: string
+    required: false
+    description: "JSON array of system protection rules for overall system protection"
+    example: |
+      [
+        {
+          "avgRt": 50,
+          "maxThread": 10,
+          "qps": 20
+        }
+      ]

middleware/http/wasm/metadata.yaml

@@ -0,0 +1,27 @@
+# yaml-language-server: $schema=../../../component-metadata-schema.json
+schemaVersion: v1
+type: middleware
+name: wasm
+version: v1
+status: alpha
+title: "WebAssembly (WASM)"
+description: |
+  The WebAssembly middleware allows you to run custom logic written in WASM.
+  It can execute WASM modules to process HTTP requests and responses.
+urls:
+  - title: Reference
+    url: https://docs.dapr.io/reference/components-reference/supported-middleware/middleware-wasm/
+metadata:
+  - name: url
+    type: string
+    required: true
+    description: "URL of the WASM module"
+    example: "https://example.com/middleware.wasm"
+  - name: guestConfig
+    required: false
+    description: "Configuration object passed to the WASM module"
+    example: |
+      {
+        "timeout": "5s",
+        "maxMemory": "10MB"
+      }