policyDefinitions:
  cors:
    origin: "/\\.example2\\.com$/"
    methods:
      - "GET"
      - "POST"
    allowedHeaders:
      - "test-header"
      - "another-header"
  rateLimit:
    rateLimitBy: "ip"
    standardHeaders: "draft-6"
  apiKey:
    hashes:
      - "20ccb72ebb7ef6911958d8b22ab97821a15ae30fb9dd31c548a3184c06fc80c8"
      - "b0fdc387a13a5ddd925214aac77a157ed5cf1cf8ebaca3cb056703b1af2b5891"

endpoints:
  - path: "/todos"
    target:
      url: "${TARGET_URL}/todos"
    response:
      headers:
        test-header: "test"
    policies:
      - rateLimit
      - cors
  - path: "/short"
    target:
      url: "https://shorturl.at/acS78"
    response:
      headers:
        test-header: "test"
    policies:
      - rateLimit
  - path: "/giphy/trending"
    target:
      url: "https://api.giphy.com/v1/gifs/trending"
    request:
      query:
        api_key: "${GIPHY_API_KEY}"
        limit: "1"
    policies:
      - cors
      - rateLimit
  - path: "/spotify/artist"
    target:
      url: "https://api.spotify.com/v1/artists/4Z8W4fKeB5YxbusRsdQVPb"
    request:
      headers:
        Authorization: "Bearer ${SPOTIFY_TOKEN}"