Send request body to authorization server for forward auth
This commit is contained in:
kyosuke
GitHub
parent
b1934231ca
commit
26738cbf93
20 changed files with 411 additions and 38 deletions
|
|
@ -1,6 +1,7 @@
|
|||
package auth
|
||||
|
||||
import (
|
||||
"bytes"
|
||||
"context"
|
||||
"fmt"
|
||||
"io"
|
||||
|
|
@ -112,6 +113,154 @@ func TestForwardAuthSuccess(t *testing.T) {
|
|||
assert.Equal(t, "traefik\n", string(body))
|
||||
}
|
||||
|
||||
func TestForwardAuthForwardBody(t *testing.T) {
|
||||
data := []byte("forwardBodyTest")
|
||||
|
||||
var serverCallCount int
|
||||
server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
serverCallCount++
|
||||
|
||||
forwardedData, err := io.ReadAll(req.Body)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, data, forwardedData)
|
||||
}))
|
||||
t.Cleanup(server.Close)
|
||||
|
||||
var nextCallCount int
|
||||
next := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
nextCallCount++
|
||||
})
|
||||
|
||||
maxBodySize := int64(len(data))
|
||||
auth := dynamic.ForwardAuth{Address: server.URL, ForwardBody: true, MaxBodySize: &maxBodySize}
|
||||
|
||||
middleware, err := NewForward(context.Background(), next, auth, "authTest")
|
||||
require.NoError(t, err)
|
||||
|
||||
ts := httptest.NewServer(middleware)
|
||||
t.Cleanup(ts.Close)
|
||||
|
||||
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, bytes.NewReader(data))
|
||||
|
||||
res, err := http.DefaultClient.Do(req)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, http.StatusOK, res.StatusCode)
|
||||
assert.Equal(t, 1, serverCallCount)
|
||||
assert.Equal(t, 1, nextCallCount)
|
||||
}
|
||||
|
||||
func TestForwardAuthForwardBodyEmptyBody(t *testing.T) {
|
||||
var serverCallCount int
|
||||
server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
serverCallCount++
|
||||
|
||||
forwardedData, err := io.ReadAll(req.Body)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Empty(t, forwardedData)
|
||||
}))
|
||||
t.Cleanup(server.Close)
|
||||
|
||||
var nextCallCount int
|
||||
next := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
nextCallCount++
|
||||
})
|
||||
|
||||
auth := dynamic.ForwardAuth{Address: server.URL, ForwardBody: true}
|
||||
|
||||
middleware, err := NewForward(context.Background(), next, auth, "authTest")
|
||||
require.NoError(t, err)
|
||||
|
||||
ts := httptest.NewServer(middleware)
|
||||
t.Cleanup(ts.Close)
|
||||
|
||||
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, http.NoBody)
|
||||
|
||||
res, err := http.DefaultClient.Do(req)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, http.StatusOK, res.StatusCode)
|
||||
assert.Equal(t, 1, serverCallCount)
|
||||
assert.Equal(t, 1, nextCallCount)
|
||||
}
|
||||
|
||||
func TestForwardAuthForwardBodySizeLimit(t *testing.T) {
|
||||
data := []byte("forwardBodyTest")
|
||||
|
||||
var serverCallCount int
|
||||
server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
serverCallCount++
|
||||
|
||||
forwardedData, err := io.ReadAll(req.Body)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, data, forwardedData)
|
||||
}))
|
||||
t.Cleanup(server.Close)
|
||||
|
||||
var nextCallCount int
|
||||
next := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
nextCallCount++
|
||||
})
|
||||
|
||||
maxBodySize := int64(len(data)) - 1
|
||||
auth := dynamic.ForwardAuth{Address: server.URL, ForwardBody: true, MaxBodySize: &maxBodySize}
|
||||
|
||||
middleware, err := NewForward(context.Background(), next, auth, "authTest")
|
||||
require.NoError(t, err)
|
||||
|
||||
ts := httptest.NewServer(middleware)
|
||||
t.Cleanup(ts.Close)
|
||||
|
||||
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, bytes.NewReader(data))
|
||||
|
||||
res, err := http.DefaultClient.Do(req)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, http.StatusUnauthorized, res.StatusCode)
|
||||
assert.Equal(t, 0, serverCallCount)
|
||||
assert.Equal(t, 0, nextCallCount)
|
||||
}
|
||||
|
||||
func TestForwardAuthNotForwardBody(t *testing.T) {
|
||||
data := []byte("forwardBodyTest")
|
||||
|
||||
var serverCallCount int
|
||||
server := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
serverCallCount++
|
||||
|
||||
forwardedData, err := io.ReadAll(req.Body)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Empty(t, forwardedData)
|
||||
}))
|
||||
t.Cleanup(server.Close)
|
||||
|
||||
var nextCallCount int
|
||||
next := http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
nextCallCount++
|
||||
})
|
||||
|
||||
auth := dynamic.ForwardAuth{Address: server.URL}
|
||||
|
||||
middleware, err := NewForward(context.Background(), next, auth, "authTest")
|
||||
require.NoError(t, err)
|
||||
|
||||
ts := httptest.NewServer(middleware)
|
||||
t.Cleanup(ts.Close)
|
||||
|
||||
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, bytes.NewReader(data))
|
||||
|
||||
res, err := http.DefaultClient.Do(req)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, http.StatusOK, res.StatusCode)
|
||||
assert.Equal(t, 1, serverCallCount)
|
||||
assert.Equal(t, 1, nextCallCount)
|
||||
}
|
||||
|
||||
func TestForwardAuthRedirect(t *testing.T) {
|
||||
authTs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
http.Redirect(w, r, "http://example.com/redirect-test", http.StatusFound)
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue