Add option to preserve request method in forwardAuth
This commit is contained in:
parent
2b6a04bc1d
commit
2afa03b55c
15 changed files with 139 additions and 5 deletions
|
@ -57,6 +57,7 @@ type forwardAuth struct {
|
|||
forwardBody bool
|
||||
maxBodySize int64
|
||||
preserveLocationHeader bool
|
||||
preserveRequestMethod bool
|
||||
}
|
||||
|
||||
// NewForward creates a forward auth middleware.
|
||||
|
@ -81,6 +82,7 @@ func NewForward(ctx context.Context, next http.Handler, config dynamic.ForwardAu
|
|||
forwardBody: config.ForwardBody,
|
||||
maxBodySize: dynamic.ForwardAuthDefaultMaxBodySize,
|
||||
preserveLocationHeader: config.PreserveLocationHeader,
|
||||
preserveRequestMethod: config.PreserveRequestMethod,
|
||||
}
|
||||
|
||||
if config.MaxBodySize != nil {
|
||||
|
@ -135,7 +137,12 @@ func (fa *forwardAuth) GetTracingInformation() (string, string, trace.SpanKind)
|
|||
func (fa *forwardAuth) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
|
||||
logger := middlewares.GetLogger(req.Context(), fa.name, typeNameForward)
|
||||
|
||||
forwardReq, err := http.NewRequestWithContext(req.Context(), http.MethodGet, fa.address, nil)
|
||||
forwardReqMethod := http.MethodGet
|
||||
if fa.preserveRequestMethod {
|
||||
forwardReqMethod = req.Method
|
||||
}
|
||||
|
||||
forwardReq, err := http.NewRequestWithContext(req.Context(), forwardReqMethod, fa.address, nil)
|
||||
if err != nil {
|
||||
logger.Debug().Err(err).Msgf("Error calling %s", fa.address)
|
||||
observability.SetStatusErrorf(req.Context(), "Error calling %s. Cause %s", fa.address, err)
|
||||
|
|
|
@ -739,6 +739,63 @@ func TestForwardAuthPreserveLocationHeader(t *testing.T) {
|
|||
assert.Equal(t, relativeURL, res.Header.Get("Location"))
|
||||
}
|
||||
|
||||
func TestForwardAuthPreserveRequestMethod(t *testing.T) {
|
||||
testCases := []struct {
|
||||
name string
|
||||
preserveRequestMethod bool
|
||||
originalReqMethod string
|
||||
expectedReqMethodInAuthServer string
|
||||
}{
|
||||
{
|
||||
name: "preserve request method",
|
||||
preserveRequestMethod: true,
|
||||
originalReqMethod: http.MethodPost,
|
||||
expectedReqMethodInAuthServer: http.MethodPost,
|
||||
},
|
||||
{
|
||||
name: "do not preserve request method",
|
||||
preserveRequestMethod: false,
|
||||
originalReqMethod: http.MethodPost,
|
||||
expectedReqMethodInAuthServer: http.MethodGet,
|
||||
},
|
||||
}
|
||||
for _, test := range testCases {
|
||||
t.Run(test.name, func(t *testing.T) {
|
||||
reqReachesAuthServer := false
|
||||
authServer := httptest.NewServer(http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
|
||||
reqReachesAuthServer = true
|
||||
assert.Equal(t, test.expectedReqMethodInAuthServer, req.Method)
|
||||
}))
|
||||
t.Cleanup(authServer.Close)
|
||||
|
||||
reqReachesNextServer := false
|
||||
next := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||
reqReachesNextServer = true
|
||||
assert.Equal(t, test.originalReqMethod, r.Method)
|
||||
})
|
||||
|
||||
auth := dynamic.ForwardAuth{
|
||||
Address: authServer.URL,
|
||||
PreserveRequestMethod: test.preserveRequestMethod,
|
||||
}
|
||||
|
||||
middleware, err := NewForward(context.Background(), next, auth, "authTest")
|
||||
require.NoError(t, err)
|
||||
|
||||
ts := httptest.NewServer(middleware)
|
||||
t.Cleanup(ts.Close)
|
||||
|
||||
req := testhelpers.MustNewRequest(test.originalReqMethod, ts.URL, nil)
|
||||
res, err := http.DefaultClient.Do(req)
|
||||
require.NoError(t, err)
|
||||
|
||||
assert.Equal(t, http.StatusOK, res.StatusCode)
|
||||
assert.True(t, reqReachesAuthServer)
|
||||
assert.True(t, reqReachesNextServer)
|
||||
})
|
||||
}
|
||||
}
|
||||
|
||||
type mockTracer struct {
|
||||
embedded.Tracer
|
||||
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue