Auth support in frontends for k8s and file

2018-07-02 11:52:04 +02:00 · 2018-07-02 11:52:04 +02:00 · bb14ec70bd
commit bb14ec70bd
parent e8e36bd9d5
14 changed files with 867 additions and 181 deletions
--- a/provider/kubernetes/builder_configuration_test.go
+++ b/provider/kubernetes/builder_configuration_test.go
@ -208,9 +208,52 @@ func entryPoints(eps ...string) func(*types.Frontend) {
 	}
 }

-func basicAuth(auth ...string) func(*types.Frontend) {
+// Deprecated
+func basicAuthDeprecated(auth ...string) func(*types.Frontend) {
 	return func(f *types.Frontend) {
-		f.BasicAuth = auth
+		f.Auth = &types.Auth{Basic: &types.Basic{Users: auth}}
+	}
+}
+
+func auth(opt func(*types.Auth)) func(*types.Frontend) {
+	return func(f *types.Frontend) {
+		auth := &types.Auth{}
+		opt(auth)
+		f.Auth = auth
+	}
+}
+
+func basicAuth(users ...string) func(*types.Auth) {
+	return func(a *types.Auth) {
+		a.Basic = &types.Basic{Users: users}
+	}
+}
+
+func forwardAuth(forwardURL string, opts ...func(*types.Forward)) func(*types.Auth) {
+	return func(a *types.Auth) {
+		fwd := &types.Forward{Address: forwardURL}
+		for _, opt := range opts {
+			opt(fwd)
+		}
+		a.Forward = fwd
+	}
+}
+
+func fwdAuthResponseHeaders(headers ...string) func(*types.Forward) {
+	return func(f *types.Forward) {
+		f.AuthResponseHeaders = headers
+	}
+}
+
+func fwdTrustForwardHeader() func(*types.Forward) {
+	return func(f *types.Forward) {
+		f.TrustForwardHeader = true
+	}
+}
+
+func fwdAuthTLS(cert, key string, insecure bool) func(*types.Forward) {
+	return func(f *types.Forward) {
+		f.TLS = &types.ClientTLS{Cert: cert, Key: key, InsecureSkipVerify: insecure}
 	}
 }