go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-24 08:52:25 +02:00
Code Issues Releases Activity

rename Upstreams to UpstreamConfig and its Configs member to Upstreams then

Browse Source
This commit is contained in:
Fabian Stelzer 2021-09-17 11:08:18 +00:00
parent fe9159572c
commit 88f32aeaa1
No known key found for this signature in database
14 changed files with 79 additions and 80 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
docs/docs/configuration/alpha_config.md
View File

@ -124,7 +124,7 @@ They may change between releases without notice.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `upstreams` | _[Upstreams](#upstreams)_ | Upstreams is used to configure upstream servers.<br/>Once a user is authenticated, requests to the server will be proxied to<br/>these upstream servers based on the path mappings defined in this list. |
| `upstreamConfig` | _[UpstreamConfig](#upstreamconfig)_ | UpstreamConfig is used to configure upstream servers.<br/>Once a user is authenticated, requests to the server will be proxied to<br/>these upstream servers based on the path mappings defined in this list. |
| `injectRequestHeaders` | _[[]Header](#header)_ | InjectRequestHeaders is used to configure headers that should be added<br/>to requests to upstream servers.<br/>Headers may source values from either the authenticated user's session<br/>or from a static secret value. |
| `injectResponseHeaders` | _[[]Header](#header)_ | InjectResponseHeaders is used to configure headers that should be added<br/>to responses from the proxy.<br/>This is typically used when using the proxy as an external authentication<br/>provider in conjunction with another proxy such as NGINX and its<br/>auth_request module.<br/>Headers may source values from either the authenticated user's session<br/>or from a static secret value. |
| `server` | _[Server](#server)_ | Server is used to configure the HTTP(S) server for the proxy application.<br/>You may choose to run both HTTP and HTTPS servers simultaneously.<br/>This can be done by setting the BindAddress and the SecureBindAddress simultaneously.<br/>To use the secure server you must configure a TLS certificate and key. |
@ -364,7 +364,7 @@ TLS contains the information for loading a TLS certifcate and key.
### Upstream
(**Appears on:** [Upstreams](#upstreams))
(**Appears on:** [UpstreamConfig](#upstreamconfig))
Upstream represents the configuration for an upstream server.
Requests will be proxied to this upstream if the path matches the request path.
@ -382,13 +382,13 @@ Requests will be proxied to this upstream if the path matches the request path.
| `passHostHeader` | _bool_ | PassHostHeader determines whether the request host header should be proxied<br/>to the upstream server.<br/>Defaults to true. |
| `proxyWebSockets` | _bool_ | ProxyWebSockets enables proxying of websockets to upstream servers<br/>Defaults to true. |
### Upstreams
### UpstreamConfig
(**Appears on:** [AlphaOptions](#alphaoptions))
Upstreams is a collection of definitions for upstream servers.
UpstreamConfig is a collection of definitions for upstream servers.
| Field | Type | Description |
| ----- | ---- | ----------- |
| `proxyRawPath` | _bool_ | ProxyRawPath will pass the raw url path to upstream allowing for url's<br/>like: "/%2F/" which would otherwise be redirected to "/" |
| `configs` | _[[]Upstream](#upstream)_ | Upstream represents the configuration for an upstream server.<br/>Requests will be proxied to this upstream if the path matches the request path. |
| `upstreams` | _[[]Upstream](#upstream)_ | Upstreams represents the configuration for the upstream servers.<br/>Requests will be proxied to this upstream if the path matches the request path. |

8
main_test.go
View File

@ -26,9 +26,9 @@ client_secret="b2F1dGgyLXByb3h5LWNsaWVudC1zZWNyZXQK"
`
const testAlphaConfig = `
upstreams:
upstreamConfig:
proxyrawpath: false
configs:
upstreams:
- id: /
path: /
uri: http://httpbin
@ -104,8 +104,8 @@ redirect_url="http://localhost:4180/oauth2/callback"
opts.Cookie.Secure = false
opts.RawRedirectURL = "http://localhost:4180/oauth2/callback"
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "/",
Path: "/",

34
oauthproxy_test.go
View File

@ -197,8 +197,8 @@ func TestBasicAuthPassword(t *testing.T) {
basicAuthPassword := "This is a secure password"
opts := baseTestOptions()
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: providerServer.URL,
Path: "/",
@ -348,8 +348,8 @@ func NewPassAccessTokenTest(opts PassAccessTokenTestOptions) (*PassAccessTokenTe
}))
patt.opts = baseTestOptions()
patt.opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
patt.opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: patt.providerServer.URL,
Path: "/",
@ -358,7 +358,7 @@ func NewPassAccessTokenTest(opts PassAccessTokenTestOptions) (*PassAccessTokenTe
},
}
if opts.ProxyUpstream.ID != "" {
patt.opts.UpstreamServers.Configs = append(patt.opts.UpstreamServers.Configs, opts.ProxyUpstream)
patt.opts.UpstreamServers.Upstreams = append(patt.opts.UpstreamServers.Upstreams, opts.ProxyUpstream)
}
patt.opts.Cookie.Secure = false
@ -1273,8 +1273,8 @@ func TestAuthSkippedForPreflightRequests(t *testing.T) {
t.Cleanup(upstreamServer.Close)
opts := baseTestOptions()
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: upstreamServer.URL,
Path: "/",
@ -1350,8 +1350,8 @@ func NewSignatureTest() (*SignatureTest, error) {
if err != nil {
return nil, err
}
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: upstreamServer.URL,
Path: "/",
@ -1788,8 +1788,8 @@ func Test_noCacheHeaders(t *testing.T) {
t.Cleanup(upstreamServer.Close)
opts := baseTestOptions()
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: upstreamServer.URL,
Path: "/",
@ -2060,8 +2060,8 @@ func TestTrustedIPs(t *testing.T) {
for _, tt := range tests {
t.Run(tt.name, func(t *testing.T) {
opts := baseTestOptions()
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "static",
Path: "/",
@ -2255,8 +2255,8 @@ func TestAllowedRequest(t *testing.T) {
t.Cleanup(upstreamServer.Close)
opts := baseTestOptions()
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: upstreamServer.URL,
Path: "/",
@ -2372,8 +2372,8 @@ func TestProxyAllowedGroups(t *testing.T) {
test, err := NewProcessCookieTestWithOptionsModifiers(func(opts *options.Options) {
opts.Providers[0].AllowedGroups = tt.allowedGroups
opts.UpstreamServers = options.Upstreams{
Configs: []options.Upstream{
opts.UpstreamServers = options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: upstreamServer.URL,
Path: "/",

9
pkg/apis/options/alpha_options.go
View File

@ -9,10 +9,10 @@ package options
// They may change between releases without notice.
// :::
type AlphaOptions struct {
// Upstreams is used to configure upstream servers.
// UpstreamConfig is used to configure upstream servers.
// Once a user is authenticated, requests to the server will be proxied to
// these upstream servers based on the path mappings defined in this list.
Upstreams Upstreams `json:"upstreams,omitempty"`
UpstreamConfig UpstreamConfig `json:"upstreamConfig,omitempty"`
// InjectRequestHeaders is used to configure headers that should be added
// to requests to upstream servers.
@ -48,19 +48,18 @@ type AlphaOptions struct {
// MergeInto replaces alpha options in the Options struct with the values
// from the AlphaOptions
func (a *AlphaOptions) MergeInto(opts *Options) {
opts.UpstreamServers = a.Upstreams
opts.UpstreamServers = a.UpstreamConfig
opts.InjectRequestHeaders = a.InjectRequestHeaders
opts.InjectResponseHeaders = a.InjectResponseHeaders
opts.Server = a.Server
opts.MetricsServer = a.MetricsServer
opts.Providers = a.Providers
}
// ExtractFrom populates the fields in the AlphaOptions with the values from
// the Options
func (a *AlphaOptions) ExtractFrom(opts *Options) {
a.Upstreams = opts.UpstreamServers
a.UpstreamConfig = opts.UpstreamServers
a.InjectRequestHeaders = opts.InjectRequestHeaders
a.InjectResponseHeaders = opts.InjectResponseHeaders
a.Server = opts.Server

8
pkg/apis/options/legacy_options.go
View File

@ -114,13 +114,13 @@ func legacyUpstreamsFlagSet() *pflag.FlagSet {
return flagSet
}
func (l *LegacyUpstreams) convert() (Upstreams, error) {
upstreams := Upstreams{}
func (l *LegacyUpstreams) convert() (UpstreamConfig, error) {
upstreams := UpstreamConfig{}
for _, upstreamString := range l.Upstreams {
u, err := url.Parse(upstreamString)
if err != nil {
return Upstreams{}, fmt.Errorf("could not parse upstream %q: %v", upstreamString, err)
return UpstreamConfig{}, fmt.Errorf("could not parse upstream %q: %v", upstreamString, err)
}
if u.Path == "" {
@ -169,7 +169,7 @@ func (l *LegacyUpstreams) convert() (Upstreams, error) {
upstream.FlushInterval = nil
}
upstreams.Configs = append(upstreams.Configs, upstream)
upstreams.Upstreams = append(upstreams.Upstreams, upstream)
}
return upstreams, nil

6
pkg/apis/options/legacy_options_test.go
View File

@ -26,8 +26,8 @@ var _ = Describe("Legacy Options", func() {
truth := true
staticCode := 204
opts.UpstreamServers = Upstreams{
Configs: []Upstream{
opts.UpstreamServers = UpstreamConfig{
Upstreams: []Upstream{
{
ID: "/baz",
Path: "/baz",
@ -221,7 +221,7 @@ var _ = Describe("Legacy Options", func() {
Expect(err).ToNot(HaveOccurred())
}
Expect(upstreams.Configs).To(ConsistOf(in.expectedUpstreams))
Expect(upstreams.Upstreams).To(ConsistOf(in.expectedUpstreams))
},
Entry("with no upstreams", &convertUpstreamsTableInput{
upstreamStrings: []string{},

8
pkg/apis/options/load_test.go
View File

@ -469,8 +469,8 @@ sub:
It("should load a full example AlphaOptions", func() {
config := []byte(`
upstreams:
configs:
upstreamConfig:
upstreams:
- id: httpbin
path: /
uri: http://httpbin
@ -503,8 +503,8 @@ injectResponseHeaders:
flushInterval := Duration(500 * time.Millisecond)
Expect(into).To(Equal(&AlphaOptions{
Upstreams: Upstreams{
Configs: []Upstream{
UpstreamConfig: UpstreamConfig{
Upstreams: []Upstream{
{
ID: "httpbin",
Path: "/",

2
pkg/apis/options/options.go
View File

@ -41,7 +41,7 @@ type Options struct {
// Not used in the legacy config, name not allowed to match an external key (upstreams)
// TODO(JoelSpeed): Rename when legacy config is removed
UpstreamServers Upstreams `cfg:",internal"`
UpstreamServers UpstreamConfig `cfg:",internal"`
InjectRequestHeaders []Header `cfg:",internal"`
InjectResponseHeaders []Header `cfg:",internal"`

8
pkg/apis/options/upstreams.go
View File

@ -7,15 +7,15 @@ const (
DefaultUpstreamFlushInterval = 1 * time.Second
)
// Upstreams is a collection of definitions for upstream servers.
type Upstreams struct {
// UpstreamConfig is a collection of definitions for upstream servers.
type UpstreamConfig struct {
// ProxyRawPath will pass the raw url path to upstream allowing for url's
// like: "/%2F/" which would otherwise be redirected to "/"
ProxyRawPath bool `json:"proxyRawPath,omitempty"`
// Upstream represents the configuration for an upstream server.
// Upstreams represents the configuration for the upstream servers.
// Requests will be proxied to this upstream if the path matches the request path.
Configs []Upstream `json:"configs,omitempty"`
Upstreams []Upstream `json:"upstreams,omitempty"`
}
// Upstream represents the configuration for an upstream server.

4
pkg/upstream/proxy.go
View File

@ -22,7 +22,7 @@ type ProxyErrorHandler func(http.ResponseWriter, *http.Request, error)
// NewProxy creates a new multiUpstreamProxy that can serve requests directed to
// multiple upstreams.
func NewProxy(upstreams options.Upstreams, sigData *options.SignatureData, writer pagewriter.Writer) (http.Handler, error) {
func NewProxy(upstreams options.UpstreamConfig, sigData *options.SignatureData, writer pagewriter.Writer) (http.Handler, error) {
m := &multiUpstreamProxy{
serveMux: mux.NewRouter(),
}
@ -31,7 +31,7 @@ func NewProxy(upstreams options.Upstreams, sigData *options.SignatureData, write
m.serveMux.UseEncodedPath()
}
for _, upstream := range sortByPathLongest(upstreams.Configs) {
for _, upstream := range sortByPathLongest(upstreams.Upstreams) {
if upstream.Static {
if err := m.registerStaticResponseHandler(upstream, writer); err != nil {
return nil, fmt.Errorf("could not register static upstream %q: %v", upstream.ID, err)

8
pkg/upstream/proxy_test.go
View File

@ -20,7 +20,7 @@ var _ = Describe("Proxy Suite", func() {
target string
response testHTTPResponse
upstream string
upstreams options.Upstreams
upstreams options.UpstreamConfig
}
Context("multiUpstreamProxy", func() {
@ -40,8 +40,8 @@ var _ = Describe("Proxy Suite", func() {
// Allows for specifying settings and even individual upstreams for specific tests and uses the default upstreams/configs otherwise
upstreams := in.upstreams
if len(in.upstreams.Configs) == 0 {
upstreams.Configs = []options.Upstream{
if len(in.upstreams.Upstreams) == 0 {
upstreams.Upstreams = []options.Upstream{
{
ID: "http-backend",
Path: "/http/",
@ -325,7 +325,7 @@ var _ = Describe("Proxy Suite", func() {
upstream: "",
}),
Entry("containing an escaped '/' with ProxyRawPath", &proxyTableInput{
upstreams: options.Upstreams{ProxyRawPath: true},
upstreams: options.UpstreamConfig{ProxyRawPath: true},
target: "http://example.localhost/%2F/test1/%2F/test2",
response: testHTTPResponse{
code: 404,

2
pkg/validation/options_test.go
View File

@ -22,7 +22,7 @@ const (
func testOptions() *options.Options {
o := options.NewOptions()
o.UpstreamServers.Configs = append(o.UpstreamServers.Configs, options.Upstream{
o.UpstreamServers.Upstreams = append(o.UpstreamServers.Upstreams, options.Upstream{
ID: "upstream",
Path: "/",
URI: "http://127.0.0.1:8080/",

4
pkg/validation/upstreams.go
View File

@ -7,12 +7,12 @@ import (
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/options"
)
func validateUpstreams(upstreams options.Upstreams) []string {
func validateUpstreams(upstreams options.UpstreamConfig) []string {
msgs := []string{}
ids := make(map[string]struct{})
paths := make(map[string]struct{})
for _, upstream := range upstreams.Configs {
for _, upstream := range upstreams.Upstreams {
msgs = append(msgs, validateUpstream(upstream, ids, paths)...)
}

48
pkg/validation/upstreams_test.go
View File

@ -11,7 +11,7 @@ import (
var _ = Describe("Upstreams", func() {
type validateUpstreamTableInput struct {
upstreams options.Upstreams
upstreams options.UpstreamConfig
errStrings []string
}
@ -54,12 +54,12 @@ var _ = Describe("Upstreams", func() {
Expect(validateUpstreams(o.upstreams)).To(ConsistOf(o.errStrings))
},
Entry("with no upstreams", &validateUpstreamTableInput{
upstreams: options.Upstreams{},
upstreams: options.UpstreamConfig{},
errStrings: []string{},
}),
Entry("with valid upstreams", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
validHTTPUpstream,
validStaticUpstream,
validFileUpstream,
@ -68,8 +68,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{},
}),
Entry("with an empty ID", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "",
Path: "/foo",
@ -80,8 +80,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{emptyIDMsg},
}),
Entry("with an empty Path", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "",
@ -92,8 +92,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{emptyPathMsg},
}),
Entry("with an empty Path", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "",
@ -104,8 +104,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{emptyPathMsg},
}),
Entry("with an empty URI", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "/foo",
@ -116,8 +116,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{emptyURIMsg},
}),
Entry("with an invalid URI", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "/foo",
@ -128,8 +128,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{invalidURIMsg},
}),
Entry("with an invalid URI scheme", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "/foo",
@ -140,8 +140,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{invalidURISchemeMsg},
}),
Entry("with a static upstream and invalid optons", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "/foo",
@ -163,8 +163,8 @@ var _ = Describe("Upstreams", func() {
},
}),
Entry("with duplicate IDs", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "/foo1",
@ -180,8 +180,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{multipleIDsMsg},
}),
Entry("with duplicate Paths", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo1",
Path: "/foo",
@ -197,8 +197,8 @@ var _ = Describe("Upstreams", func() {
errStrings: []string{multiplePathsMsg},
}),
Entry("when a static code is supplied without static", &validateUpstreamTableInput{
upstreams: options.Upstreams{
Configs: []options.Upstream{
upstreams: options.UpstreamConfig{
Upstreams: []options.Upstream{
{
ID: "foo",
Path: "/foo",