Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Http basic auth #454

Merged
merged 34 commits into from
Jan 14, 2022
Merged

Http basic auth #454

Changes from 1 commit
Commits
Show all changes
34 commits
Select commit Hold shift + click to select a range
72f2104
refactor repeated code
Jan 4, 2022
791272e
basicauth validator using userFile
Jan 5, 2022
4847899
format code
Jan 5, 2022
0d4644f
basic auth validator using etcd; cache results to LRU cache
Jan 5, 2022
30944df
fix header parsing
Jan 5, 2022
bc8f83a
reset changes in oauth2
Jan 5, 2022
9316bfa
fix test
Jan 6, 2022
5c81d42
remove unix specific temp file path
Jan 6, 2022
de2250c
sync authorized users
Jan 6, 2022
dd32290
remove syncInterval
Jan 6, 2022
60acff6
add fileWatcher for unvalidating cache
Jan 6, 2022
2b5fddb
remove unused funcs and add documentation
Jan 6, 2022
b188893
fix race condition in unittest
Jan 6, 2022
8bf353e
initialize context to fix test
Jan 6, 2022
5336a8f
simplify test and fix basic auth
Jan 7, 2022
26bd8ef
make etcd yaml password format configurable and use go-htpasswd for b…
Jan 10, 2022
03c435f
better error handling
Jan 10, 2022
0d23ac7
add test case
Jan 10, 2022
a5fd957
make etcd prefix configuratble
Jan 10, 2022
caa1a49
make username yaml entry configurable
Jan 11, 2022
6167196
set x-auth-user header
Jan 11, 2022
eeed6e9
headerlookup filter
Jan 11, 2022
4f2c339
fix typo
Jan 11, 2022
ccf9cca
fix filter
Jan 11, 2022
82796cb
sanitize header keys
Jan 12, 2022
4bbe9ae
force basicAuth and headerLookup to use /custom-data/ etcd prefix
Jan 12, 2022
bc7ff35
simplify configuration by fixing key and password entries; allow skip…
Jan 12, 2022
8cd8421
use fsnotify for basic auth userfile updates
Jan 13, 2022
68d7cf8
go mod tidy
Jan 13, 2022
b4442d6
address review comments
Jan 13, 2022
1565bab
add cache and cache update
Jan 13, 2022
7f5ba26
fix cache update
Jan 13, 2022
7b51d82
fix headerlookup test
Jan 13, 2022
249b3c7
include new cluster test helper to cluster tests
Jan 14, 2022
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Jump to
Jump to file
Failed to load files.
Diff view
Diff view
Prev Previous commit
Next Next commit
reset changes in oauth2
  • Loading branch information
Samu Tamminen committed Jan 13, 2022
commit bc8f83a7015b1c40eff78dd8cfb2fd901e29ee79
18 changes: 5 additions & 13 deletions pkg/filter/validator/oauth2.go
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,7 +29,6 @@ import (
"github.com/golang-jwt/jwt"

"github.com/megaease/easegress/pkg/context"
"github.com/megaease/easegress/pkg/util/httpheader"
)

type (
Expand Down Expand Up @@ -138,23 +137,16 @@ func (v *OAuth2Validator) introspectToken(tokenStr string) (*tokenInfo, error) {
return &ti.tokenInfo, nil
}

func parseAuthorizationHeader(hdr *httpheader.HTTPHeader) (string, error) {
// Validate validates the access token of a http request
func (v *OAuth2Validator) Validate(req context.HTTPRequest) error {
const prefix = "Bearer "

hdr := req.Header()
tokenStr := hdr.Get("Authorization")
if !strings.HasPrefix(tokenStr, prefix) {
return "", fmt.Errorf("unexpected authorization header: %s", tokenStr)
}
return tokenStr[len(prefix):], nil
}

// Validate validates the access token of a http request
func (v *OAuth2Validator) Validate(req context.HTTPRequest) error {
hdr := req.Header()
tokenStr, err := parseAuthorizationHeader(hdr)
if err != nil {
return err
return fmt.Errorf("unexpected authorization header: %s", tokenStr)
}
tokenStr = tokenStr[len(prefix):]

var subject, scope string
if v.spec.TokenIntrospect != nil {
Expand Down