Fix forwarding of auth-response-headers to gRPC backends (#7331)

* add e2e test for auth-response-headers annotation * add e2e test for grpc with auth-response-headers * fix forwarding of auth header to GRPC backends * add test case for proxySetHeader(nil)
2021-07-12 23:08:29 -07:00 · 2021-07-12 23:08:29 -07:00 · 9a9ad47857
commit 9a9ad47857
parent c9d5b21a65
5 changed files with 136 additions and 22 deletions
--- a/test/e2e/annotations/auth.go
+++ b/test/e2e/annotations/auth.go
@ -453,6 +453,29 @@ http {
 				Expect().
 				Status(http.StatusOK)
 		})
+
+		ginkgo.It("should overwrite Foo header with auth response", func() {
+			var (
+				rewriteHeader = "Foo"
+				rewriteVal    = "bar"
+			)
+			annotations["nginx.ingress.kubernetes.io/auth-response-headers"] = rewriteHeader
+			f.UpdateIngress(ing)
+
+			f.WaitForNginxServer(host, func(server string) bool {
+				return strings.Contains(server, fmt.Sprintf("proxy_set_header '%s' $authHeader0;", rewriteHeader))
+			})
+
+			f.HTTPTestClient().
+				GET("/").
+				WithHeader("Host", host).
+				WithHeader(rewriteHeader, rewriteVal).
+				WithBasicAuth("user", "password").
+				Expect().
+				Status(http.StatusOK).
+				Body().
+				NotContainsFold(fmt.Sprintf("%s=%s", rewriteHeader, rewriteVal))
+		})
 	})

 	ginkgo.Context("when external authentication is configured with a custom redirect param", func() {