Use a named location for authSignURL (#4859)
This commit is contained in:
Manuel Alejandro de Brito Fontes
GitHub
parent
d83b83bc0d
commit
a0523c3c8a
6 changed files with 126 additions and 22 deletions
|
|
@ -18,7 +18,9 @@ package template
|
|||
|
||||
import (
|
||||
"bytes"
|
||||
"crypto/sha1"
|
||||
"encoding/base64"
|
||||
"encoding/hex"
|
||||
"encoding/json"
|
||||
"fmt"
|
||||
"io/ioutil"
|
||||
|
|
@ -164,6 +166,7 @@ var (
|
|||
"isValidByteSize": isValidByteSize,
|
||||
"buildForwardedFor": buildForwardedFor,
|
||||
"buildAuthSignURL": buildAuthSignURL,
|
||||
"buildAuthSignURLLocation": buildAuthSignURLLocation,
|
||||
"buildOpentracing": buildOpentracing,
|
||||
"proxySetHeader": proxySetHeader,
|
||||
"buildInfluxDB": buildInfluxDB,
|
||||
|
|
@ -883,24 +886,25 @@ func buildForwardedFor(input interface{}) string {
|
|||
return fmt.Sprintf("$http_%v", ffh)
|
||||
}
|
||||
|
||||
func buildAuthSignURL(input interface{}) string {
|
||||
s, ok := input.(string)
|
||||
if !ok {
|
||||
klog.Errorf("expected an 'string' type but %T was returned", input)
|
||||
return ""
|
||||
}
|
||||
|
||||
u, _ := url.Parse(s)
|
||||
func buildAuthSignURL(authSignURL string) string {
|
||||
u, _ := url.Parse(authSignURL)
|
||||
q := u.Query()
|
||||
if len(q) == 0 {
|
||||
return fmt.Sprintf("%v?rd=$pass_access_scheme://$http_host$escaped_request_uri", s)
|
||||
return fmt.Sprintf("%v?rd=$pass_access_scheme://$http_host$escaped_request_uri", authSignURL)
|
||||
}
|
||||
|
||||
if q.Get("rd") != "" {
|
||||
return s
|
||||
return authSignURL
|
||||
}
|
||||
|
||||
return fmt.Sprintf("%v&rd=$pass_access_scheme://$http_host$escaped_request_uri", s)
|
||||
return fmt.Sprintf("%v&rd=$pass_access_scheme://$http_host$escaped_request_uri", authSignURL)
|
||||
}
|
||||
|
||||
func buildAuthSignURLLocation(location, authSignURL string) string {
|
||||
hasher := sha1.New()
|
||||
hasher.Write([]byte(location))
|
||||
hasher.Write([]byte(authSignURL))
|
||||
return "@" + hex.EncodeToString(hasher.Sum(nil))
|
||||
}
|
||||
|
||||
var letters = []rune("abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ")
|
||||
|
|
|
|||
|
|
@ -763,14 +763,6 @@ func TestFilterRateLimits(t *testing.T) {
|
|||
}
|
||||
|
||||
func TestBuildAuthSignURL(t *testing.T) {
|
||||
invalidType := &ingress.Ingress{}
|
||||
expected := ""
|
||||
actual := buildAuthSignURL(invalidType)
|
||||
|
||||
if expected != actual {
|
||||
t.Errorf("Expected '%v' but returned '%v'", expected, actual)
|
||||
}
|
||||
|
||||
cases := map[string]struct {
|
||||
Input, Output string
|
||||
}{
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue