add support for auth-snippet annotation

add test for new auth-snippet annotation document auth-snippet annotation add e2e test for auth-snippet annotation add log warning and update documentation
2018-10-29 16:34:44 -05:00 · 2018-10-29 16:34:44 -05:00 · b511333130
commit b511333130
parent 38f5df26cb
5 changed files with 80 additions and 11 deletions
--- a/internal/ingress/annotations/authreq/main.go
+++ b/internal/ingress/annotations/authreq/main.go
@ -21,6 +21,8 @@ import (
 	"regexp"
 	"strings"

+	"github.com/golang/glog"
+
 	extensions "k8s.io/api/extensions/v1beta1"

 	"k8s.io/ingress-nginx/internal/ingress/annotations/parser"
@ -37,6 +39,7 @@ type Config struct {
 	Method          string   `json:"method"`
 	ResponseHeaders []string `json:"responseHeaders,omitempty"`
 	RequestRedirect string   `json:"requestRedirect"`
+	AuthSnippet     string   `json:"authSnippet"`
 }

 // Equal tests for equality between two Config types
@ -74,6 +77,9 @@ func (e1 *Config) Equal(e2 *Config) bool {
 	if e1.RequestRedirect != e2.RequestRedirect {
 		return false
 	}
+	if e1.AuthSnippet != e2.AuthSnippet {
+		return false
+	}

 	return true
 }
@ -141,7 +147,15 @@ func (a authReq) Parse(ing *extensions.Ingress) (interface{}, error) {
 	}

 	// Optional Parameters
-	signIn, _ := parser.GetStringAnnotation("auth-signin", ing)
+	signIn, err := parser.GetStringAnnotation("auth-signin", ing)
+	if err != nil {
+		glog.Warning("auth-signin annotation is undefined and will not be set")
+	}
+
+	authSnippet, err := parser.GetStringAnnotation("auth-snippet", ing)
+	if err != nil {
+		glog.Warning("auth-snippet annotation is undefined and will not be set")
+	}

 	responseHeaders := []string{}
 	hstr, _ := parser.GetStringAnnotation("auth-response-headers", ing)
@ -167,5 +181,6 @@ func (a authReq) Parse(ing *extensions.Ingress) (interface{}, error) {
 		Method:          authMethod,
 		ResponseHeaders: responseHeaders,
 		RequestRedirect: requestRedirect,
+		AuthSnippet:     authSnippet,
 	}, nil
 }
--- a/internal/ingress/annotations/authreq/main_test.go
+++ b/internal/ingress/annotations/authreq/main_test.go
@ -77,16 +77,18 @@ func TestAnnotations(t *testing.T) {
 		signinURL       string
 		method          string
 		requestRedirect string
+		authSnippet     string
 		expErr          bool
 	}{
-		{"empty", "", "", "", "", true},
-		{"no scheme", "bar", "bar", "", "", true},
-		{"invalid host", "http://", "http://", "", "", true},
-		{"invalid host (multiple dots)", "http://foo..bar.com", "http://foo..bar.com", "", "", true},
-		{"valid URL", "http://bar.foo.com/external-auth", "http://bar.foo.com/external-auth", "", "", false},
-		{"valid URL - send body", "http://foo.com/external-auth", "http://foo.com/external-auth", "POST", "", false},
-		{"valid URL - send body", "http://foo.com/external-auth", "http://foo.com/external-auth", "GET", "", false},
-		{"valid URL - request redirect", "http://foo.com/external-auth", "http://foo.com/external-auth", "GET", "http://foo.com/redirect-me", false},
+		{"empty", "", "", "", "", "", true},
+		{"no scheme", "bar", "bar", "", "", "", true},
+		{"invalid host", "http://", "http://", "", "", "", true},
+		{"invalid host (multiple dots)", "http://foo..bar.com", "http://foo..bar.com", "", "", "", true},
+		{"valid URL", "http://bar.foo.com/external-auth", "http://bar.foo.com/external-auth", "", "", "", false},
+		{"valid URL - send body", "http://foo.com/external-auth", "http://foo.com/external-auth", "POST", "", "", false},
+		{"valid URL - send body", "http://foo.com/external-auth", "http://foo.com/external-auth", "GET", "", "", false},
+		{"valid URL - request redirect", "http://foo.com/external-auth", "http://foo.com/external-auth", "GET", "http://foo.com/redirect-me", "", false},
+		{"auth snippet", "http://foo.com/external-auth", "http://foo.com/external-auth", "", "", "proxy_set_header My-Custom-Header 42;", false},
 	}

 	for _, test := range tests {
@ -94,11 +96,12 @@ func TestAnnotations(t *testing.T) {
 		data[parser.GetAnnotationWithPrefix("auth-signin")] = test.signinURL
 		data[parser.GetAnnotationWithPrefix("auth-method")] = fmt.Sprintf("%v", test.method)
 		data[parser.GetAnnotationWithPrefix("auth-request-redirect")] = test.requestRedirect
+		data[parser.GetAnnotationWithPrefix("auth-snippet")] = test.authSnippet

 		i, err := NewParser(&resolver.Mock{}).Parse(ing)
 		if test.expErr {
 			if err == nil {
-				t.Errorf("%v: expected error but retuned nil", test.title)
+				t.Errorf("%v: expected error but returned nil", test.title)
 			}
 			continue
 		}
@ -118,6 +121,9 @@ func TestAnnotations(t *testing.T) {
 		if u.RequestRedirect != test.requestRedirect {
 			t.Errorf("%v: expected \"%v\" but \"%v\" was returned", test.title, test.requestRedirect, u.RequestRedirect)
 		}
+		if u.AuthSnippet != test.authSnippet {
+			t.Errorf("%v: expected \"%v\" but \"%v\" was returned", test.title, test.authSnippet, u.AuthSnippet)
+		}
 	}
 }