Remove deprecated elements

Gopkg.lock

@@ -1769,6 +1769,6 @@
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "f323b06b4963d6cec0eee5b88dd4e85d6b2e80ea41418154a8a57a0dae574bcd"
+  inputs-digest = "0b453fff40221eb9d779eeb4ad75fc076e8cbd93c1ecf058f4b9411d4afddf68"
   solver-name = "gps-cdcl"
   solver-version = 1

docs/configuration/backends/file.md

@@ -56,12 +56,6 @@ Træfik can be configured with a file.
     passTLSCert = true
     priority = 42
 
-    # Use frontends.frontend1.auth.basic below instead
-    basicAuth = [
-      "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
-      "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
-    ]
-
     [frontends.frontend1.auth]
       headerField = "X-WebAuth-User"
       [frontends.frontend1.auth.basic]

integration/fixtures/tracing/simple.toml

@@ -62,6 +62,10 @@ debug = true
   [frontends.frontend3]
     passHostHeader = true
     backend = "backend3"
-    basicAuth = ["test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"]
+    [frontends.frontend3.auth.basic]
+      users = [
+        "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
+        "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0",
+      ]
     [frontends.frontend3.routes.test_auth]
       rule = "Path:/auth"

middlewares/accesslog/logdata.go

@@ -40,8 +40,6 @@ const (
 	RequestPath = "RequestPath"
 	// RequestProtocol is the map key used for the version of HTTP requested.
 	RequestProtocol = "RequestProtocol"
-	// RequestLine is the original request line
-	RequestLine = "RequestLine"
 	// RequestContentSize is the map key used for the number of bytes in the request entity (a.k.a. body) sent by the client.
 	RequestContentSize = "RequestContentSize"
 	// RequestRefererHeader is the Referer header in the request
@@ -55,14 +53,8 @@ const (
 	// OriginStatus is the map key used for the HTTP status code returned by the origin server.
 	// If the request was handled by this Traefik instance (e.g. with a redirect), then this value will be absent.
 	OriginStatus = "OriginStatus"
-	// OriginStatusLine is the map key used for the HTTP status code and corresponding descriptive string.
-	// If the request was handled by this Traefik instance (e.g. with a redirect), then this value will be absent.
-	// Note that the actual message string might be different to what is reported here, depending on server behaviour.
-	OriginStatusLine = "OriginStatusLine"
 	// DownstreamStatus is the map key used for the HTTP status code returned to the client.
 	DownstreamStatus = "DownstreamStatus"
-	// DownstreamStatusLine is the map key used for the HTTP status line returned to the client.
-	DownstreamStatusLine = "DownstreamStatusLine"
 	// DownstreamContentSize is the map key used for the number of bytes in the response entity returned to the client.
 	// This is in addition to the "Content-Length" header, which may be present in the origin response.
 	DownstreamContentSize = "DownstreamContentSize"
@@ -110,9 +102,6 @@ func init() {
 	allCoreKeys[BackendAddr] = struct{}{}
 	allCoreKeys[ClientAddr] = struct{}{}
 	allCoreKeys[RequestAddr] = struct{}{}
-	allCoreKeys[RequestLine] = struct{}{}
-	allCoreKeys[OriginStatusLine] = struct{}{}
-	allCoreKeys[DownstreamStatusLine] = struct{}{}
 	allCoreKeys[GzipRatio] = struct{}{}
 	allCoreKeys[StartLocal] = struct{}{}
 	allCoreKeys[Overhead] = struct{}{}

middlewares/accesslog/logger.go

@@ -167,7 +167,6 @@ func (l *LogHandler) ServeHTTP(rw http.ResponseWriter, req *http.Request, next h
 	core[RequestMethod] = req.Method
 	core[RequestPath] = urlCopyString
 	core[RequestProtocol] = req.Proto
-	core[RequestLine] = fmt.Sprintf("%s %s %s", req.Method, urlCopyString, req.Proto)
 
 	core[ClientAddr] = req.RemoteAddr
 	core[ClientHost], core[ClientPort] = silentSplitHostPort(req.RemoteAddr)
@@ -262,7 +261,6 @@ func (l *LogHandler) logTheRoundTrip(logDataTable *LogData, crr *captureRequestR
 	core[Duration] = totalDuration
 
 	if l.keepAccessLog(crw.Status(), retryAttempts, totalDuration) {
-		core[DownstreamStatusLine] = fmt.Sprintf("%03d %s", crw.Status(), http.StatusText(crw.Status()))
 		core[DownstreamContentSize] = crw.Size()
 		if original, ok := core[OriginContentSize]; ok {
 			o64 := original.(int64)

middlewares/accesslog/logger_test.go

@@ -198,9 +198,7 @@ func TestLoggerJSON(t *testing.T) {
 				RequestPath:            assertString(testPath),
 				RequestProtocol:        assertString(testProto),
 				RequestPort:            assertString("-"),
-				RequestLine:            assertString(fmt.Sprintf("%s %s %s", testMethod, testPath, testProto)),
 				DownstreamStatus:       assertFloat64(float64(testStatus)),
-				DownstreamStatusLine:   assertString(fmt.Sprintf("%d ", testStatus)),
 				DownstreamContentSize:  assertFloat64(float64(len(testContent))),
 				OriginContentSize:      assertFloat64(float64(len(testContent))),
 				OriginStatus:           assertFloat64(float64(testStatus)),

middlewares/accesslog/save_backend.go

@@ -1,7 +1,6 @@
 package accesslog
 
 import (
-	"fmt"
 	"net/http"
 	"time"
 
@@ -58,7 +57,6 @@ func serveSaveBackend(rw http.ResponseWriter, r *http.Request, backendName strin
 	// use UTC to handle switchover of daylight saving correctly
 	table.Core[OriginDuration] = time.Now().UTC().Sub(start)
 	table.Core[OriginStatus] = crw.Status()
-	table.Core[OriginStatusLine] = fmt.Sprintf("%03d %s", crw.Status(), http.StatusText(crw.Status()))
 	// make copy of headers so we can ensure there is no subsequent mutation during response processing
 	table.OriginResponse = make(http.Header)
 	utils.CopyHeaders(table.OriginResponse, crw.Header())

provider/kubernetes/annotations.go

@@ -66,22 +66,6 @@ const (
 	annotationKubernetesProtocol                = "ingress.kubernetes.io/protocol"
 )
 
-// TODO [breaking] remove label support
-var compatibilityMapping = map[string]string{
-	annotationKubernetesPreserveHost:             "traefik.frontend.passHostHeader",
-	annotationKubernetesPassTLSCert:              "traefik.frontend.passTLSCert",
-	annotationKubernetesFrontendEntryPoints:      "traefik.frontend.entryPoints",
-	annotationKubernetesPriority:                 "traefik.frontend.priority",
-	annotationKubernetesCircuitBreakerExpression: "traefik.backend.circuitbreaker",
-	annotationKubernetesLoadBalancerMethod:       "traefik.backend.loadbalancer.method",
-	annotationKubernetesAffinity:                 "traefik.backend.loadbalancer.stickiness",
-	annotationKubernetesSessionCookieName:        "traefik.backend.loadbalancer.stickiness.cookieName",
-	annotationKubernetesRuleType:                 "traefik.frontend.rule.type",
-	annotationKubernetesRedirectEntryPoint:       "traefik.frontend.redirect.entrypoint",
-	annotationKubernetesRedirectRegex:            "traefik.frontend.redirect.regex",
-	annotationKubernetesRedirectReplacement:      "traefik.frontend.redirect.replacement",
-}
-
 func getAnnotationName(annotations map[string]string, name string) string {
 	if _, ok := annotations[name]; ok {
 		return name
@@ -91,13 +75,6 @@ func getAnnotationName(annotations map[string]string, name string) string {
 		return label.Prefix + name
 	}
 
-	// TODO [breaking] remove label support
-	if lbl, compat := compatibilityMapping[name]; compat {
-		if _, ok := annotations[lbl]; ok {
-			return lbl
-		}
-	}
-
 	return name
 }
 

provider/kubernetes/annotations_test.go

@@ -30,14 +30,6 @@ func TestGetAnnotationName(t *testing.T) {
 			},
 			expected: label.Prefix + annotationKubernetesPreserveHost,
 		},
-		{
-			desc: "with label",
-			name: annotationKubernetesPreserveHost,
-			annotations: map[string]string{
-				label.TraefikFrontendPassHostHeader: "true",
-			},
-			expected: label.TraefikFrontendPassHostHeader,
-		},
 	}
 
 	for _, test := range testCases {

provider/kv/keynames.go

@@ -32,7 +32,6 @@ const (
 	pathFrontendWhiteListSourceRange      = "/whitelist/sourcerange"
 	pathFrontendWhiteListUseXForwardedFor = "/whitelist/usexforwardedfor"
 
-	pathFrontendBasicAuth                        = "/basicauth" // Deprecated
 	pathFrontendAuth                             = "/auth/"
 	pathFrontendAuthBasic                        = pathFrontendAuth + "basic/"
 	pathFrontendAuthBasicRemoveHeader            = pathFrontendAuthBasic + "removeheader"

provider/kv/kv_config.go

@@ -46,7 +46,6 @@ func (p *Provider) buildConfiguration() *types.Configuration {
 		"getPassHostHeader": p.getFuncBool(pathFrontendPassHostHeader, label.DefaultPassHostHeader),
 		"getPassTLSCert":    p.getFuncBool(pathFrontendPassTLSCert, label.DefaultPassTLSCert),
 		"getEntryPoints":    p.getFuncList(pathFrontendEntryPoints),
-		"getBasicAuth":      p.getFuncList(pathFrontendBasicAuth), // Deprecated
 		"getAuth":           p.getAuth,
 		"getRoutes":         p.getRoutes,
 		"getRedirect":       p.getRedirect,
@@ -320,20 +319,14 @@ func (p *Provider) getTLSSection(prefix string) []*tls.Configuration {
 	return tlsSection
 }
 
-// hasDeprecatedBasicAuth check if the frontend basic auth use the deprecated configuration
-func (p *Provider) hasDeprecatedBasicAuth(rootPath string) bool {
-	return len(p.getList(rootPath, pathFrontendBasicAuth)) > 0
-}
-
 // GetAuth Create auth from path
 func (p *Provider) getAuth(rootPath string) *types.Auth {
-	hasDeprecatedBasicAuth := p.hasDeprecatedBasicAuth(rootPath)
+	if p.hasPrefix(rootPath, pathFrontendAuth) {
-	if p.hasPrefix(rootPath, pathFrontendAuth) || hasDeprecatedBasicAuth {
 		auth := &types.Auth{
 			HeaderField: p.get("", rootPath, pathFrontendAuthHeaderField),
 		}
 
-		if p.hasPrefix(rootPath, pathFrontendAuthBasic) || hasDeprecatedBasicAuth {
+		if p.hasPrefix(rootPath, pathFrontendAuthBasic) {
 			auth.Basic = p.getAuthBasic(rootPath)
 		} else if p.hasPrefix(rootPath, pathFrontendAuthDigest) {
 			auth.Digest = p.getAuthDigest(rootPath)
@@ -348,20 +341,11 @@ func (p *Provider) getAuth(rootPath string) *types.Auth {
 
 // getAuthBasic Create Basic Auth from path
 func (p *Provider) getAuthBasic(rootPath string) *types.Basic {
-	basicAuth := &types.Basic{
+	return &types.Basic{
 		UsersFile:    p.get("", rootPath, pathFrontendAuthBasicUsersFile),
 		RemoveHeader: p.getBool(false, rootPath, pathFrontendAuthBasicRemoveHeader),
+		Users:        p.getList(rootPath, pathFrontendAuthBasicUsers),
 	}
-
-	// backward compatibility
-	if p.hasDeprecatedBasicAuth(rootPath) {
-		basicAuth.Users = p.getList(rootPath, pathFrontendBasicAuth)
-		log.Warnf("Deprecated configuration found: %s. Please use %s.", pathFrontendBasicAuth, pathFrontendAuthBasic)
-	} else {
-		basicAuth.Users = p.getList(rootPath, pathFrontendAuthBasicUsers)
-	}
-
-	return basicAuth
 }
 
 // getAuthDigest Create Digest Auth from path

provider/kv/kv_config_test.go

@@ -130,38 +130,6 @@ func TestProviderBuildConfiguration(t *testing.T) {
 				},
 			},
 		},
-		{
-			desc: "basic auth (backward compatibility)",
-			kvPairs: filler("traefik",
-				frontend("frontend",
-					withPair(pathFrontendBackend, "backend"),
-					withList(pathFrontendBasicAuth, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
-				),
-				backend("backend"),
-			),
-			expected: &types.Configuration{
-				Backends: map[string]*types.Backend{
-					"backend": {
-						LoadBalancer: &types.LoadBalancer{
-							Method: "wrr",
-						},
-					},
-				},
-				Frontends: map[string]*types.Frontend{
-					"frontend": {
-						Backend:        "backend",
-						PassHostHeader: true,
-						EntryPoints:    []string{},
-						Auth: &types.Auth{
-							Basic: &types.Basic{
-								Users: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
-									"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
-							},
-						},
-					},
-				},
-			},
-		},
 		{
 			desc: "digest auth",
 			kvPairs: filler("traefik",
@@ -281,7 +249,6 @@ func TestProviderBuildConfiguration(t *testing.T) {
 					withList(pathFrontendWhiteListSourceRange, "1.1.1.1/24", "1234:abcd::42/32"),
 					withPair(pathFrontendWhiteListUseXForwardedFor, "true"),
 
-					withList(pathFrontendBasicAuth, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
 					withPair(pathFrontendAuthBasicRemoveHeader, "true"),
 					withList(pathFrontendAuthBasicUsers, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
 					withPair(pathFrontendAuthBasicUsersFile, ".htpasswd"),
@@ -2163,20 +2130,6 @@ func TestProviderGetAuth(t *testing.T) {
 				},
 			},
 		},
-		{
-			desc:     "should return a valid basic auth (backward compatibility)",
-			rootPath: "traefik/frontends/foo",
-			kvPairs: filler("traefik",
-				frontend("foo",
-					withPair(pathFrontendBasicAuth, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/,test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
-				)),
-			expected: &types.Auth{
-				Basic: &types.Basic{
-					Users: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
-						"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
-				},
-			},
-		},
 		{
 			desc:     "should return a valid digest auth",
 			rootPath: "traefik/frontends/foo",
@@ -2240,61 +2193,6 @@ func TestProviderGetAuth(t *testing.T) {
 	}
 }
 
-func TestProviderHasDeprecatedBasicAuth(t *testing.T) {
-	testCases := []struct {
-		desc     string
-		rootPath string
-		kvPairs  []*store.KVPair
-		expected bool
-	}{
-		{
-			desc:     "should return nil when no data",
-			expected: false,
-		},
-		{
-			desc:     "should return a valid basic auth",
-			rootPath: "traefik/frontends/foo",
-			kvPairs: filler("traefik",
-				frontend("foo",
-					withList(pathFrontendAuthBasicUsers, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
-				)),
-			expected: false,
-		},
-		{
-			desc:     "should return a valid basic auth",
-			rootPath: "traefik/frontends/foo",
-			kvPairs: filler("traefik",
-				frontend("foo",
-					withList(pathFrontendBasicAuth, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
-				)),
-			expected: true,
-		},
-		{
-			desc:     "should return a valid basic auth",
-			rootPath: "traefik/frontends/foo",
-			kvPairs: filler("traefik",
-				frontend("foo",
-					withList(pathFrontendAuthBasicUsers, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
-					withList(pathFrontendBasicAuth, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
-				)),
-			expected: true,
-		},
-	}
-
-	for _, test := range testCases {
-		test := test
-		t.Run(test.desc, func(t *testing.T) {
-			t.Parallel()
-
-			p := newProviderMock(test.kvPairs)
-
-			result := p.hasDeprecatedBasicAuth(test.rootPath)
-
-			assert.Equal(t, test.expected, result)
-		})
-	}
-}
-
 func TestProviderGetRoutes(t *testing.T) {
 	testCases := []struct {
 		desc     string

server/server_configuration_test.go

@@ -161,7 +161,6 @@ func TestServerLoadConfigEmptyBasicAuth(t *testing.T) {
 				"frontend": {
 					EntryPoints: []string{"http"},
 					Backend:     "backend",
-					BasicAuth:   []string{""},
 				},
 			},
 			Backends: map[string]*types.Backend{
@@ -248,7 +247,11 @@ func TestReuseBackend(t *testing.T) {
 					th.WithFrontendName("frontend1"),
 					th.WithEntryPoints("http"),
 					th.WithRoutes(th.WithRoute("/unauthorized", "Path: /unauthorized")),
-					th.WithBasicAuth("foo", "bar")),
+					th.WithFrontEndAuth(&types.Auth{
+						Basic: &types.Basic{
+							Users: []string{"foo:bar"},
+						},
+					})),
 			),
 			th.WithBackends(th.WithBackendNew("backend",
 				th.WithLBMethod("wrr"),

server/server_middlewares.go

@@ -95,19 +95,6 @@ func (s *Server) buildMiddlewares(frontendName string, frontend *types.Frontend,
 		middle = append(middle, handler)
 	}
 
-	// Basic auth
-	if len(frontend.BasicAuth) > 0 {
-		log.Debugf("Adding basic authentication for frontend %s", frontendName)
-
-		authMiddleware, err := s.buildBasicAuthMiddleware(frontend.BasicAuth)
-		if err != nil {
-			return nil, nil, nil, err
-		}
-
-		handler := s.wrapNegroniHandlerWithAccessLog(authMiddleware, fmt.Sprintf("Basic Auth for %s", frontendName))
-		middle = append(middle, handler)
-	}
-
 	// Authentication
 	if frontend.Auth != nil {
 		authMiddleware, err := mauth.NewAuthenticator(frontend.Auth, s.tracingMiddleware)

server/server_middlewares_test.go

@@ -265,7 +265,10 @@ func TestServerGenericFrontendAuthFail(t *testing.T) {
 				"frontend": {
 					EntryPoints: []string{"http"},
 					Backend:     "backend",
-					BasicAuth:   []string{""},
+					Auth: &types.Auth{
+						Basic: &types.Basic{
+							Users: []string{""},
+						}},
 				},
 			},
 			Backends: map[string]*types.Backend{

testhelpers/config.go

@@ -137,14 +137,6 @@ func WithRoute(name string, rule string) func(*types.Route) string {
 	}
 }
 
-// WithBasicAuth is a helper to create a configuration
-// Deprecated
-func WithBasicAuth(username string, password string) func(*types.Frontend) {
-	return func(fe *types.Frontend) {
-		fe.BasicAuth = []string{username + ":" + password}
-	}
-}
-
 // WithFrontEndAuth is a helper to create a configuration
 func WithFrontEndAuth(auth *types.Auth) func(*types.Frontend) {
 	return func(fe *types.Frontend) {

types/types.go

@@ -183,7 +183,6 @@ type Frontend struct {
 	PassHostHeader       bool                  `json:"passHostHeader,omitempty"`
 	PassTLSCert          bool                  `json:"passTLSCert,omitempty"`
 	Priority             int                   `json:"priority"`
-	BasicAuth            []string              `json:"basicAuth"`                      // Deprecated
 	WhitelistSourceRange []string              `json:"whitelistSourceRange,omitempty"` // Deprecated
 	WhiteList            *WhiteList            `json:"whiteList,omitempty"`
 	Headers              *Headers              `json:"headers,omitempty"`