KV and authentication
This commit is contained in:
Ludovic Fernandez
Traefiker Bot
parent
c7e008f57a
commit
5afc8f2b12
|
|
@ -377,16 +377,16 @@ func (p *Provider) hasDeprecatedBasicAuth(rootPath string) bool {
|
|||
// GetAuth Create auth from path
|
||||
func (p *Provider) getAuth(rootPath string) *types.Auth {
|
||||
hasDeprecatedBasicAuth := p.hasDeprecatedBasicAuth(rootPath)
|
||||
if len(p.getList(rootPath, pathFrontendAuth)) > 0 || hasDeprecatedBasicAuth {
|
||||
if p.hasPrefix(rootPath, pathFrontendAuth) || hasDeprecatedBasicAuth {
|
||||
auth := &types.Auth{
|
||||
HeaderField: p.get("", rootPath, pathFrontendAuthHeaderField),
|
||||
}
|
||||
|
||||
if len(p.getList(rootPath, pathFrontendAuthBasic)) > 0 || hasDeprecatedBasicAuth {
|
||||
if p.hasPrefix(rootPath, pathFrontendAuthBasic) || hasDeprecatedBasicAuth {
|
||||
auth.Basic = p.getAuthBasic(rootPath)
|
||||
} else if len(p.getList(rootPath, pathFrontendAuthDigest)) > 0 {
|
||||
} else if p.hasPrefix(rootPath, pathFrontendAuthDigest) {
|
||||
auth.Digest = p.getAuthDigest(rootPath)
|
||||
} else if len(p.getList(rootPath, pathFrontendAuthForward)) > 0 {
|
||||
} else if p.hasPrefix(rootPath, pathFrontendAuthForward) {
|
||||
auth.Forward = p.getAuthForward(rootPath)
|
||||
}
|
||||
|
||||
|
|
@ -588,6 +588,21 @@ func (p *Provider) has(keyParts ...string) bool {
|
|||
return len(value) > 0
|
||||
}
|
||||
|
||||
func (p *Provider) hasPrefix(keyParts ...string) bool {
|
||||
baseKey := strings.Join(keyParts, "")
|
||||
if !strings.HasSuffix(baseKey, "/") {
|
||||
baseKey += "/"
|
||||
}
|
||||
|
||||
listKeys, err := p.kvClient.List(baseKey, nil)
|
||||
if err != nil {
|
||||
log.Debugf("Cannot list keys under %q: %v", baseKey, err)
|
||||
return false
|
||||
}
|
||||
|
||||
return len(listKeys) > 0
|
||||
}
|
||||
|
||||
func (p *Provider) getInt(defaultValue int, keyParts ...string) int {
|
||||
rawValue := p.get("", keyParts...)
|
||||
|
||||
|
|
|
|||
|
|
@ -62,13 +62,12 @@ func TestProviderBuildConfiguration(t *testing.T) {
|
|||
},
|
||||
},
|
||||
{
|
||||
desc: "basic auth",
|
||||
desc: "basic auth Users",
|
||||
kvPairs: filler("traefik",
|
||||
frontend("frontend",
|
||||
withPair(pathFrontendBackend, "backend"),
|
||||
withPair(pathFrontendAuthHeaderField, "X-WebAuth-User"),
|
||||
withList(pathFrontendAuthBasicUsers, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
|
||||
withPair(pathFrontendAuthBasicUsersFile, ".htpasswd"),
|
||||
),
|
||||
backend("backend"),
|
||||
),
|
||||
|
|
@ -90,6 +89,38 @@ func TestProviderBuildConfiguration(t *testing.T) {
|
|||
Basic: &types.Basic{
|
||||
Users: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
|
||||
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
},
|
||||
{
|
||||
desc: "basic auth UsersFile",
|
||||
kvPairs: filler("traefik",
|
||||
frontend("frontend",
|
||||
withPair(pathFrontendBackend, "backend"),
|
||||
withPair(pathFrontendAuthHeaderField, "X-WebAuth-User"),
|
||||
withPair(pathFrontendAuthBasicUsersFile, ".htpasswd"),
|
||||
),
|
||||
backend("backend"),
|
||||
),
|
||||
expected: &types.Configuration{
|
||||
Backends: map[string]*types.Backend{
|
||||
"backend": {
|
||||
LoadBalancer: &types.LoadBalancer{
|
||||
Method: "wrr",
|
||||
},
|
||||
},
|
||||
},
|
||||
Frontends: map[string]*types.Frontend{
|
||||
"frontend": {
|
||||
Backend: "backend",
|
||||
PassHostHeader: true,
|
||||
EntryPoints: []string{},
|
||||
Auth: &types.Auth{
|
||||
HeaderField: "X-WebAuth-User",
|
||||
Basic: &types.Basic{
|
||||
UsersFile: ".htpasswd",
|
||||
},
|
||||
},
|
||||
|
|
|
|||
Loading…
Reference in a new issue