KV and authentication
This commit is contained in:
parent
c7e008f57a
commit
5afc8f2b12
2 changed files with 52 additions and 6 deletions
|
@ -377,16 +377,16 @@ func (p *Provider) hasDeprecatedBasicAuth(rootPath string) bool {
|
||||||
// GetAuth Create auth from path
|
// GetAuth Create auth from path
|
||||||
func (p *Provider) getAuth(rootPath string) *types.Auth {
|
func (p *Provider) getAuth(rootPath string) *types.Auth {
|
||||||
hasDeprecatedBasicAuth := p.hasDeprecatedBasicAuth(rootPath)
|
hasDeprecatedBasicAuth := p.hasDeprecatedBasicAuth(rootPath)
|
||||||
if len(p.getList(rootPath, pathFrontendAuth)) > 0 || hasDeprecatedBasicAuth {
|
if p.hasPrefix(rootPath, pathFrontendAuth) || hasDeprecatedBasicAuth {
|
||||||
auth := &types.Auth{
|
auth := &types.Auth{
|
||||||
HeaderField: p.get("", rootPath, pathFrontendAuthHeaderField),
|
HeaderField: p.get("", rootPath, pathFrontendAuthHeaderField),
|
||||||
}
|
}
|
||||||
|
|
||||||
if len(p.getList(rootPath, pathFrontendAuthBasic)) > 0 || hasDeprecatedBasicAuth {
|
if p.hasPrefix(rootPath, pathFrontendAuthBasic) || hasDeprecatedBasicAuth {
|
||||||
auth.Basic = p.getAuthBasic(rootPath)
|
auth.Basic = p.getAuthBasic(rootPath)
|
||||||
} else if len(p.getList(rootPath, pathFrontendAuthDigest)) > 0 {
|
} else if p.hasPrefix(rootPath, pathFrontendAuthDigest) {
|
||||||
auth.Digest = p.getAuthDigest(rootPath)
|
auth.Digest = p.getAuthDigest(rootPath)
|
||||||
} else if len(p.getList(rootPath, pathFrontendAuthForward)) > 0 {
|
} else if p.hasPrefix(rootPath, pathFrontendAuthForward) {
|
||||||
auth.Forward = p.getAuthForward(rootPath)
|
auth.Forward = p.getAuthForward(rootPath)
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -588,6 +588,21 @@ func (p *Provider) has(keyParts ...string) bool {
|
||||||
return len(value) > 0
|
return len(value) > 0
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (p *Provider) hasPrefix(keyParts ...string) bool {
|
||||||
|
baseKey := strings.Join(keyParts, "")
|
||||||
|
if !strings.HasSuffix(baseKey, "/") {
|
||||||
|
baseKey += "/"
|
||||||
|
}
|
||||||
|
|
||||||
|
listKeys, err := p.kvClient.List(baseKey, nil)
|
||||||
|
if err != nil {
|
||||||
|
log.Debugf("Cannot list keys under %q: %v", baseKey, err)
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
return len(listKeys) > 0
|
||||||
|
}
|
||||||
|
|
||||||
func (p *Provider) getInt(defaultValue int, keyParts ...string) int {
|
func (p *Provider) getInt(defaultValue int, keyParts ...string) int {
|
||||||
rawValue := p.get("", keyParts...)
|
rawValue := p.get("", keyParts...)
|
||||||
|
|
||||||
|
|
|
@ -62,13 +62,12 @@ func TestProviderBuildConfiguration(t *testing.T) {
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
{
|
{
|
||||||
desc: "basic auth",
|
desc: "basic auth Users",
|
||||||
kvPairs: filler("traefik",
|
kvPairs: filler("traefik",
|
||||||
frontend("frontend",
|
frontend("frontend",
|
||||||
withPair(pathFrontendBackend, "backend"),
|
withPair(pathFrontendBackend, "backend"),
|
||||||
withPair(pathFrontendAuthHeaderField, "X-WebAuth-User"),
|
withPair(pathFrontendAuthHeaderField, "X-WebAuth-User"),
|
||||||
withList(pathFrontendAuthBasicUsers, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
|
withList(pathFrontendAuthBasicUsers, "test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/", "test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"),
|
||||||
withPair(pathFrontendAuthBasicUsersFile, ".htpasswd"),
|
|
||||||
),
|
),
|
||||||
backend("backend"),
|
backend("backend"),
|
||||||
),
|
),
|
||||||
|
@ -90,6 +89,38 @@ func TestProviderBuildConfiguration(t *testing.T) {
|
||||||
Basic: &types.Basic{
|
Basic: &types.Basic{
|
||||||
Users: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
|
Users: []string{"test:$apr1$H6uskkkW$IgXLP6ewTrSuBkTrqE8wj/",
|
||||||
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
|
"test2:$apr1$d9hr9HBB$4HxwgUir3HP4EsggP/QNo0"},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
{
|
||||||
|
desc: "basic auth UsersFile",
|
||||||
|
kvPairs: filler("traefik",
|
||||||
|
frontend("frontend",
|
||||||
|
withPair(pathFrontendBackend, "backend"),
|
||||||
|
withPair(pathFrontendAuthHeaderField, "X-WebAuth-User"),
|
||||||
|
withPair(pathFrontendAuthBasicUsersFile, ".htpasswd"),
|
||||||
|
),
|
||||||
|
backend("backend"),
|
||||||
|
),
|
||||||
|
expected: &types.Configuration{
|
||||||
|
Backends: map[string]*types.Backend{
|
||||||
|
"backend": {
|
||||||
|
LoadBalancer: &types.LoadBalancer{
|
||||||
|
Method: "wrr",
|
||||||
|
},
|
||||||
|
},
|
||||||
|
},
|
||||||
|
Frontends: map[string]*types.Frontend{
|
||||||
|
"frontend": {
|
||||||
|
Backend: "backend",
|
||||||
|
PassHostHeader: true,
|
||||||
|
EntryPoints: []string{},
|
||||||
|
Auth: &types.Auth{
|
||||||
|
HeaderField: "X-WebAuth-User",
|
||||||
|
Basic: &types.Basic{
|
||||||
UsersFile: ".htpasswd",
|
UsersFile: ".htpasswd",
|
||||||
},
|
},
|
||||||
},
|
},
|
||||||
|
|
Loading…
Reference in a new issue