-
Notifications
You must be signed in to change notification settings - Fork 4.4k
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
APIGW: Update HTTPRouteConfigEntry for JWT Auth (#18422)
* Updated httproute config entry for JWT Filters * Added manual deepcopy method for httproute jwt filter * Fix test * Update JWTFilter to be in oss file * Add changelog * Add build tags for deepcopy oss file
- Loading branch information
Showing
12 changed files
with
881 additions
and
609 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,3 @@ | ||
```release-note:feature | ||
config-entry(api-gateway): (Enterprise only) Add JWTFilter to HTTPRoute Filters | ||
``` |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,6 +1,17 @@ | ||
// Copyright (c) HashiCorp, Inc. | ||
// SPDX-License-Identifier: MPL-2.0 | ||
|
||
//go:build !consulent | ||
// +build !consulent | ||
|
||
package structs | ||
|
||
// DeepCopy generates a deep copy of *APIGatewayJWTRequirement | ||
func (o *APIGatewayJWTRequirement) DeepCopy() *APIGatewayJWTRequirement { | ||
return new(APIGatewayJWTRequirement) | ||
} | ||
|
||
// DeepCopy generates a deep copy of *JWTFilter | ||
func (o *JWTFilter) DeepCopy() *JWTFilter { | ||
return new(JWTFilter) | ||
} |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,134 @@ | ||
package api | ||
|
||
import ( | ||
"testing" | ||
|
||
"github.com/stretchr/testify/require" | ||
) | ||
|
||
func TestAPI_ConfigEntries_HTTPRoute(t *testing.T) { | ||
t.Parallel() | ||
c, s := makeClient(t) | ||
defer s.Stop() | ||
|
||
configEntries := c.ConfigEntries() | ||
route1 := &HTTPRouteConfigEntry{ | ||
Kind: HTTPRoute, | ||
Name: "route1", | ||
} | ||
|
||
route2 := &HTTPRouteConfigEntry{ | ||
Kind: HTTPRoute, | ||
Name: "route2", | ||
} | ||
|
||
// set it | ||
_, wm, err := configEntries.Set(route1, nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, wm) | ||
require.NotEqual(t, 0, wm.RequestTime) | ||
|
||
// also set the second one | ||
_, wm, err = configEntries.Set(route2, nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, wm) | ||
require.NotEqual(t, 0, wm.RequestTime) | ||
|
||
// get it | ||
entry, qm, err := configEntries.Get(HTTPRoute, "route1", nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, qm) | ||
require.NotEqual(t, 0, qm.RequestTime) | ||
|
||
// verify it | ||
readRoute, ok := entry.(*HTTPRouteConfigEntry) | ||
require.True(t, ok) | ||
require.Equal(t, route1.Kind, readRoute.Kind) | ||
require.Equal(t, route1.Name, readRoute.Name) | ||
require.Equal(t, route1.Meta, readRoute.Meta) | ||
require.Equal(t, route1.Meta, readRoute.GetMeta()) | ||
|
||
// update it | ||
route1.Rules = []HTTPRouteRule{ | ||
{ | ||
Filters: HTTPFilters{ | ||
URLRewrite: &URLRewrite{ | ||
Path: "abc", | ||
}, | ||
}, | ||
}, | ||
} | ||
|
||
// CAS fail | ||
written, _, err := configEntries.CAS(route1, 0, nil) | ||
require.NoError(t, err) | ||
require.False(t, written) | ||
|
||
// CAS success | ||
written, wm, err = configEntries.CAS(route1, readRoute.ModifyIndex, nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, wm) | ||
require.NotEqual(t, 0, wm.RequestTime) | ||
require.True(t, written) | ||
|
||
// re-setting should not yield an error | ||
_, wm, err = configEntries.Set(route1, nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, wm) | ||
require.NotEqual(t, 0, wm.RequestTime) | ||
|
||
route2.Rules = []HTTPRouteRule{ | ||
{ | ||
Filters: HTTPFilters{ | ||
URLRewrite: &URLRewrite{ | ||
Path: "def", | ||
}, | ||
}, | ||
}, | ||
} | ||
|
||
_, wm, err = configEntries.Set(route2, nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, wm) | ||
require.NotEqual(t, 0, wm.RequestTime) | ||
|
||
// list them | ||
entries, qm, err := configEntries.List(HTTPRoute, nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, qm) | ||
require.NotEqual(t, 0, qm.RequestTime) | ||
require.Len(t, entries, 2) | ||
|
||
for _, entry = range entries { | ||
switch entry.GetName() { | ||
case "route1": | ||
// this also verifies that the update value was persisted and | ||
// the updated values are seen | ||
readRoute, ok = entry.(*HTTPRouteConfigEntry) | ||
require.True(t, ok) | ||
require.Equal(t, route1.Kind, readRoute.Kind) | ||
require.Equal(t, route1.Name, readRoute.Name) | ||
require.Len(t, readRoute.Rules, 1) | ||
|
||
require.Equal(t, route1.Rules, readRoute.Rules) | ||
case "route2": | ||
readRoute, ok = entry.(*HTTPRouteConfigEntry) | ||
require.True(t, ok) | ||
require.Equal(t, route2.Kind, readRoute.Kind) | ||
require.Equal(t, route2.Name, readRoute.Name) | ||
require.Len(t, readRoute.Rules, 1) | ||
|
||
require.Equal(t, route2.Rules, readRoute.Rules) | ||
} | ||
} | ||
|
||
// delete it | ||
wm, err = configEntries.Delete(HTTPRoute, "route1", nil) | ||
require.NoError(t, err) | ||
require.NotNil(t, wm) | ||
require.NotEqual(t, 0, wm.RequestTime) | ||
|
||
// verify deletion | ||
_, _, err = configEntries.Get(HTTPRoute, "route1", nil) | ||
require.Error(t, err) | ||
} |
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.
Oops, something went wrong.
Oops, something went wrong.