This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new d026c69 chore: update forward-auth address schema (#6110)
d026c69 is described below
commit d026c69e0c3e4b530421480913d4d2c0348d9024
Author: Zeping Bai <[email protected]>
AuthorDate: Fri Jan 14 18:27:36 2022 +0800
chore: update forward-auth address schema (#6110)
---
apisix/plugins/forward-auth.lua | 6 +++---
docs/en/latest/plugins/forward-auth.md | 17 ++++++++++++++---
t/plugin/forward-auth.t | 14 +++++++-------
3 files changed, 24 insertions(+), 13 deletions(-)
diff --git a/apisix/plugins/forward-auth.lua b/apisix/plugins/forward-auth.lua
index ed3baef..7f76ca0 100644
--- a/apisix/plugins/forward-auth.lua
+++ b/apisix/plugins/forward-auth.lua
@@ -22,7 +22,7 @@ local http = require("resty.http")
local schema = {
type = "object",
properties = {
- host = {type = "string"},
+ address = {type = "string"},
ssl_verify = {
type = "boolean",
default = true,
@@ -57,7 +57,7 @@ local schema = {
keepalive_timeout = {type = "integer", minimum = 1000, default =
60000},
keepalive_pool = {type = "integer", minimum = 1, default = 5},
},
- required = {"host"}
+ required = {"address"}
}
@@ -106,7 +106,7 @@ function _M.access(conf, ctx)
local httpc = http.new()
httpc:set_timeout(conf.timeout)
- local res, err = httpc:request_uri(conf.host, params)
+ local res, err = httpc:request_uri(conf.address, params)
-- block by default when authorization service is unavailable
if not res then
diff --git a/docs/en/latest/plugins/forward-auth.md
b/docs/en/latest/plugins/forward-auth.md
index 6dad713..a24f20c 100644
--- a/docs/en/latest/plugins/forward-auth.md
+++ b/docs/en/latest/plugins/forward-auth.md
@@ -38,7 +38,7 @@ Forward Auth cleverly moves the authentication and
authorization logic to a dedi
| Name | Type | Requirement | Default | Valid | Description |
| -- | -- | -- | -- | -- | -- |
-| host | string | required | | | Authorization service host (eg.
https://localhost:9188) |
+| address | string | required | | | Authorization service address (eg.
https://localhost/auth) |
| ssl_verify | boolean | optional | true | | Whether to verify the
certificate |
| request_headers | array[string] | optional | | | `client` request header
that will be sent to the `authorization` service. When it is not set, no
`client` request headers are sent to the `authorization` service, except for
those provided by APISIX (X-Forwarded-XXX). |
| upstream_headers | array[string] | optional | | | `authorization` service
response header that will be sent to the `upstream`. When it is not set, will
not forward the `authorization` service response header to the `upstream`. |
@@ -70,7 +70,18 @@ $ curl -X PUT
'http://127.0.0.1:9080/apisix/admin/routes/auth' \
"serverless-pre-function": {
"phase": "rewrite",
"functions": [
- "return function (conf, ctx) local core =
require(\"apisix.core\"); local authorization = core.request.header(ctx,
\"Authorization\"); if authorization == \"123\" then core.response.exit(200);
elseif authorization == \"321\" then core.response.set_header(\"X-User-ID\",
\"i-am-user\"); core.response.exit(200); else
core.response.set_header(\"Location\", \"http://example.com/auth\";);
core.response.exit(403); end end"
+ "return function (conf, ctx)
+ local core = require(\"apisix.core\");
+ local authorization = core.request.header(ctx,
\"Authorization\");
+ if authorization == \"123\" then
+ core.response.exit(200);
+ elseif authorization == \"321\" then
+ core.response.set_header(\"X-User-ID\", \"i-am-user\");
+ core.response.exit(200);
+ else core.response.set_header(\"Location\",
\"http://example.com/auth\";);
+ core.response.exit(403);
+ end
+ end"
]
}
}
@@ -86,7 +97,7 @@ $ curl -X PUT http://127.0.0.1:9080/apisix/admin/routes/1
"uri": "/headers",
"plugins": {
"forward-auth": {
- "host": "http://127.0.0.1:9080/auth";,
+ "address": "http://127.0.0.1:9080/auth";,
"request_headers": ["Authorization"],
"upstream_headers": ["X-User-ID"],
"client_headers": ["Location"]
diff --git a/t/plugin/forward-auth.t b/t/plugin/forward-auth.t
index f379fff..187fbe2 100644
--- a/t/plugin/forward-auth.t
+++ b/t/plugin/forward-auth.t
@@ -41,10 +41,10 @@ __DATA__
location /t {
content_by_lua_block {
local test_cases = {
- {host = "http://127.0.0.1:8199"},
+ {address = "http://127.0.0.1:8199"},
{request_headers = {"test"}},
- {host = 3233},
- {host = "http://127.0.0.1:8199";, request_headers = "test"}
+ {address = 3233},
+ {address = "http://127.0.0.1:8199";, request_headers = "test"}
}
local plugin = require("apisix.plugins.forward-auth")
@@ -56,8 +56,8 @@ __DATA__
}
--- response_body
done
-property "host" is required
-property "host" validation failed: wrong type: expected string, got number
+property "address" is required
+property "address" validation failed: wrong type: expected string, got number
property "request_headers" validation failed: wrong type: expected array, got
string
@@ -137,7 +137,7 @@ property "request_headers" validation failed: wrong type:
expected array, got st
data = [[{
"plugins": {
"forward-auth": {
- "host": "http://127.0.0.1:1984/auth";,
+ "address": "http://127.0.0.1:1984/auth";,
"request_headers": ["Authorization"],
"upstream_headers": ["X-User-ID"],
"client_headers": ["Location"]
@@ -155,7 +155,7 @@ property "request_headers" validation failed: wrong type:
expected array, got st
data = [[{
"plugins": {
"forward-auth": {
- "host": "http://127.0.0.1:1984/auth";,
+ "address": "http://127.0.0.1:1984/auth";,
"request_headers": ["Authorization"]
},
"proxy-rewrite": {
