This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 52c8a291e fix: replace get_headers and get_uri_args with the function
in core.request (#6922)
52c8a291e is described below
commit 52c8a291efebfda1133560bf8b0ac25e533fbb94
Author: tzssangglass <[email protected]>
AuthorDate: Tue Apr 26 09:56:11 2022 +0800
fix: replace get_headers and get_uri_args with the function in core.request
(#6922)
---
apisix/plugins/authz-casbin.lua | 5 +-
apisix/plugins/hmac-auth.lua | 5 +-
apisix/plugins/jwt-auth.lua | 2 +-
t/plugin/hmac-auth3.t | 105 ++++++++++++++++++++++++++++++++++++++++
4 files changed, 110 insertions(+), 7 deletions(-)
diff --git a/apisix/plugins/authz-casbin.lua b/apisix/plugins/authz-casbin.lua
index d81d34089..0826cc8cb 100644
--- a/apisix/plugins/authz-casbin.lua
+++ b/apisix/plugins/authz-casbin.lua
@@ -18,8 +18,6 @@
local casbin = require("casbin")
local core = require("apisix.core")
local plugin = require("apisix.plugin")
-local ngx = ngx
-local get_headers = ngx.req.get_headers
local plugin_name = "authz-casbin"
@@ -117,7 +115,8 @@ function _M.rewrite(conf, ctx)
local path = ctx.var.uri
local method = ctx.var.method
- local username = get_headers()[conf.username] or "anonymous"
+ local headers = core.request.headers(ctx)
+ local username = headers[conf.username] or "anonymous"
if conf.casbin_enforcer then
if not conf.casbin_enforcer:enforce(username, path, method) then
diff --git a/apisix/plugins/hmac-auth.lua b/apisix/plugins/hmac-auth.lua
index 6195644c0..5c234937e 100644
--- a/apisix/plugins/hmac-auth.lua
+++ b/apisix/plugins/hmac-auth.lua
@@ -19,7 +19,6 @@ local type = type
local abs = math.abs
local ngx_time = ngx.time
local ngx_re = require("ngx.re")
-local ngx_req = ngx.req
local pairs = pairs
local ipairs = ipairs
local hmac_sha1 = ngx.hmac_sha1
@@ -209,8 +208,8 @@ end
local function generate_signature(ctx, secret_key, params)
local canonical_uri = ctx.var.uri
local canonical_query_string = ""
- local request_method = ngx_req.get_method()
- local args = ngx_req.get_uri_args()
+ local request_method = core.request.get_method()
+ local args = core.request.get_uri_args(ctx)
if canonical_uri == "" then
canonical_uri = "/"
diff --git a/apisix/plugins/jwt-auth.lua b/apisix/plugins/jwt-auth.lua
index cf3350b56..82c12c95b 100644
--- a/apisix/plugins/jwt-auth.lua
+++ b/apisix/plugins/jwt-auth.lua
@@ -403,7 +403,7 @@ end
local function gen_token()
- local args = ngx.req.get_uri_args()
+ local args = core.request.get_uri_args()
if not args or not args.key then
return core.response.exit(400)
end
diff --git a/t/plugin/hmac-auth3.t b/t/plugin/hmac-auth3.t
index 9157f8916..7e89b995d 100644
--- a/t/plugin/hmac-auth3.t
+++ b/t/plugin/hmac-auth3.t
@@ -577,3 +577,108 @@ passed
}
--- response_body
passed
+
+
+
+=== TEST 11: update consumer
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/consumers',
+ ngx.HTTP_PUT,
+ [[{
+ "username": "robin",
+ "plugins": {
+ "hmac-auth": {
+ "access_key": "my-access-key",
+ "secret_key": "my-secret-key",
+ "clock_skew": 10
+ }
+ }
+ }]]
+ )
+ if code >= 300 then
+ ngx.status = code
+ end
+ ngx.say(body)
+ }
+ }
+--- response_body
+passed
+
+
+
+=== TEST 12: verify that uri args are greater than 100 is ok
+--- config
+location /t {
+ content_by_lua_block {
+ local ngx_time = ngx.time
+ local ngx_http_time = ngx.http_time
+ local core = require("apisix.core")
+ local t = require("lib.test_admin")
+ local hmac = require("resty.hmac")
+ local ngx_encode_base64 = ngx.encode_base64
+
+ local secret_key = "my-secret-key"
+ local timestamp = ngx_time()
+ local gmt = ngx_http_time(timestamp)
+ local access_key = "my-access-key"
+ local custom_header_a = "asld$%dfasf"
+ local custom_header_b = "23879fmsldfk"
+
+ local uri_args = {}
+ for i = 1, 101 do
+ uri_args["arg_" .. tostring(i)] = "val_" .. tostring(i)
+ end
+ local keys = {}
+ local query_tab = {}
+
+ for k, v in pairs(uri_args) do
+ core.table.insert(keys, k)
+ end
+ core.table.sort(keys)
+
+ local args_str = ""
+ for _, key in pairs(keys) do
+ args_str = args_str .. key .. "=" .. uri_args[key] .. "&"
+ end
+ -- remove the last '&'
+ args_str = args_str:sub(1, -2)
+
+ local signing_string = {
+ "GET",
+ "/hello",
+ args_str,
+ access_key,
+ gmt,
+ "x-custom-header-a:" .. custom_header_a,
+ "x-custom-header-b:" .. custom_header_b
+ }
+ signing_string = core.table.concat(signing_string, "\n") .. "\n"
+ core.log.info("signing_string:", signing_string)
+
+ local signature = hmac:new(secret_key,
hmac.ALGOS.SHA256):final(signing_string)
+ core.log.info("signature:", ngx_encode_base64(signature))
+ local headers = {}
+ headers["X-HMAC-SIGNATURE"] = ngx_encode_base64(signature)
+ headers["X-HMAC-ALGORITHM"] = "hmac-sha256"
+ headers["Date"] = gmt
+ headers["X-HMAC-ACCESS-KEY"] = access_key
+ headers["X-HMAC-SIGNED-HEADERS"] =
"x-custom-header-a;x-custom-header-b"
+ headers["x-custom-header-a"] = custom_header_a
+ headers["x-custom-header-b"] = custom_header_b
+
+ local code, body = t.test('/hello' .. '?' .. args_str,
+ ngx.HTTP_GET,
+ "",
+ nil,
+ headers
+ )
+
+ ngx.status = code
+ ngx.say(body)
+ }
+}
+--- response_body
+passed
