Skip to content
Snippets Groups Projects
Commit abdfe8d8 authored by Rohith's avatar Rohith
Browse files

- shifting the routing into a separate method

- adding some extra tests
parent ed113cc9
Branches
Tags
No related merge requests found
...@@ -87,7 +87,7 @@ func (r *KeycloakProxy) securityHandler() gin.HandlerFunc { ...@@ -87,7 +87,7 @@ func (r *KeycloakProxy) securityHandler() gin.HandlerFunc {
} }
// //
// entrypointHandler checks to see if the request requires authentication // entryPointHandler checks to see if the request requires authentication
// //
func (r *KeycloakProxy) entryPointHandler() gin.HandlerFunc { func (r *KeycloakProxy) entryPointHandler() gin.HandlerFunc {
return func(cx *gin.Context) { return func(cx *gin.Context) {
......
...@@ -16,18 +16,19 @@ limitations under the License. ...@@ -16,18 +16,19 @@ limitations under the License.
package main package main
import ( import (
"crypto/tls"
"crypto/x509"
"fmt" "fmt"
"io/ioutil"
"net/http" "net/http"
"net/url" "net/url"
"os" "os"
"sync" "sync"
"crypto/tls"
"crypto/x509"
log "github.com/Sirupsen/logrus"
"github.com/gambol99/go-oidc/oidc" "github.com/gambol99/go-oidc/oidc"
log "github.com/Sirupsen/logrus"
"github.com/gin-gonic/gin" "github.com/gin-gonic/gin"
"io/ioutil"
) )
// KeycloakProxy is the server component // KeycloakProxy is the server component
...@@ -96,7 +97,6 @@ func newKeycloakProxy(cfg *Config) (*KeycloakProxy, error) { ...@@ -96,7 +97,6 @@ func newKeycloakProxy(cfg *Config) (*KeycloakProxy, error) {
// step: initialize the gin router // step: initialize the gin router
router := gin.New() router := gin.New()
service.router = router service.router = router
// step: load the templates // step: load the templates
service.initializeTemplates() service.initializeTemplates()
for _, resource := range cfg.Resources { for _, resource := range cfg.Resources {
...@@ -106,25 +106,29 @@ func newKeycloakProxy(cfg *Config) (*KeycloakProxy, error) { ...@@ -106,25 +106,29 @@ func newKeycloakProxy(cfg *Config) (*KeycloakProxy, error) {
log.Infof("the token must container the claim: %s, required: %s", name, value) log.Infof("the token must container the claim: %s, required: %s", name, value)
} }
router.Use(gin.Recovery()) service.initializeRouter()
// step: are we logging the traffic?
if cfg.LogRequests { return service, nil
router.Use(service.loggingHandler())
} }
// initializeRouter sets up the gin routing
func (r KeycloakProxy) initializeRouter() {
r.router.Use(gin.Recovery())
// step: are we logging the traffic?
if r.config.LogRequests {
r.router.Use(r.loggingHandler())
}
// step: if gin release production // step: if gin release production
if os.Getenv("GIN_MODE") == "release" { if os.Getenv("GIN_MODE") == "release" {
log.Infof("enabling the security handler for release mode") log.Infof("enabling the security handler for release mode")
router.Use(service.securityHandler()) r.router.Use(r.securityHandler())
} }
// step: add the routing // step: add the routing
router.GET(authorizationURL, service.oauthAuthorizationHandler) r.router.GET(authorizationURL, r.oauthAuthorizationHandler)
router.GET(callbackURL, service.oauthCallbackHandler) r.router.GET(callbackURL, r.oauthCallbackHandler)
router.GET(healthURL, service.healthHandler) r.router.GET(healthURL, r.healthHandler)
router.Use(service.entryPointHandler(), service.authenticationHandler(), service.admissionHandler()) r.router.Use(r.entryPointHandler(), r.authenticationHandler(), r.admissionHandler())
return service, nil
} }
// initializeTemplates loads the custom template // initializeTemplates loads the custom template
...@@ -151,6 +155,8 @@ func (r *KeycloakProxy) Run() error { ...@@ -151,6 +155,8 @@ func (r *KeycloakProxy) Run() error {
// step: are we doing mutual tls? // step: are we doing mutual tls?
if r.config.TLSCaCertificate != "" { if r.config.TLSCaCertificate != "" {
log.Infof("enabling mutual tls, reading in the ca: %s", r.config.TLSCaCertificate)
caCert, err := ioutil.ReadFile(r.config.TLSCaCertificate) caCert, err := ioutil.ReadFile(r.config.TLSCaCertificate)
if err != nil { if err != nil {
return err return err
......
...@@ -50,6 +50,7 @@ func newFakeKeycloakProxyWithResources(t *testing.T, resources []*Resource) *Key ...@@ -50,6 +50,7 @@ func newFakeKeycloakProxyWithResources(t *testing.T, resources []*Resource) *Key
func newFakeKeycloakProxy(t *testing.T) *KeycloakProxy { func newFakeKeycloakProxy(t *testing.T) *KeycloakProxy {
log.SetOutput(ioutil.Discard) log.SetOutput(ioutil.Discard)
kc := &KeycloakProxy{ kc := &KeycloakProxy{
config: &Config{ config: &Config{
DiscoveryURL: "127.0.0.1:", DiscoveryURL: "127.0.0.1:",
...@@ -96,6 +97,10 @@ func newFakeKeycloakProxy(t *testing.T) *KeycloakProxy { ...@@ -96,6 +97,10 @@ func newFakeKeycloakProxy(t *testing.T) *KeycloakProxy {
}, },
proxy: new(fakeReverseProxy), proxy: new(fakeReverseProxy),
} }
kc.router = gin.New()
gin.SetMode(gin.ReleaseMode)
// step: add the gin routing
kc.initializeRouter()
return kc return kc
} }
......
...@@ -17,8 +17,11 @@ package main ...@@ -17,8 +17,11 @@ package main
import ( import (
"bytes" "bytes"
"fmt"
"io/ioutil"
"net/http" "net/http"
"net/url" "net/url"
"os"
"reflect" "reflect"
"testing" "testing"
...@@ -205,6 +208,21 @@ func TestValidateResources(t *testing.T) { ...@@ -205,6 +208,21 @@ func TestValidateResources(t *testing.T) {
} }
} }
func TestFileExists(t *testing.T) {
if fileExists("no_such_file_exsit_32323232") {
t.Errorf("we should have received false")
}
tmpfile, err := ioutil.TempFile("/tmp", fmt.Sprintf("test_file_%d", os.Getpid()))
if err != nil {
t.Fatalf("failed to create the temporary file, %s", err)
}
defer os.Remove(tmpfile.Name())
if !fileExists(tmpfile.Name()) {
t.Errorf("we should have received a true")
}
}
func TestDecodeResource(t *testing.T) { func TestDecodeResource(t *testing.T) {
testCases := []struct { testCases := []struct {
Option string Option string
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment