|
| 1 | +# |
| 2 | +# Licensed to the Apache Software Foundation (ASF) under one or more |
| 3 | +# contributor license agreements. See the NOTICE file distributed with |
| 4 | +# this work for additional information regarding copyright ownership. |
| 5 | +# The ASF licenses this file to You under the Apache License, Version 2.0 |
| 6 | +# (the "License"); you may not use this file except in compliance with |
| 7 | +# the License. You may obtain a copy of the License at |
| 8 | +# |
| 9 | +# http://www.apache.org/licenses/LICENSE-2.0 |
| 10 | +# |
| 11 | +# Unless required by applicable law or agreed to in writing, software |
| 12 | +# distributed under the License is distributed on an "AS IS" BASIS, |
| 13 | +# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. |
| 14 | +# See the License for the specific language governing permissions and |
| 15 | +# limitations under the License. |
| 16 | +# |
| 17 | +use t::APISIX 'no_plan'; |
| 18 | + |
| 19 | +repeat_each(1); |
| 20 | +no_long_string(); |
| 21 | +no_root_location(); |
| 22 | + |
| 23 | +add_block_preprocessor(sub { |
| 24 | + my ($block) = @_; |
| 25 | + |
| 26 | + if (!defined $block->request) { |
| 27 | + $block->set_value("request", "GET /t"); |
| 28 | + } |
| 29 | +}); |
| 30 | + |
| 31 | +run_tests(); |
| 32 | + |
| 33 | +__DATA__ |
| 34 | +
|
| 35 | +=== TEST 1: setup route with plugin |
| 36 | +--- config |
| 37 | + location /t { |
| 38 | + content_by_lua_block { |
| 39 | + local data = { |
| 40 | + { |
| 41 | + url = "/apisix/admin/upstreams/u1", |
| 42 | + data = [[{ |
| 43 | + "nodes": { |
| 44 | + "127.0.0.1:1984": 1 |
| 45 | + }, |
| 46 | + "type": "roundrobin" |
| 47 | + }]], |
| 48 | + }, |
| 49 | + { |
| 50 | + url = "/apisix/admin/routes/auth", |
| 51 | + data = { |
| 52 | + plugins = { |
| 53 | + ["serverless-pre-function"] = { |
| 54 | + phase = "rewrite", |
| 55 | + functions = { |
| 56 | + [[return function(conf, ctx) |
| 57 | + local core = require("apisix.core"); |
| 58 | + local token = "token-headers-test"; |
| 59 | + if core.request.header(ctx, "Authorization") == token then |
| 60 | + if core.request.get_method() == "POST" then |
| 61 | + if core.request.header(ctx, "Content-Length") or |
| 62 | + core.request.header(ctx, "Transfer-Encoding") or |
| 63 | + core.request.header(ctx, "Content-Encoding") then |
| 64 | + core.response.exit(200) |
| 65 | + else |
| 66 | + core.response.exit(403) |
| 67 | + end |
| 68 | + else |
| 69 | + if core.request.header(ctx, "Content-Length") or |
| 70 | + core.request.header(ctx, "Transfer-Encoding") or |
| 71 | + core.request.header(ctx, "Content-Encoding") then |
| 72 | + core.response.exit(403) |
| 73 | + else |
| 74 | + core.response.exit(200) |
| 75 | + end |
| 76 | + end |
| 77 | + end |
| 78 | + end]] |
| 79 | + } |
| 80 | + } |
| 81 | + }, |
| 82 | + uri = "/auth" |
| 83 | + }, |
| 84 | + }, |
| 85 | + { |
| 86 | + url = "/apisix/admin/routes/echo", |
| 87 | + data = [[{ |
| 88 | + "plugins": { |
| 89 | + "serverless-pre-function": { |
| 90 | + "phase": "rewrite", |
| 91 | + "functions": [ |
| 92 | + "return function (conf, ctx) |
| 93 | + local core = require(\"apisix.core\"); |
| 94 | + core.response.exit(200, core.request.headers(ctx)); |
| 95 | + end" |
| 96 | + ] |
| 97 | + } |
| 98 | + }, |
| 99 | + "uri": "/echo" |
| 100 | + }]], |
| 101 | + }, |
| 102 | + { |
| 103 | + url = "/apisix/admin/routes/1", |
| 104 | + data = [[{ |
| 105 | + "plugins": { |
| 106 | + "forward-auth": { |
| 107 | + "uri": "http://127.0.0.1:1984/auth", |
| 108 | + "request_headers": ["Authorization"], |
| 109 | + "request_method": "POST" |
| 110 | + }, |
| 111 | + "proxy-rewrite": { |
| 112 | + "uri": "/echo" |
| 113 | + } |
| 114 | + }, |
| 115 | + "upstream_id": "u1", |
| 116 | + "uri": "/verify-auth-post" |
| 117 | + }]], |
| 118 | + }, |
| 119 | + { |
| 120 | + url = "/apisix/admin/routes/2", |
| 121 | + data = [[{ |
| 122 | + "plugins": { |
| 123 | + "forward-auth": { |
| 124 | + "uri": "http://127.0.0.1:1984/auth", |
| 125 | + "request_headers": ["Authorization"], |
| 126 | + "request_method": "GET" |
| 127 | + }, |
| 128 | + "proxy-rewrite": { |
| 129 | + "uri": "/echo" |
| 130 | + } |
| 131 | + }, |
| 132 | + "upstream_id": "u1", |
| 133 | + "uri": "/verify-auth-get" |
| 134 | + }]], |
| 135 | + } |
| 136 | + } |
| 137 | +
|
| 138 | + local t = require("lib.test_admin").test |
| 139 | +
|
| 140 | + for _, data in ipairs(data) do |
| 141 | + local code, body = t(data.url, ngx.HTTP_PUT, data.data) |
| 142 | + ngx.say(body) |
| 143 | + end |
| 144 | + } |
| 145 | + } |
| 146 | +--- response_body eval |
| 147 | +"passed\n" x 5 |
| 148 | +
|
| 149 | +
|
| 150 | +
|
| 151 | +=== TEST 2: verify auth server forward headers for request_method=GET |
| 152 | +--- request |
| 153 | +GET /verify-auth-get |
| 154 | +--- more_headers |
| 155 | +Authorization: token-headers-test |
| 156 | +--- error_code: 200 |
| 157 | +
|
| 158 | +
|
| 159 | +
|
| 160 | +=== TEST 3: verify auth server forward headers for request_method=POST for GET upstream |
| 161 | +--- request |
| 162 | +GET /verify-auth-post |
| 163 | +--- more_headers |
| 164 | +Authorization: token-headers-test |
| 165 | +--- error_code: 200 |
| 166 | +
|
| 167 | +
|
| 168 | +
|
| 169 | +=== TEST 4: verify auth server forward headers for request_method=POST |
| 170 | +--- request |
| 171 | +POST /verify-auth-post |
| 172 | +{"authorization": "token-headers-test"} |
| 173 | +--- more_headers |
| 174 | +Authorization: token-headers-test |
| 175 | +--- error_code: 200 |
| 176 | +
|
| 177 | +
|
| 178 | +
|
| 179 | +=== TEST 5: verify auth server forward headers for request_method=GET for POST upstream |
| 180 | +--- request |
| 181 | +POST /verify-auth-get |
| 182 | +{"authorization": "token-headers-test"} |
| 183 | +--- more_headers |
| 184 | +Authorization: token-headers-test |
| 185 | +--- error_code: 200 |
0 commit comments