mirror of
https://github.com/openfaas/faas.git
synced 2025-06-14 19:26:48 +00:00
Updated basic auth plugin faas provider
Signed-off-by: Karthick Prabu <karthikprabu.cs@gmail.com>
This commit is contained in:
Karthick Prabu
Alex Ellis
parent
4ac782e5a4
commit
1c9e122370
6
auth/basic-auth/Gopkg.lock
generated
6
auth/basic-auth/Gopkg.lock
generated
@ -2,12 +2,12 @@
|
|||||||
|
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
digest = "1:57ef1eb08e128d58c028f402b2030582907c49efc461f4764cf5c9161a4af2c0"
|
digest = "1:1fa5fe80531abdddbdf5d3c467144cf66e29dd939878c6b53f4c67d2bf1970be"
|
||||||
name = "github.com/openfaas/faas-provider"
|
name = "github.com/openfaas/faas-provider"
|
||||||
packages = ["auth"]
|
packages = ["auth"]
|
||||||
pruneopts = "UT"
|
pruneopts = "UT"
|
||||||
revision = "376c26ef02007abb7cadbd550bb75df166764473"
|
revision = "8699aa7d3999c17851f88640c0dd2291daafd45e"
|
||||||
version = "0.9.1"
|
version = "0.13.0"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
digest = "1:cf31692c14422fa27c83a05292eb5cbe0fb2775972e8f1f8446a71549bd8980b"
|
digest = "1:cf31692c14422fa27c83a05292eb5cbe0fb2775972e8f1f8446a71549bd8980b"
|
||||||
|
|||||||
@ -1,6 +1,6 @@
|
|||||||
[[constraint]]
|
[[constraint]]
|
||||||
name = "github.com/openfaas/faas-provider"
|
name = "github.com/openfaas/faas-provider"
|
||||||
version = "0.9.1"
|
version = "0.13.0"
|
||||||
|
|
||||||
[prune]
|
[prune]
|
||||||
go-tests = true
|
go-tests = true
|
||||||
|
|||||||
8
auth/basic-auth/vendor/github.com/openfaas/faas-provider/auth/basic_auth.go
generated
vendored
8
auth/basic-auth/vendor/github.com/openfaas/faas-provider/auth/basic_auth.go
generated
vendored
@ -4,6 +4,7 @@
|
|||||||
package auth
|
package auth
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/subtle"
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -12,10 +13,13 @@ func DecorateWithBasicAuth(next http.HandlerFunc, credentials *BasicAuthCredenti
|
|||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
user, password, ok := r.BasicAuth()
|
user, password, ok := r.BasicAuth()
|
||||||
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
|
|
||||||
|
|
||||||
if !ok || !(credentials.Password == password && user == credentials.User) {
|
const noMatch = 0
|
||||||
|
if !ok ||
|
||||||
|
user != credentials.User ||
|
||||||
|
subtle.ConstantTimeCompare([]byte(credentials.Password), []byte(password)) == noMatch {
|
||||||
|
|
||||||
|
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
w.Write([]byte("invalid credentials"))
|
w.Write([]byte("invalid credentials"))
|
||||||
return
|
return
|
||||||
|
|||||||
2
auth/basic-auth/vendor/github.com/openfaas/faas-provider/auth/credentials.go
generated
vendored
2
auth/basic-auth/vendor/github.com/openfaas/faas-provider/auth/credentials.go
generated
vendored
@ -17,7 +17,7 @@ type BasicAuthCredentials struct {
|
|||||||
}
|
}
|
||||||
|
|
||||||
type ReadBasicAuth interface {
|
type ReadBasicAuth interface {
|
||||||
Read() (error, *BasicAuthCredentials)
|
Read() (*BasicAuthCredentials, error)
|
||||||
}
|
}
|
||||||
|
|
||||||
type ReadBasicAuthFromDisk struct {
|
type ReadBasicAuthFromDisk struct {
|
||||||
|
|||||||
27
gateway/Gopkg.lock
generated
27
gateway/Gopkg.lock
generated
@ -93,23 +93,32 @@
|
|||||||
version = "v1.0.1"
|
version = "v1.0.1"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
digest = "1:340f4e2e095ead4e0a15b4646da3e4533f8b6520e3a382eaf586e8166f3bbcb5"
|
digest = "1:7185714c9e0d3e7f49516df22328ab92e56d3397499d8c77be7f65856599a939"
|
||||||
name = "github.com/openfaas/faas"
|
name = "github.com/openfaas/faas"
|
||||||
packages = ["gateway/queue"]
|
packages = [
|
||||||
|
"gateway/handlers",
|
||||||
|
"gateway/metrics",
|
||||||
|
"gateway/plugin",
|
||||||
|
"gateway/queue",
|
||||||
|
"gateway/requests",
|
||||||
|
"gateway/scaling",
|
||||||
|
"gateway/types",
|
||||||
|
"gateway/version",
|
||||||
|
]
|
||||||
pruneopts = "UT"
|
pruneopts = "UT"
|
||||||
revision = "bfa869ec8c0c04c26c5b0ed434bc367e712dcaef"
|
revision = "bfa869ec8c0c04c26c5b0ed434bc367e712dcaef"
|
||||||
version = "0.10.2"
|
version = "0.10.2"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
digest = "1:4a97aa8ada0b2f865ca69a3a3bc0a2524c24f31c578c995d5c52cecb6913a9dc"
|
digest = "1:63153ec3ac1c4e93e615b6f5b271a35ad8ced327eba70530903edac0b1f3e652"
|
||||||
name = "github.com/openfaas/faas-provider"
|
name = "github.com/openfaas/faas-provider"
|
||||||
packages = [
|
packages = [
|
||||||
"auth",
|
"auth",
|
||||||
"types",
|
"types",
|
||||||
]
|
]
|
||||||
pruneopts = "UT"
|
pruneopts = "UT"
|
||||||
revision = "478f741b64cbcfaaee852156b060514be56623b3"
|
revision = "8699aa7d3999c17851f88640c0dd2291daafd45e"
|
||||||
version = "0.12.0"
|
version = "0.13.0"
|
||||||
|
|
||||||
[[projects]]
|
[[projects]]
|
||||||
digest = "1:f7b0087a32b4f017ce89562494ae510f21e7d22e70cc1911640a32ebe583e92e"
|
digest = "1:f7b0087a32b4f017ce89562494ae510f21e7d22e70cc1911640a32ebe583e92e"
|
||||||
@ -204,6 +213,14 @@
|
|||||||
"github.com/gorilla/mux",
|
"github.com/gorilla/mux",
|
||||||
"github.com/openfaas/faas-provider/auth",
|
"github.com/openfaas/faas-provider/auth",
|
||||||
"github.com/openfaas/faas-provider/types",
|
"github.com/openfaas/faas-provider/types",
|
||||||
|
"github.com/openfaas/faas/gateway/handlers",
|
||||||
|
"github.com/openfaas/faas/gateway/metrics",
|
||||||
|
"github.com/openfaas/faas/gateway/plugin",
|
||||||
|
"github.com/openfaas/faas/gateway/queue",
|
||||||
|
"github.com/openfaas/faas/gateway/requests",
|
||||||
|
"github.com/openfaas/faas/gateway/scaling",
|
||||||
|
"github.com/openfaas/faas/gateway/types",
|
||||||
|
"github.com/openfaas/faas/gateway/version",
|
||||||
"github.com/openfaas/nats-queue-worker/handler",
|
"github.com/openfaas/nats-queue-worker/handler",
|
||||||
"github.com/prometheus/client_golang/prometheus",
|
"github.com/prometheus/client_golang/prometheus",
|
||||||
"github.com/prometheus/client_golang/prometheus/promhttp",
|
"github.com/prometheus/client_golang/prometheus/promhttp",
|
||||||
|
|||||||
@ -8,7 +8,7 @@
|
|||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
name = "github.com/openfaas/faas-provider"
|
name = "github.com/openfaas/faas-provider"
|
||||||
version = "0.12.0"
|
version = "0.13.0"
|
||||||
|
|
||||||
[[constraint]]
|
[[constraint]]
|
||||||
name = "github.com/openfaas/nats-queue-worker"
|
name = "github.com/openfaas/nats-queue-worker"
|
||||||
|
|||||||
8
gateway/vendor/github.com/openfaas/faas-provider/auth/basic_auth.go
generated
vendored
8
gateway/vendor/github.com/openfaas/faas-provider/auth/basic_auth.go
generated
vendored
@ -4,6 +4,7 @@
|
|||||||
package auth
|
package auth
|
||||||
|
|
||||||
import (
|
import (
|
||||||
|
"crypto/subtle"
|
||||||
"net/http"
|
"net/http"
|
||||||
)
|
)
|
||||||
|
|
||||||
@ -12,10 +13,13 @@ func DecorateWithBasicAuth(next http.HandlerFunc, credentials *BasicAuthCredenti
|
|||||||
return func(w http.ResponseWriter, r *http.Request) {
|
return func(w http.ResponseWriter, r *http.Request) {
|
||||||
|
|
||||||
user, password, ok := r.BasicAuth()
|
user, password, ok := r.BasicAuth()
|
||||||
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
|
|
||||||
|
|
||||||
if !ok || !(credentials.Password == password && user == credentials.User) {
|
const noMatch = 0
|
||||||
|
if !ok ||
|
||||||
|
user != credentials.User ||
|
||||||
|
subtle.ConstantTimeCompare([]byte(credentials.Password), []byte(password)) == noMatch {
|
||||||
|
|
||||||
|
w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
|
||||||
w.WriteHeader(http.StatusUnauthorized)
|
w.WriteHeader(http.StatusUnauthorized)
|
||||||
w.Write([]byte("invalid credentials"))
|
w.Write([]byte("invalid credentials"))
|
||||||
return
|
return
|
||||||
|
|||||||
Loading…
x
Reference in New Issue
Block a user