Add explicit deadline for auth request

An explicit timeout is passed to the handler and a new unit test
proves that the functionality is in place. A additional return
statement was needed in the handler as pointed out by
@stefanprodan.

Signed-off-by: Alex Ellis <alexellis2@gmail.com>
This commit is contained in:
Alex Ellis 2019-06-05 13:08:55 +01:00
parent a66097a9f9
commit 35508ac70b
2 changed files with 59 additions and 16 deletions

View File

@ -1 +1,37 @@
package handlers
import (
"context"
"net/http"
"time"
)
// MakeExternalAuthHandler make an authentication proxy handler
func MakeExternalAuthHandler(next http.HandlerFunc, upstreamTimeout time.Duration, upstreamURL string, passBody bool) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
req, _ := http.NewRequest(http.MethodGet, upstreamURL, nil)
deadlineContext, cancel := context.WithDeadline(
context.Background(),
time.Now().Add(upstreamTimeout))
defer cancel()
res, err := http.DefaultClient.Do(req.WithContext(deadlineContext))
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
if res.Body != nil {
defer res.Body.Close()
}
if res.StatusCode == http.StatusOK {
next.ServeHTTP(w, r)
return
}
w.WriteHeader(res.StatusCode)
}
}

View File

@ -4,6 +4,7 @@ import (
"net/http"
"net/http/httptest"
"testing"
"time"
)
func Test_External_Auth_Wrapper_FailsInvalidAuth(t *testing.T) {
@ -18,7 +19,7 @@ func Test_External_Auth_Wrapper_FailsInvalidAuth(t *testing.T) {
}
passBody := false
handler := MakeExternalAuthHandler(next, s.URL, passBody)
handler := MakeExternalAuthHandler(next, time.Second*5, s.URL, passBody)
req := httptest.NewRequest(http.MethodGet, s.URL, nil)
rr := httptest.NewRecorder()
@ -41,7 +42,7 @@ func Test_External_Auth_Wrapper_PassesValidAuth(t *testing.T) {
}
passBody := false
handler := MakeExternalAuthHandler(next, s.URL, passBody)
handler := MakeExternalAuthHandler(next, time.Second*5, s.URL, passBody)
req := httptest.NewRequest(http.MethodGet, s.URL, nil)
rr := httptest.NewRecorder()
@ -52,21 +53,27 @@ func Test_External_Auth_Wrapper_PassesValidAuth(t *testing.T) {
}
}
func MakeExternalAuthHandler(next http.HandlerFunc, upstreamURL string, passBody bool) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
req, _ := http.NewRequest(http.MethodGet, upstreamURL, nil)
func Test_External_Auth_Wrapper_TimeoutGivesInternalServerError(t *testing.T) {
res, err := http.DefaultClient.Do(req)
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
}
if res.Body != nil {
defer res.Body.Close()
}
s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
time.Sleep(50 * time.Millisecond)
w.WriteHeader(http.StatusOK)
}))
defer s.Close()
if res.StatusCode == http.StatusOK {
next.ServeHTTP(w, r)
}
w.WriteHeader(res.StatusCode)
next := func(w http.ResponseWriter, r *http.Request) {
w.WriteHeader(http.StatusNotImplemented)
}
passBody := false
handler := MakeExternalAuthHandler(next, time.Millisecond*10, s.URL, passBody)
req := httptest.NewRequest(http.MethodGet, s.URL, nil)
rr := httptest.NewRecorder()
handler(rr, req)
want := http.StatusInternalServerError
if rr.Code != want {
t.Errorf("Status incorrect, want: %d, but got %d", want, rr.Code)
}
}