faas-rs/faas
1
0
Fork 0
mirror of https://github.com/openfaas/faas.git synced 2025-06-12 10:16:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add explicit deadline for auth request

Browse Source 
An explicit timeout is passed to the handler and a new unit test
proves that the functionality is in place. A additional return
statement was needed in the handler as pointed out by
@stefanprodan.

Signed-off-by: Alex Ellis <alexellis2@gmail.com>
This commit is contained in:
Alex Ellis 2019-06-05 13:08:55 +01:00
parent a66097a9f9
commit 35508ac70b
2 changed files with 59 additions and 16 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

36
gateway/handlers/external_auth.go
View File

@ -1 +1,37 @@
package handlers package handlers
import (
"context"
"net/http"
"time"
)
// MakeExternalAuthHandler make an authentication proxy handler
func MakeExternalAuthHandler(next http.HandlerFunc, upstreamTimeout time.Duration, upstreamURL string, passBody bool) http.HandlerFunc {
return func(w http.ResponseWriter, r *http.Request) {
req, _ := http.NewRequest(http.MethodGet, upstreamURL, nil)
deadlineContext, cancel := context.WithDeadline(
context.Background(),
time.Now().Add(upstreamTimeout))
defer cancel()
res, err := http.DefaultClient.Do(req.WithContext(deadlineContext))
if err != nil {
w.WriteHeader(http.StatusInternalServerError)
return
}
if res.Body != nil {
defer res.Body.Close()
}
if res.StatusCode == http.StatusOK {
next.ServeHTTP(w, r)
return
}
w.WriteHeader(res.StatusCode)
}
}

39
gateway/handlers/external_auth_test.go
View File

@ -4,6 +4,7 @@ import (
"net/http" "net/http"
"net/http/httptest" "net/http/httptest"
"testing" "testing"
"time"
) )
func Test_External_Auth_Wrapper_FailsInvalidAuth(t *testing.T) { func Test_External_Auth_Wrapper_FailsInvalidAuth(t *testing.T) {
@ -18,7 +19,7 @@ func Test_External_Auth_Wrapper_FailsInvalidAuth(t *testing.T) {
} }
passBody := false passBody := false
handler := MakeExternalAuthHandler(next, s.URL, passBody) handler := MakeExternalAuthHandler(next, time.Second*5, s.URL, passBody)
req := httptest.NewRequest(http.MethodGet, s.URL, nil) req := httptest.NewRequest(http.MethodGet, s.URL, nil)
rr := httptest.NewRecorder() rr := httptest.NewRecorder()
@ -41,7 +42,7 @@ func Test_External_Auth_Wrapper_PassesValidAuth(t *testing.T) {
} }
passBody := false passBody := false
handler := MakeExternalAuthHandler(next, s.URL, passBody) handler := MakeExternalAuthHandler(next, time.Second*5, s.URL, passBody)
req := httptest.NewRequest(http.MethodGet, s.URL, nil) req := httptest.NewRequest(http.MethodGet, s.URL, nil)
rr := httptest.NewRecorder() rr := httptest.NewRecorder()
@ -52,21 +53,27 @@ func Test_External_Auth_Wrapper_PassesValidAuth(t *testing.T) {
} }
} }
func MakeExternalAuthHandler(next http.HandlerFunc, upstreamURL string, passBody bool) http.HandlerFunc { func Test_External_Auth_Wrapper_TimeoutGivesInternalServerError(t *testing.T) {
return func(w http.ResponseWriter, r *http.Request) {
req, _ := http.NewRequest(http.MethodGet, upstreamURL, nil)
res, err := http.DefaultClient.Do(req) s := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
if err != nil { time.Sleep(50 * time.Millisecond)
w.WriteHeader(http.StatusInternalServerError) w.WriteHeader(http.StatusOK)
} }))
if res.Body != nil { defer s.Close()
defer res.Body.Close()
}
if res.StatusCode == http.StatusOK { next := func(w http.ResponseWriter, r *http.Request) {
next.ServeHTTP(w, r) w.WriteHeader(http.StatusNotImplemented)
} }
w.WriteHeader(res.StatusCode)
passBody := false
handler := MakeExternalAuthHandler(next, time.Millisecond*10, s.URL, passBody)
req := httptest.NewRequest(http.MethodGet, s.URL, nil)
rr := httptest.NewRecorder()
handler(rr, req)
want := http.StatusInternalServerError
if rr.Code != want {
t.Errorf("Status incorrect, want: %d, but got %d", want, rr.Code)
} }
} }