Move to auth package in faas-provider

The basic-auth middleware and credentials-loading code has been
moved into the faas-provider project. This has now been brought
back into the faas project via vendoring.

Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>

gateway/Gopkg.lock

@@ -72,6 +72,15 @@
   revision = "289cccf02c178dc782430d534e3c1f5b72af807f"
   version = "v1.0.0"
 
+[[projects]]
+  name = "github.com/openfaas/faas-provider"
+  packages = [
+    ".",
+    "types"
+  ]
+  revision = "9ce928bc82cbb2642e6d534f93a7904116179e6c"
+  version = "0.7.0"
+
 [[projects]]
   name = "github.com/openfaas/nats-queue-worker"
   packages = ["handler"]
@@ -112,6 +121,6 @@
 [solve-meta]
   analyzer-name = "dep"
   analyzer-version = 1
-  inputs-digest = "f6e74bc55788e9ad6ea33f02d2be398013705f4606c29bbead71ac41a3c19514"
+  inputs-digest = "28590014be90eceddef008d7ef4843165d708e8358c428ad907c50e363af424f"
   solver-name = "gps-cdcl"
   solver-version = 1

gateway/Gopkg.toml

@@ -25,3 +25,7 @@ ignored = ["github.com/openfaas/faas/gateway/queue"]
   name = "golang.org/x/net"
 
 
+
+[[constraint]]
+  name = "github.com/openfaas/faas-provider"
+  version = "0.7.0"

gateway/server.go

@@ -12,6 +12,7 @@ import (
 	"github.com/gorilla/mux"
 	"github.com/openfaas/faas/gateway/handlers"
 
+	"github.com/openfaas/faas-provider/auth"
 	"github.com/openfaas/faas/gateway/metrics"
 	"github.com/openfaas/faas/gateway/plugin"
 	"github.com/openfaas/faas/gateway/types"
@@ -33,11 +34,11 @@ func main() {
 
 	log.Printf("Binding to external function provider: %s", config.FunctionsProviderURL)
 
-	var credentials *types.BasicAuthCredentials
+	var credentials *auth.BasicAuthCredentials
 
 	if config.UseBasicAuth {
 		var readErr error
-		reader := types.ReadBasicAuthFromDisk{
+		reader := auth.ReadBasicAuthFromDisk{
 			SecretMountPath: config.SecretMountPath,
 		}
 		credentials, readErr = reader.Read()
@@ -109,17 +110,17 @@ func main() {
 
 	if credentials != nil {
 		faasHandlers.UpdateFunction =
-			handlers.DecorateWithBasicAuth(faasHandlers.UpdateFunction, credentials)
+			auth.DecorateWithBasicAuth(faasHandlers.UpdateFunction, credentials)
 		faasHandlers.DeleteFunction =
-			handlers.DecorateWithBasicAuth(faasHandlers.DeleteFunction, credentials)
+			auth.DecorateWithBasicAuth(faasHandlers.DeleteFunction, credentials)
 		faasHandlers.DeployFunction =
-			handlers.DecorateWithBasicAuth(faasHandlers.DeployFunction, credentials)
+			auth.DecorateWithBasicAuth(faasHandlers.DeployFunction, credentials)
 		faasHandlers.ListFunctions =
-			handlers.DecorateWithBasicAuth(faasHandlers.ListFunctions, credentials)
+			auth.DecorateWithBasicAuth(faasHandlers.ListFunctions, credentials)
 		faasHandlers.ScaleFunction =
-			handlers.DecorateWithBasicAuth(faasHandlers.ScaleFunction, credentials)
-		faasHandlers.QueryFunction = handlers.DecorateWithBasicAuth(faasHandlers.QueryFunction, credentials)
-		faasHandlers.InfoHandler = handlers.DecorateWithBasicAuth(faasHandlers.InfoHandler, credentials)
+			auth.DecorateWithBasicAuth(faasHandlers.ScaleFunction, credentials)
+		faasHandlers.QueryFunction = auth.DecorateWithBasicAuth(faasHandlers.QueryFunction, credentials)
+		faasHandlers.InfoHandler = auth.DecorateWithBasicAuth(faasHandlers.InfoHandler, credentials)
 	}
 
 	r := mux.NewRouter()
@@ -168,7 +169,7 @@ func main() {
 
 	uiHandler := http.StripPrefix("/ui", fsCORS)
 	if credentials != nil {
-		r.PathPrefix("/ui/").Handler(handlers.DecorateWithBasicAuth(uiHandler.ServeHTTP, credentials)).Methods(http.MethodGet)
+		r.PathPrefix("/ui/").Handler(auth.DecorateWithBasicAuth(uiHandler.ServeHTTP, credentials)).Methods(http.MethodGet)
 	} else {
 		r.PathPrefix("/ui/").Handler(uiHandler).Methods(http.MethodGet)
 	}

gateway/vendor/github.com/openfaas/faas-provider/.gitignore

@@ -0,0 +1,16 @@
+# Binaries for programs and plugins
+*.exe
+*.dll
+*.so
+*.dylib
+
+# Test binary, build with `go test -c`
+*.test
+
+# Output of the go coverage tool, specifically when used with LiteIDE
+*.out
+
+# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
+.glide/
+
+faas-backend

gateway/vendor/github.com/openfaas/faas-provider/Dockerfile

@@ -0,0 +1,25 @@
+FROM golang:1.9.7-alpine
+
+RUN mkdir -p /go/src/github.com/openfaas/faas-provider/
+
+WORKDIR /go/src/github.com/openfaas/faas-provider
+
+COPY vendor     vendor
+COPY types      types
+COPY auth       auth
+COPY serve.go   .
+
+RUN go test ./auth/ -v \
+    && CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o faas-provider .
+
+FROM alpine:3.7
+RUN apk --no-cache add ca-certificates
+WORKDIR /root/
+
+EXPOSE 8080
+ENV http_proxy      ""
+ENV https_proxy     ""
+
+COPY --from=0 /go/src/github.com/openfaas/faas-provider/faas-provider    .
+
+CMD ["./faas-provider]

gateway/vendor/github.com/openfaas/faas-provider/Gopkg.lock

@@ -0,0 +1,21 @@
+# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
+
+
+[[projects]]
+  name = "github.com/gorilla/context"
+  packages = ["."]
+  revision = "1ea25387ff6f684839d82767c1733ff4d4d15d0a"
+  version = "v1.1"
+
+[[projects]]
+  name = "github.com/gorilla/mux"
+  packages = ["."]
+  revision = "7f08801859139f86dfafd1c296e2cba9a80d292e"
+  version = "v1.6.0"
+
+[solve-meta]
+  analyzer-name = "dep"
+  analyzer-version = 1
+  inputs-digest = "22efb1c7d9d2403520db6d9a878b2f1e52741e51425cbda743cfd25f00c84a9b"
+  solver-name = "gps-cdcl"
+  solver-version = 1

gateway/vendor/github.com/openfaas/faas-provider/Gopkg.toml

@@ -0,0 +1,7 @@
+[prune]
+  go-tests = true
+  unused-packages = true
+
+[[constraint]]
+  name = "github.com/gorilla/mux"
+  version = "1.6.0"

gateway/vendor/github.com/openfaas/faas-provider/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2017 Alex Ellis
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

gateway/vendor/github.com/openfaas/faas-provider/Makefile

@@ -0,0 +1,2 @@
+build:
+	docker build -t faas-provider .

gateway/vendor/github.com/openfaas/faas-provider/README.md

@@ -0,0 +1,39 @@
+faas-provider
+==============
+
+This is a common template or interface for you to start building your own OpenFaaS backend.
+
+Checkout the [backends guide here](https://github.com/openfaas/faas/blob/master/guide/backends.md) before starting.
+
+OpenFaaS projects use the MIT License and are written in Golang. We encourage the same for external / third-party providers.
+
+### How to use this code
+
+We will setup all the standard HTTP routes for you, then start listening on a given TCP port - it should be 8080.
+
+Just implement the supplied routes.
+
+For an example checkout the [server.go](https://github.com/openfaas/faas-netes/blob/master/server.go) file in the [faas-netes](https://github.com/openfaas/faas-netes) Kubernetes backend.
+
+I.e.:
+
+```golang
+	bootstrapHandlers := bootTypes.FaaSHandlers{
+		FunctionProxy:  handlers.MakeProxy(),
+		DeleteHandler:  handlers.MakeDeleteHandler(clientset),
+		DeployHandler:  handlers.MakeDeployHandler(clientset),
+		FunctionReader: handlers.MakeFunctionReader(clientset),
+		ReplicaReader:  handlers.MakeReplicaReader(clientset),
+		ReplicaUpdater: handlers.MakeReplicaUpdater(clientset),
+		InfoHandler:    handlers.MakeInfoHandler(),
+	}
+	var port int
+	port = 8080
+	bootstrapConfig := bootTypes.FaaSConfig{
+		ReadTimeout:  time.Second * 8,
+		WriteTimeout: time.Second * 8,
+		TCPPort:      &port,
+	}
+
+	bootstrap.Serve(&bootstrapHandlers, &bootstrapConfig)
+```

gateway/vendor/github.com/openfaas/faas-provider/auth/basic_auth.go

@@ -1,16 +1,14 @@
 // Copyright (c) OpenFaaS Author(s). All rights reserved.
 // Licensed under the MIT license. See LICENSE file in the project root for full license information.
 
-package handlers
+package auth
 
 import (
 	"net/http"
-
-	"github.com/openfaas/faas/gateway/types"
 )
 
 // DecorateWithBasicAuth enforces basic auth as a middleware with given credentials
-func DecorateWithBasicAuth(next http.HandlerFunc, credentials *types.BasicAuthCredentials) http.HandlerFunc {
+func DecorateWithBasicAuth(next http.HandlerFunc, credentials *BasicAuthCredentials) http.HandlerFunc {
 	return func(w http.ResponseWriter, r *http.Request) {
 
 		user, password, ok := r.BasicAuth()

gateway/vendor/github.com/openfaas/faas-provider/auth/basic_auth_test.go

@@ -1,15 +1,13 @@
 // Copyright (c) OpenFaaS Author(s). All rights reserved.
 // Licensed under the MIT license. See LICENSE file in the project root for full license information.
 
-package handlers
+package auth
 
 import (
 	"io"
 	"net/http"
 	"net/http/httptest"
 	"testing"
-
-	"github.com/openfaas/faas/gateway/types"
 )
 
 func Test_AuthWithValidPassword_Gives200(t *testing.T) {
@@ -23,7 +21,7 @@ func Test_AuthWithValidPassword_Gives200(t *testing.T) {
 	wantPassword := "password"
 	r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
 	r.SetBasicAuth(wantUser, wantPassword)
-	wantCredentials := &types.BasicAuthCredentials{
+	wantCredentials := &BasicAuthCredentials{
 		User:     wantUser,
 		Password: wantPassword,
 	}
@@ -52,7 +50,7 @@ func Test_AuthWithInvalidPassword_Gives403(t *testing.T) {
 	r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
 	r.SetBasicAuth(wantUser, wantPassword)
 
-	wantCredentials := &types.BasicAuthCredentials{
+	wantCredentials := &BasicAuthCredentials{
 		User:     wantUser,
 		Password: "",
 	}

gateway/vendor/github.com/openfaas/faas-provider/auth/credentials.go

@@ -1,4 +1,7 @@
-package types
+// Copyright (c) OpenFaaS Author(s). All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+package auth
 
 import (
 	"fmt"

gateway/vendor/github.com/openfaas/faas-provider/serve.go

@@ -0,0 +1,63 @@
+// Copyright (c) Alex Ellis 2017. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+package bootstrap
+
+import (
+	"fmt"
+	"log"
+	"net/http"
+
+	"github.com/gorilla/mux"
+	"github.com/openfaas/faas-provider/types"
+)
+
+var r *mux.Router
+
+// Mark this as a Golang "package"
+func init() {
+	r = mux.NewRouter()
+}
+
+// Router gives access to the underlying router for when new routes need to be added.
+func Router() *mux.Router {
+	return r
+}
+
+// Serve load your handlers into the correct OpenFaaS route spec. This function is blocking.
+func Serve(handlers *types.FaaSHandlers, config *types.FaaSConfig) {
+	r.HandleFunc("/system/functions", handlers.FunctionReader).Methods("GET")
+	r.HandleFunc("/system/functions", handlers.DeployHandler).Methods("POST")
+	r.HandleFunc("/system/functions", handlers.DeleteHandler).Methods("DELETE")
+	r.HandleFunc("/system/functions", handlers.UpdateHandler).Methods("PUT")
+
+	r.HandleFunc("/system/function/{name:[-a-zA-Z_0-9]+}", handlers.ReplicaReader).Methods("GET")
+	r.HandleFunc("/system/scale-function/{name:[-a-zA-Z_0-9]+}", handlers.ReplicaUpdater).Methods("POST")
+
+	r.HandleFunc("/function/{name:[-a-zA-Z_0-9]+}", handlers.FunctionProxy)
+	r.HandleFunc("/function/{name:[-a-zA-Z_0-9]+}/", handlers.FunctionProxy)
+
+	r.HandleFunc("/system/info", handlers.InfoHandler).Methods("GET")
+
+	if config.EnableHealth {
+		r.HandleFunc("/healthz", handlers.Health).Methods("GET")
+	}
+
+	readTimeout := config.ReadTimeout
+	writeTimeout := config.WriteTimeout
+
+	tcpPort := 8080
+	if config.TCPPort != nil {
+		tcpPort = *config.TCPPort
+	}
+
+	s := &http.Server{
+		Addr:           fmt.Sprintf(":%d", tcpPort),
+		ReadTimeout:    readTimeout,
+		WriteTimeout:   writeTimeout,
+		MaxHeaderBytes: http.DefaultMaxHeaderBytes, // 1MB - can be overridden by setting Server.MaxHeaderBytes.
+		Handler:        r,
+	}
+
+	log.Fatal(s.ListenAndServe())
+}

gateway/vendor/github.com/openfaas/faas-provider/types/config.go

@@ -0,0 +1,29 @@
+package types
+
+import (
+	"net/http"
+	"time"
+)
+
+// FaaSHandlers provide handlers for OpenFaaS
+type FaaSHandlers struct {
+	FunctionReader http.HandlerFunc
+	DeployHandler  http.HandlerFunc
+	DeleteHandler  http.HandlerFunc
+	ReplicaReader  http.HandlerFunc
+	FunctionProxy  http.HandlerFunc
+	ReplicaUpdater http.HandlerFunc
+
+	// Optional: Update an existing function
+	UpdateHandler http.HandlerFunc
+	Health        http.HandlerFunc
+	InfoHandler   http.HandlerFunc
+}
+
+// FaaSConfig set config for HTTP handlers
+type FaaSConfig struct {
+	TCPPort      *int
+	ReadTimeout  time.Duration
+	WriteTimeout time.Duration
+	EnableHealth bool
+}

gateway/vendor/github.com/openfaas/faas-provider/types/requests.go

@@ -0,0 +1,22 @@
+// Copyright (c) Alex Ellis 2017. All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+package types
+
+type ScaleServiceRequest struct {
+	ServiceName string `json:"serviceName"`
+	Replicas    uint64 `json:"replicas"`
+}
+
+// InfoRequest provides information about the underlying provider
+type InfoRequest struct {
+	Provider      string          `json:"provider"`
+	Version       ProviderVersion `json:"version"`
+	Orchestration string          `json:"orchestration"`
+}
+
+// ProviderVersion provides the commit sha and release version number of the underlying provider
+type ProviderVersion struct {
+	SHA     string `json:"sha"`
+	Release string `json:"release"`
+}