mirror of
https://github.com/openfaas/faas.git
synced 2025-06-12 18:26:49 +00:00
Move to auth package in faas-provider
The basic-auth middleware and credentials-loading code has been moved into the faas-provider project. This has now been brought back into the faas project via vendoring. Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
This commit is contained in:
parent
c821585b39
commit
6937bc4d7f
11
gateway/Gopkg.lock
generated
11
gateway/Gopkg.lock
generated
@ -72,6 +72,15 @@
|
||||
revision = "289cccf02c178dc782430d534e3c1f5b72af807f"
|
||||
version = "v1.0.0"
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/openfaas/faas-provider"
|
||||
packages = [
|
||||
".",
|
||||
"types"
|
||||
]
|
||||
revision = "9ce928bc82cbb2642e6d534f93a7904116179e6c"
|
||||
version = "0.7.0"
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/openfaas/nats-queue-worker"
|
||||
packages = ["handler"]
|
||||
@ -112,6 +121,6 @@
|
||||
[solve-meta]
|
||||
analyzer-name = "dep"
|
||||
analyzer-version = 1
|
||||
inputs-digest = "f6e74bc55788e9ad6ea33f02d2be398013705f4606c29bbead71ac41a3c19514"
|
||||
inputs-digest = "28590014be90eceddef008d7ef4843165d708e8358c428ad907c50e363af424f"
|
||||
solver-name = "gps-cdcl"
|
||||
solver-version = 1
|
||||
|
@ -25,3 +25,7 @@ ignored = ["github.com/openfaas/faas/gateway/queue"]
|
||||
name = "golang.org/x/net"
|
||||
|
||||
|
||||
|
||||
[[constraint]]
|
||||
name = "github.com/openfaas/faas-provider"
|
||||
version = "0.7.0"
|
||||
|
@ -12,6 +12,7 @@ import (
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/openfaas/faas/gateway/handlers"
|
||||
|
||||
"github.com/openfaas/faas-provider/auth"
|
||||
"github.com/openfaas/faas/gateway/metrics"
|
||||
"github.com/openfaas/faas/gateway/plugin"
|
||||
"github.com/openfaas/faas/gateway/types"
|
||||
@ -33,11 +34,11 @@ func main() {
|
||||
|
||||
log.Printf("Binding to external function provider: %s", config.FunctionsProviderURL)
|
||||
|
||||
var credentials *types.BasicAuthCredentials
|
||||
var credentials *auth.BasicAuthCredentials
|
||||
|
||||
if config.UseBasicAuth {
|
||||
var readErr error
|
||||
reader := types.ReadBasicAuthFromDisk{
|
||||
reader := auth.ReadBasicAuthFromDisk{
|
||||
SecretMountPath: config.SecretMountPath,
|
||||
}
|
||||
credentials, readErr = reader.Read()
|
||||
@ -109,17 +110,17 @@ func main() {
|
||||
|
||||
if credentials != nil {
|
||||
faasHandlers.UpdateFunction =
|
||||
handlers.DecorateWithBasicAuth(faasHandlers.UpdateFunction, credentials)
|
||||
auth.DecorateWithBasicAuth(faasHandlers.UpdateFunction, credentials)
|
||||
faasHandlers.DeleteFunction =
|
||||
handlers.DecorateWithBasicAuth(faasHandlers.DeleteFunction, credentials)
|
||||
auth.DecorateWithBasicAuth(faasHandlers.DeleteFunction, credentials)
|
||||
faasHandlers.DeployFunction =
|
||||
handlers.DecorateWithBasicAuth(faasHandlers.DeployFunction, credentials)
|
||||
auth.DecorateWithBasicAuth(faasHandlers.DeployFunction, credentials)
|
||||
faasHandlers.ListFunctions =
|
||||
handlers.DecorateWithBasicAuth(faasHandlers.ListFunctions, credentials)
|
||||
auth.DecorateWithBasicAuth(faasHandlers.ListFunctions, credentials)
|
||||
faasHandlers.ScaleFunction =
|
||||
handlers.DecorateWithBasicAuth(faasHandlers.ScaleFunction, credentials)
|
||||
faasHandlers.QueryFunction = handlers.DecorateWithBasicAuth(faasHandlers.QueryFunction, credentials)
|
||||
faasHandlers.InfoHandler = handlers.DecorateWithBasicAuth(faasHandlers.InfoHandler, credentials)
|
||||
auth.DecorateWithBasicAuth(faasHandlers.ScaleFunction, credentials)
|
||||
faasHandlers.QueryFunction = auth.DecorateWithBasicAuth(faasHandlers.QueryFunction, credentials)
|
||||
faasHandlers.InfoHandler = auth.DecorateWithBasicAuth(faasHandlers.InfoHandler, credentials)
|
||||
}
|
||||
|
||||
r := mux.NewRouter()
|
||||
@ -168,7 +169,7 @@ func main() {
|
||||
|
||||
uiHandler := http.StripPrefix("/ui", fsCORS)
|
||||
if credentials != nil {
|
||||
r.PathPrefix("/ui/").Handler(handlers.DecorateWithBasicAuth(uiHandler.ServeHTTP, credentials)).Methods(http.MethodGet)
|
||||
r.PathPrefix("/ui/").Handler(auth.DecorateWithBasicAuth(uiHandler.ServeHTTP, credentials)).Methods(http.MethodGet)
|
||||
} else {
|
||||
r.PathPrefix("/ui/").Handler(uiHandler).Methods(http.MethodGet)
|
||||
}
|
||||
|
16
gateway/vendor/github.com/openfaas/faas-provider/.gitignore
generated
vendored
Normal file
16
gateway/vendor/github.com/openfaas/faas-provider/.gitignore
generated
vendored
Normal file
@ -0,0 +1,16 @@
|
||||
# Binaries for programs and plugins
|
||||
*.exe
|
||||
*.dll
|
||||
*.so
|
||||
*.dylib
|
||||
|
||||
# Test binary, build with `go test -c`
|
||||
*.test
|
||||
|
||||
# Output of the go coverage tool, specifically when used with LiteIDE
|
||||
*.out
|
||||
|
||||
# Project-local glide cache, RE: https://github.com/Masterminds/glide/issues/736
|
||||
.glide/
|
||||
|
||||
faas-backend
|
25
gateway/vendor/github.com/openfaas/faas-provider/Dockerfile
generated
vendored
Normal file
25
gateway/vendor/github.com/openfaas/faas-provider/Dockerfile
generated
vendored
Normal file
@ -0,0 +1,25 @@
|
||||
FROM golang:1.9.7-alpine
|
||||
|
||||
RUN mkdir -p /go/src/github.com/openfaas/faas-provider/
|
||||
|
||||
WORKDIR /go/src/github.com/openfaas/faas-provider
|
||||
|
||||
COPY vendor vendor
|
||||
COPY types types
|
||||
COPY auth auth
|
||||
COPY serve.go .
|
||||
|
||||
RUN go test ./auth/ -v \
|
||||
&& CGO_ENABLED=0 GOOS=linux go build -a -installsuffix cgo -o faas-provider .
|
||||
|
||||
FROM alpine:3.7
|
||||
RUN apk --no-cache add ca-certificates
|
||||
WORKDIR /root/
|
||||
|
||||
EXPOSE 8080
|
||||
ENV http_proxy ""
|
||||
ENV https_proxy ""
|
||||
|
||||
COPY --from=0 /go/src/github.com/openfaas/faas-provider/faas-provider .
|
||||
|
||||
CMD ["./faas-provider]
|
21
gateway/vendor/github.com/openfaas/faas-provider/Gopkg.lock
generated
vendored
Normal file
21
gateway/vendor/github.com/openfaas/faas-provider/Gopkg.lock
generated
vendored
Normal file
@ -0,0 +1,21 @@
|
||||
# This file is autogenerated, do not edit; changes may be undone by the next 'dep ensure'.
|
||||
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/gorilla/context"
|
||||
packages = ["."]
|
||||
revision = "1ea25387ff6f684839d82767c1733ff4d4d15d0a"
|
||||
version = "v1.1"
|
||||
|
||||
[[projects]]
|
||||
name = "github.com/gorilla/mux"
|
||||
packages = ["."]
|
||||
revision = "7f08801859139f86dfafd1c296e2cba9a80d292e"
|
||||
version = "v1.6.0"
|
||||
|
||||
[solve-meta]
|
||||
analyzer-name = "dep"
|
||||
analyzer-version = 1
|
||||
inputs-digest = "22efb1c7d9d2403520db6d9a878b2f1e52741e51425cbda743cfd25f00c84a9b"
|
||||
solver-name = "gps-cdcl"
|
||||
solver-version = 1
|
7
gateway/vendor/github.com/openfaas/faas-provider/Gopkg.toml
generated
vendored
Normal file
7
gateway/vendor/github.com/openfaas/faas-provider/Gopkg.toml
generated
vendored
Normal file
@ -0,0 +1,7 @@
|
||||
[prune]
|
||||
go-tests = true
|
||||
unused-packages = true
|
||||
|
||||
[[constraint]]
|
||||
name = "github.com/gorilla/mux"
|
||||
version = "1.6.0"
|
21
gateway/vendor/github.com/openfaas/faas-provider/LICENSE
generated
vendored
Normal file
21
gateway/vendor/github.com/openfaas/faas-provider/LICENSE
generated
vendored
Normal file
@ -0,0 +1,21 @@
|
||||
MIT License
|
||||
|
||||
Copyright (c) 2017 Alex Ellis
|
||||
|
||||
Permission is hereby granted, free of charge, to any person obtaining a copy
|
||||
of this software and associated documentation files (the "Software"), to deal
|
||||
in the Software without restriction, including without limitation the rights
|
||||
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
|
||||
copies of the Software, and to permit persons to whom the Software is
|
||||
furnished to do so, subject to the following conditions:
|
||||
|
||||
The above copyright notice and this permission notice shall be included in all
|
||||
copies or substantial portions of the Software.
|
||||
|
||||
THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
|
||||
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
|
||||
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
|
||||
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
|
||||
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
|
||||
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
|
||||
SOFTWARE.
|
2
gateway/vendor/github.com/openfaas/faas-provider/Makefile
generated
vendored
Normal file
2
gateway/vendor/github.com/openfaas/faas-provider/Makefile
generated
vendored
Normal file
@ -0,0 +1,2 @@
|
||||
build:
|
||||
docker build -t faas-provider .
|
39
gateway/vendor/github.com/openfaas/faas-provider/README.md
generated
vendored
Normal file
39
gateway/vendor/github.com/openfaas/faas-provider/README.md
generated
vendored
Normal file
@ -0,0 +1,39 @@
|
||||
faas-provider
|
||||
==============
|
||||
|
||||
This is a common template or interface for you to start building your own OpenFaaS backend.
|
||||
|
||||
Checkout the [backends guide here](https://github.com/openfaas/faas/blob/master/guide/backends.md) before starting.
|
||||
|
||||
OpenFaaS projects use the MIT License and are written in Golang. We encourage the same for external / third-party providers.
|
||||
|
||||
### How to use this code
|
||||
|
||||
We will setup all the standard HTTP routes for you, then start listening on a given TCP port - it should be 8080.
|
||||
|
||||
Just implement the supplied routes.
|
||||
|
||||
For an example checkout the [server.go](https://github.com/openfaas/faas-netes/blob/master/server.go) file in the [faas-netes](https://github.com/openfaas/faas-netes) Kubernetes backend.
|
||||
|
||||
I.e.:
|
||||
|
||||
```golang
|
||||
bootstrapHandlers := bootTypes.FaaSHandlers{
|
||||
FunctionProxy: handlers.MakeProxy(),
|
||||
DeleteHandler: handlers.MakeDeleteHandler(clientset),
|
||||
DeployHandler: handlers.MakeDeployHandler(clientset),
|
||||
FunctionReader: handlers.MakeFunctionReader(clientset),
|
||||
ReplicaReader: handlers.MakeReplicaReader(clientset),
|
||||
ReplicaUpdater: handlers.MakeReplicaUpdater(clientset),
|
||||
InfoHandler: handlers.MakeInfoHandler(),
|
||||
}
|
||||
var port int
|
||||
port = 8080
|
||||
bootstrapConfig := bootTypes.FaaSConfig{
|
||||
ReadTimeout: time.Second * 8,
|
||||
WriteTimeout: time.Second * 8,
|
||||
TCPPort: &port,
|
||||
}
|
||||
|
||||
bootstrap.Serve(&bootstrapHandlers, &bootstrapConfig)
|
||||
```
|
@ -1,16 +1,14 @@
|
||||
// Copyright (c) OpenFaaS Author(s). All rights reserved.
|
||||
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
|
||||
|
||||
package handlers
|
||||
package auth
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
|
||||
"github.com/openfaas/faas/gateway/types"
|
||||
)
|
||||
|
||||
// DecorateWithBasicAuth enforces basic auth as a middleware with given credentials
|
||||
func DecorateWithBasicAuth(next http.HandlerFunc, credentials *types.BasicAuthCredentials) http.HandlerFunc {
|
||||
func DecorateWithBasicAuth(next http.HandlerFunc, credentials *BasicAuthCredentials) http.HandlerFunc {
|
||||
return func(w http.ResponseWriter, r *http.Request) {
|
||||
|
||||
user, password, ok := r.BasicAuth()
|
@ -1,15 +1,13 @@
|
||||
// Copyright (c) OpenFaaS Author(s). All rights reserved.
|
||||
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
|
||||
|
||||
package handlers
|
||||
package auth
|
||||
|
||||
import (
|
||||
"io"
|
||||
"net/http"
|
||||
"net/http/httptest"
|
||||
"testing"
|
||||
|
||||
"github.com/openfaas/faas/gateway/types"
|
||||
)
|
||||
|
||||
func Test_AuthWithValidPassword_Gives200(t *testing.T) {
|
||||
@ -23,7 +21,7 @@ func Test_AuthWithValidPassword_Gives200(t *testing.T) {
|
||||
wantPassword := "password"
|
||||
r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
|
||||
r.SetBasicAuth(wantUser, wantPassword)
|
||||
wantCredentials := &types.BasicAuthCredentials{
|
||||
wantCredentials := &BasicAuthCredentials{
|
||||
User: wantUser,
|
||||
Password: wantPassword,
|
||||
}
|
||||
@ -52,7 +50,7 @@ func Test_AuthWithInvalidPassword_Gives403(t *testing.T) {
|
||||
r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
|
||||
r.SetBasicAuth(wantUser, wantPassword)
|
||||
|
||||
wantCredentials := &types.BasicAuthCredentials{
|
||||
wantCredentials := &BasicAuthCredentials{
|
||||
User: wantUser,
|
||||
Password: "",
|
||||
}
|
@ -1,4 +1,7 @@
|
||||
package types
|
||||
// Copyright (c) OpenFaaS Author(s). All rights reserved.
|
||||
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
|
||||
|
||||
package auth
|
||||
|
||||
import (
|
||||
"fmt"
|
63
gateway/vendor/github.com/openfaas/faas-provider/serve.go
generated
vendored
Normal file
63
gateway/vendor/github.com/openfaas/faas-provider/serve.go
generated
vendored
Normal file
@ -0,0 +1,63 @@
|
||||
// Copyright (c) Alex Ellis 2017. All rights reserved.
|
||||
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
|
||||
|
||||
package bootstrap
|
||||
|
||||
import (
|
||||
"fmt"
|
||||
"log"
|
||||
"net/http"
|
||||
|
||||
"github.com/gorilla/mux"
|
||||
"github.com/openfaas/faas-provider/types"
|
||||
)
|
||||
|
||||
var r *mux.Router
|
||||
|
||||
// Mark this as a Golang "package"
|
||||
func init() {
|
||||
r = mux.NewRouter()
|
||||
}
|
||||
|
||||
// Router gives access to the underlying router for when new routes need to be added.
|
||||
func Router() *mux.Router {
|
||||
return r
|
||||
}
|
||||
|
||||
// Serve load your handlers into the correct OpenFaaS route spec. This function is blocking.
|
||||
func Serve(handlers *types.FaaSHandlers, config *types.FaaSConfig) {
|
||||
r.HandleFunc("/system/functions", handlers.FunctionReader).Methods("GET")
|
||||
r.HandleFunc("/system/functions", handlers.DeployHandler).Methods("POST")
|
||||
r.HandleFunc("/system/functions", handlers.DeleteHandler).Methods("DELETE")
|
||||
r.HandleFunc("/system/functions", handlers.UpdateHandler).Methods("PUT")
|
||||
|
||||
r.HandleFunc("/system/function/{name:[-a-zA-Z_0-9]+}", handlers.ReplicaReader).Methods("GET")
|
||||
r.HandleFunc("/system/scale-function/{name:[-a-zA-Z_0-9]+}", handlers.ReplicaUpdater).Methods("POST")
|
||||
|
||||
r.HandleFunc("/function/{name:[-a-zA-Z_0-9]+}", handlers.FunctionProxy)
|
||||
r.HandleFunc("/function/{name:[-a-zA-Z_0-9]+}/", handlers.FunctionProxy)
|
||||
|
||||
r.HandleFunc("/system/info", handlers.InfoHandler).Methods("GET")
|
||||
|
||||
if config.EnableHealth {
|
||||
r.HandleFunc("/healthz", handlers.Health).Methods("GET")
|
||||
}
|
||||
|
||||
readTimeout := config.ReadTimeout
|
||||
writeTimeout := config.WriteTimeout
|
||||
|
||||
tcpPort := 8080
|
||||
if config.TCPPort != nil {
|
||||
tcpPort = *config.TCPPort
|
||||
}
|
||||
|
||||
s := &http.Server{
|
||||
Addr: fmt.Sprintf(":%d", tcpPort),
|
||||
ReadTimeout: readTimeout,
|
||||
WriteTimeout: writeTimeout,
|
||||
MaxHeaderBytes: http.DefaultMaxHeaderBytes, // 1MB - can be overridden by setting Server.MaxHeaderBytes.
|
||||
Handler: r,
|
||||
}
|
||||
|
||||
log.Fatal(s.ListenAndServe())
|
||||
}
|
29
gateway/vendor/github.com/openfaas/faas-provider/types/config.go
generated
vendored
Normal file
29
gateway/vendor/github.com/openfaas/faas-provider/types/config.go
generated
vendored
Normal file
@ -0,0 +1,29 @@
|
||||
package types
|
||||
|
||||
import (
|
||||
"net/http"
|
||||
"time"
|
||||
)
|
||||
|
||||
// FaaSHandlers provide handlers for OpenFaaS
|
||||
type FaaSHandlers struct {
|
||||
FunctionReader http.HandlerFunc
|
||||
DeployHandler http.HandlerFunc
|
||||
DeleteHandler http.HandlerFunc
|
||||
ReplicaReader http.HandlerFunc
|
||||
FunctionProxy http.HandlerFunc
|
||||
ReplicaUpdater http.HandlerFunc
|
||||
|
||||
// Optional: Update an existing function
|
||||
UpdateHandler http.HandlerFunc
|
||||
Health http.HandlerFunc
|
||||
InfoHandler http.HandlerFunc
|
||||
}
|
||||
|
||||
// FaaSConfig set config for HTTP handlers
|
||||
type FaaSConfig struct {
|
||||
TCPPort *int
|
||||
ReadTimeout time.Duration
|
||||
WriteTimeout time.Duration
|
||||
EnableHealth bool
|
||||
}
|
22
gateway/vendor/github.com/openfaas/faas-provider/types/requests.go
generated
vendored
Normal file
22
gateway/vendor/github.com/openfaas/faas-provider/types/requests.go
generated
vendored
Normal file
@ -0,0 +1,22 @@
|
||||
// Copyright (c) Alex Ellis 2017. All rights reserved.
|
||||
// Licensed under the MIT license. See LICENSE file in the project root for full license information.
|
||||
|
||||
package types
|
||||
|
||||
type ScaleServiceRequest struct {
|
||||
ServiceName string `json:"serviceName"`
|
||||
Replicas uint64 `json:"replicas"`
|
||||
}
|
||||
|
||||
// InfoRequest provides information about the underlying provider
|
||||
type InfoRequest struct {
|
||||
Provider string `json:"provider"`
|
||||
Version ProviderVersion `json:"version"`
|
||||
Orchestration string `json:"orchestration"`
|
||||
}
|
||||
|
||||
// ProviderVersion provides the commit sha and release version number of the underlying provider
|
||||
type ProviderVersion struct {
|
||||
SHA string `json:"sha"`
|
||||
Release string `json:"release"`
|
||||
}
|
Loading…
x
Reference in New Issue
Block a user