Move to auth package in faas-provider

The basic-auth middleware and credentials-loading code has been moved into the faas-provider project. This has now been brought back into the faas project via vendoring. Signed-off-by: Alex Ellis (VMware) <alexellis2@gmail.com>
2025-06-21 10:26:32 +00:00 · 2018-09-06 16:14:53 +01:00
parent c821585b39
commit 6937bc4d7f
16 changed files with 279 additions and 21 deletions
--- a/gateway/handlers/basic_auth.go
+++ b/gateway/handlers/basic_auth.go
@ -1,28 +0,0 @@
-// Copyright (c) OpenFaaS Author(s). All rights reserved.
-// Licensed under the MIT license. See LICENSE file in the project root for full license information.
-
-package handlers
-
-import (
-	"net/http"
-
-	"github.com/openfaas/faas/gateway/types"
-)
-
-// DecorateWithBasicAuth enforces basic auth as a middleware with given credentials
-func DecorateWithBasicAuth(next http.HandlerFunc, credentials *types.BasicAuthCredentials) http.HandlerFunc {
-	return func(w http.ResponseWriter, r *http.Request) {
-
-		user, password, ok := r.BasicAuth()
-		w.Header().Set("WWW-Authenticate", `Basic realm="Restricted"`)
-
-		if !ok || !(credentials.Password == password && user == credentials.User) {
-
-			w.WriteHeader(http.StatusUnauthorized)
-			w.Write([]byte("invalid credentials"))
-			return
-		}
-
-		next.ServeHTTP(w, r)
-	}
-}
--- a/gateway/handlers/basic_auth_test.go
+++ b/gateway/handlers/basic_auth_test.go
@ -1,68 +0,0 @@
-// Copyright (c) OpenFaaS Author(s). All rights reserved.
-// Licensed under the MIT license. See LICENSE file in the project root for full license information.
-
-package handlers
-
-import (
-	"io"
-	"net/http"
-	"net/http/httptest"
-	"testing"
-
-	"github.com/openfaas/faas/gateway/types"
-)
-
-func Test_AuthWithValidPassword_Gives200(t *testing.T) {
-
-	handler := func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, "<html><body>Hello World!</body></html>")
-	}
-	w := httptest.NewRecorder()
-
-	wantUser := "admin"
-	wantPassword := "password"
-	r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
-	r.SetBasicAuth(wantUser, wantPassword)
-	wantCredentials := &types.BasicAuthCredentials{
-		User:     wantUser,
-		Password: wantPassword,
-	}
-
-	decorated := DecorateWithBasicAuth(handler, wantCredentials)
-	decorated.ServeHTTP(w, r)
-
-	wantCode := http.StatusOK
-
-	if w.Code != wantCode {
-		t.Errorf("status code, want: %d, got: %d", wantCode, w.Code)
-		t.Fail()
-	}
-}
-
-func Test_AuthWithInvalidPassword_Gives403(t *testing.T) {
-
-	handler := func(w http.ResponseWriter, r *http.Request) {
-		io.WriteString(w, "<html><body>Hello World!</body></html>")
-	}
-
-	w := httptest.NewRecorder()
-
-	wantUser := "admin"
-	wantPassword := "test"
-	r := httptest.NewRequest(http.MethodGet, "http://localhost:8080", nil)
-	r.SetBasicAuth(wantUser, wantPassword)
-
-	wantCredentials := &types.BasicAuthCredentials{
-		User:     wantUser,
-		Password: "",
-	}
-
-	decorated := DecorateWithBasicAuth(handler, wantCredentials)
-	decorated.ServeHTTP(w, r)
-
-	wantCode := http.StatusUnauthorized
-	if w.Code != wantCode {
-		t.Errorf("status code, want: %d, got: %d", wantCode, w.Code)
-		t.Fail()
-	}
-}