Add error handling to basic auth injector

Fixes a problem where basic auth was disabled and a nill pointer was hit, causing a panic. Signed-off-by: Alex Ellis <alexellis2@gmail.com>
2025-06-09 16:56:47 +00:00 · 2019-06-08 10:54:37 +01:00 · 2019-06-08 10:54:37 +01:00 · e3b77514d0
commit e3b77514d0
parent d2965df9f2
4 changed files with 47 additions and 10 deletions
--- a/docker-compose.yml
+++ b/docker-compose.yml
@ -3,7 +3,7 @@ services:
    gateway:
        ports:
            - 8080:8080
-        image: openfaas/gateway:0.13.7-rc4
+        image: openfaas/gateway:0.13.7-rc5
        networks:
            - functions
        environment:
--- a/gateway/handlers/basic_auth_injector.go
+++ b/gateway/handlers/basic_auth_injector.go
@ -0,0 +1,20 @@
+// Copyright (c) OpenFaaS Author(s). All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+package handlers
+
+import (
+	"net/http"
+
+	"github.com/openfaas/faas-provider/auth"
+)
+
+type BasicAuthInjector struct {
+	Credentials *auth.BasicAuthCredentials
+}
+
+func (b BasicAuthInjector) Inject(r *http.Request) {
+	if r != nil && b.Credentials != nil {
+		r.SetBasicAuth(b.Credentials.User, b.Credentials.Password)
+	}
+}
--- a/gateway/handlers/basic_auth_injector_test.go
+++ b/gateway/handlers/basic_auth_injector_test.go
@ -0,0 +1,21 @@
+// Copyright (c) OpenFaaS Author(s). All rights reserved.
+// Licensed under the MIT license. See LICENSE file in the project root for full license information.
+
+package handlers
+
+import (
+	"net/http"
+	"net/http/httptest"
+	"testing"
+)
+
+func Test_Inject_WithNilRequestAndNilCredentials(t *testing.T) {
+	injector := BasicAuthInjector{}
+	injector.Inject(nil)
+}
+
+func Test_Inject_WithRequestButNilCredentials(t *testing.T) {
+	injector := BasicAuthInjector{}
+	req := httptest.NewRequest(http.MethodGet, "/", nil)
+	injector.Inject(req)
+}
--- a/gateway/server.go
+++ b/gateway/server.go
@ -89,7 +89,11 @@ func main() {
 		functionURLTransformer = nilURLTransformer
 	}

-	serviceAuthInjector := &BasicAuthInjector{Credentials: credentials}
+	var serviceAuthInjector handlers.AuthInjector
+
+	if config.UseBasicAuth {
+		serviceAuthInjector = &handlers.BasicAuthInjector{Credentials: credentials}
+	}

 	decorateExternalAuth := handlers.MakeExternalAuthHandler

@ -257,11 +261,3 @@ func runMetricsServer() {

 	log.Fatal(s.ListenAndServe())
 }
-
-type BasicAuthInjector struct {
-	Credentials *auth.BasicAuthCredentials
-}
-
-func (b BasicAuthInjector) Inject(r *http.Request) {
-	r.SetBasicAuth(b.Credentials.User, b.Credentials.Password)
-}