From fa076fb2c4ebfed9905819b3a7d6238bfe5e6b4e Mon Sep 17 00:00:00 2001 From: Burton Rheutan Date: Sun, 2 Sep 2018 11:09:15 -0500 Subject: [PATCH] Pass basic auth to all system calls This changeset enables passing the basic auth credentials to all /system/ calls to allow upstream providers to perform authorization checks independent of the gateway. This is essential for some providers, like Swarm, where the system is accessible on the same network, and not protected via the gateway Signed-off-by: Burton Rheutan --- gateway/server.go | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/gateway/server.go b/gateway/server.go index e280c7f1..5f33edac 100644 --- a/gateway/server.go +++ b/gateway/server.go @@ -1,4 +1,5 @@ // Copyright (c) Alex Ellis 2017. All rights reserved. +// Copyright (c) OpenFaaS Author(s). All rights reserved. // Licensed under the MIT license. See LICENSE file in the project root for full license information. package main @@ -89,6 +90,8 @@ func main() { alertHandler := plugin.NewExternalServiceQuery(*config.FunctionsProviderURL) faasHandlers.Alert = handlers.MakeAlertHandler(alertHandler) + infoHandler := handlers.MakeInfoHandler(handlers.MakeForwardingProxyHandler(reverseProxy, forwardingNotifiers, urlResolver, nilURLTransformer)) + if config.UseNATS() { log.Println("Async enabled: Using NATS Streaming.") natsQueue, queueErr := natsHandler.CreateNatsQueue(*config.NATSAddress, *config.NATSPort, natsHandler.DefaultNatsConfig{}) @@ -117,6 +120,8 @@ func main() { handlers.DecorateWithBasicAuth(faasHandlers.ListFunctions, credentials) faasHandlers.ScaleFunction = handlers.DecorateWithBasicAuth(faasHandlers.ScaleFunction, credentials) + infoHandler = handlers.DecorateWithBasicAuth(infoHandler, credentials) + queryFunction = handlers.DecorateWithBasicAuth(queryFunction, credentials) } r := mux.NewRouter() @@ -139,9 +144,7 @@ func main() { r.HandleFunc("/function/{name:[-a-zA-Z_0-9]+}/", functionProxy) r.HandleFunc("/function/{name:[-a-zA-Z_0-9]+}/{params:.*}", functionProxy) - r.HandleFunc("/system/info", handlers.MakeInfoHandler(handlers.MakeForwardingProxyHandler( - reverseProxy, forwardingNotifiers, urlResolver, nilURLTransformer))).Methods(http.MethodGet) - + r.HandleFunc("/system/info", infoHandler).Methods(http.MethodGet) r.HandleFunc("/system/alert", faasHandlers.Alert) r.HandleFunc("/system/function/{name:[-a-zA-Z_0-9]+}", queryFunction).Methods(http.MethodGet)