Skip to content

Commit

Permalink
Merge pull request #2 from mangoGoForward/revert-1-feature/hide-auth-…
Browse files Browse the repository at this point in the history 
…header

revert: "feat: support hide the authentication header in basic-auth"
  • Loading branch information
@mangoGoForward
mangoGoForward authored Jan 14, 2022
2 parents 37076a7 + a1deeef commit 4fc743f
Show file tree
Hide file tree
Showing 6 changed files with 17 additions and 127 deletions.
12 changes: 9 additions & 3 deletions apisix/discovery/eureka/init.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,6 +19,7 @@ local local_conf = require("apisix.core.config_local").local_conf()
local http = require("resty.http")
local core = require("apisix.core")
local ipmatcher = require("resty.ipmatcher")
local zlib = require("zlib")
local ipairs = ipairs
local tostring = tostring
local type = type
Expand Down Expand Up @@ -161,10 +162,15 @@ local function fetch_full_registry(premature)
return
end

local json_str = res.body
local data, err = core.json.decode(json_str)
local encoding = res.headers["Content-Encoding"]
local res_body = res.body
if encoding == 'gzip' then
local stream = zlib.inflate()
res_body = stream(res_body)
end
local data, decode_err = core.json.decode(res_body)
if not data then
log.error("invalid response body: ", json_str, " err: ", err)
log.error("invalid response body: ", res_body, " err: ", decode_err)
return
end
local apps = data.applications.application
Expand Down
16 changes: 1 addition & 15 deletions apisix/plugins/basic-auth.lua
View file
Original file line number Diff line number Diff line change
Expand Up @@ -30,12 +30,7 @@ local consumers_lrucache = core.lrucache.new({
local schema = {
type = "object",
title = "work with route or service object",
properties = {
hide_auth_header = {
type = "boolean",
default = true,
}
},
properties = {},
}

local consumer_schema = {
Expand All @@ -44,10 +39,6 @@ local consumer_schema = {
properties = {
username = { type = "string" },
password = { type = "string" },
hide_auth_header = {
type = "boolean",
default = true,
}
},
required = {"username", "password"},
}
Expand Down Expand Up @@ -181,11 +172,6 @@ function _M.rewrite(conf, ctx)
return 401, { message = "Password is error" }
end

-- 5. hide `Authentication` header if `hide_auth_header` is `true`
if conf.hide_auth_header == true then
core.response.set_header("Authentication", "")
end

consumer.attach_consumer(ctx, cur_consumer, consumer_conf)

core.log.info("hit basic-auth access")
Expand Down
2 changes: 1 addition & 1 deletion conf/config-default.yaml
View file
Original file line number Diff line number Diff line change
Expand Up @@ -306,7 +306,7 @@ etcd:
# eureka:
# host: # it's possible to define multiple eureka hosts addresses of the same eureka cluster.
# - "http://127.0.0.1:8761"
# prefix: /eureka/
# prefix: /eureka/v2/
# fetch_interval: 30 # default 30s
# weight: 100 # default weight for node
# timeout:
Expand Down
13 changes: 6 additions & 7 deletions docs/en/latest/plugins/basic-auth.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -39,11 +39,10 @@ For more information on Basic authentication, refer to [Wiki](https://en.wikiped

## Attributes

| Name | Type | Requirement | Default | Valid | Description |
| -------- | ------ | ----------- | ------- | ----- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| username | string | required | | | Different `consumer` should have different value which is unique. When different `consumer` use a same `username`, a request matching exception would be raised. |
| password | string | required | | | the user's password |
| hide_auth_header | boolean | optional | true | | Whether to return the Authentication response headers to the client. |
| Name | Type | Requirement | Default | Valid | Description |
| -------- | ------ | ----------- | ------- | ----- | ---------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| username | string | required | | | Different `consumer` should have different value which is unique. When different `consumer` use a same `username`, a request matching exception would be raised. |
| password | string | required | | | the user's password |

## How To Enable

Expand Down Expand Up @@ -130,8 +129,8 @@ hello, world
## Disable Plugin

When you want to disable the `basic-auth` plugin, it is very simple,
you can delete the corresponding json configuration in the plugin configuration,
no need to restart the service, it will take effect immediately:
you can delete the corresponding json configuration in the plugin configuration,
no need to restart the service, it will take effect immediately:

```shell
$ curl http://127.0.0.1:9080/apisix/admin/routes/1 -X PUT -d '
Expand Down
1 change: 0 additions & 1 deletion docs/zh/latest/plugins/basic-auth.md
View file
Original file line number Diff line number Diff line change
Expand Up @@ -43,7 +43,6 @@ title: basic-auth
| -------- | ------ | ------ | ------ | ------ | ------------------------------------------------------------------------------------------------------------------ |
| username | string | 必须 | | | 不同的 `consumer` 对象应有不同的值,它应当是唯一的。不同 consumer 使用了相同的 `username` ,将会出现请求匹配异常。 |
| password | string | 必须 | | | 用户的密码 |
| hide_auth_header | boolean | 可选 | true | | 是否将 Authentication 响应头返回给客户端. |

## 如何启用

Expand Down
100 changes: 0 additions & 100 deletions t/plugin/basic-auth.t
View file
Original file line number Diff line number Diff line change
Expand Up @@ -395,103 +395,3 @@ GET /t
GET /t
--- no_error_log
[error]



=== TEST 15: hide auth header = false
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local code, body = t('/apisix/admin/consumers',
ngx.HTTP_PUT,
[[{
"username": "foo",
"plugins": {
"basic-auth": {
"username": "foo",
"password": "bar",
"hide_auth_header": false
}
}
}]],
[[{
"node": {
"value": {
"username": "foo",
"plugins": {
"basic-auth": {
"username": "foo",
"password": "bar",
"hide_auth_header": false
}
}
}
},
"action": "set"
}]]
)

ngx.status = code
ngx.say(body)
}
}
--- request
GET /t
--- error_code: 200
--- response_body
passed
--- no_error_log
[error]



=== TEST 16: enable basic auth plugin using admin api
--- config
location /t {
content_by_lua_block {
local t = require("lib.test_admin").test
local code, body = t('/apisix/admin/routes/1',
ngx.HTTP_PUT,
[[{
"plugins": {
"basic-auth": {}
},
"upstream": {
"nodes": {
"127.0.0.1:1980": 1
},
"type": "roundrobin"
},
"uri": "/hello"
}]]
)

if code >= 300 then
ngx.status = code
end
ngx.say(body)
}
}
--- request
GET /t
--- response_body
passed
--- no_error_log
[error]



=== TEST 17: verify with hide auth header
--- request
GET /hello
--- more_headers
Authorization: Basic Zm9vOmJhcg==
--- response_body
hello world
--- response_headers_like
Authentication:
--- no_error_log
[error]
--- error_log
find consumer foo

0 comments on commit 4fc743f

Please sign in to comment.