fix: add global auth to template
This commit is contained in:
Tore S. Loenoey
Tore Stendal Lønøy
parent
73b708cbfe
commit
f9c6db04e1
1 changed files with 19 additions and 7 deletions
|
|
@ -541,14 +541,14 @@ func buildLocation(input interface{}, enforceRegex bool) string {
|
||||||
return path
|
return path
|
||||||
}
|
}
|
||||||
|
|
||||||
func buildAuthLocation(input interface{}, globalExternalAuthURL string) string {
|
func buildAuthLocation(input interface{}, globalExternalAuthURL string, c interface{}) string {
|
||||||
location, ok := input.(*ingress.Location)
|
location, ok := input.(*ingress.Location)
|
||||||
if !ok {
|
if !ok {
|
||||||
klog.Errorf("expected an '*ingress.Location' type but %T was returned", input)
|
klog.Errorf("expected an '*ingress.Location' type but %T was returned", input)
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
if (location.ExternalAuth.URL == "") && (!shouldApplyGlobalAuth(input, globalExternalAuthURL)) {
|
if (location.ExternalAuth.URL == "") && (!shouldApplyGlobalAuth(input, globalExternalAuthURL, c)) {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -565,14 +565,20 @@ func buildAuthLocation(input interface{}, globalExternalAuthURL string) string {
|
||||||
}
|
}
|
||||||
|
|
||||||
// shouldApplyGlobalAuth returns true only in case when ExternalAuth.URL is not set and
|
// shouldApplyGlobalAuth returns true only in case when ExternalAuth.URL is not set and
|
||||||
// GlobalExternalAuth is set and enabled
|
// GlobalExternalAuth is set.
|
||||||
func shouldApplyGlobalAuth(input interface{}, globalExternalAuthURL string) bool {
|
func shouldApplyGlobalAuth(input interface{}, globalExternalAuthURL string, c interface{}) bool {
|
||||||
location, ok := input.(*ingress.Location)
|
location, ok := input.(*ingress.Location)
|
||||||
if !ok {
|
if !ok {
|
||||||
klog.Errorf("expected an '*ingress.Location' type but %T was returned", input)
|
klog.Errorf("expected an '*ingress.Location' type but %T was returned", input)
|
||||||
}
|
}
|
||||||
|
|
||||||
if (location.ExternalAuth.URL == "") && (globalExternalAuthURL != "") && (location.EnableGlobalAuth) {
|
cfg, ok := c.(config.Configuration)
|
||||||
|
if !ok {
|
||||||
|
klog.Errorf("expected a 'config.Configuration' type but %T was returned", c)
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
|
if (location.ExternalAuth.URL == "") && (globalExternalAuthURL != "") && (cfg.GlobalExternalAuth.DefaultEnable) {
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -633,8 +639,14 @@ func buildAuthProxySetHeaders(headers map[string]string) []string {
|
||||||
return res
|
return res
|
||||||
}
|
}
|
||||||
|
|
||||||
func buildAuthUpstreamName(input interface{}, host string) string {
|
func buildAuthUpstreamName(input interface{}, host string, c interface{}) string {
|
||||||
authPath := buildAuthLocation(input, "")
|
cfg, ok := c.(config.Configuration)
|
||||||
|
if !ok {
|
||||||
|
klog.Errorf("expected a 'config.Configuration' type but %T was returned", c)
|
||||||
|
return ""
|
||||||
|
}
|
||||||
|
|
||||||
|
authPath := buildAuthLocation(input, "", cfg)
|
||||||
if authPath == "" || host == "" {
|
if authPath == "" || host == "" {
|
||||||
return ""
|
return ""
|
||||||
}
|
}
|
||||||
|
|
|
||||||
Loading…
Reference in a new issue