djpbessems/ContainerImage.Pinniped
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

internal/concierge/impersonator: don't care about namespace

Browse Source 
Concierge APIs are no longer namespaced (see f015ad5852).

Signed-off-by: Andrew Keesler <akeesler@vmware.com>
This commit is contained in:
Andrew Keesler 2021-02-11 17:27:27 -05:00
parent 5cd60fa5f9
commit 6512ab1351
No known key found for this signature in database
GPG Key ID: 27CE0444346F9413
2 changed files with 3 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
internal/concierge/impersonator/impersonator.go
View File

@ -95,7 +95,6 @@ func (p *proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {
} }
log = log.WithValues( log = log.WithValues(
"authenticator", tokenCredentialReq.Spec.Authenticator, "authenticator", tokenCredentialReq.Spec.Authenticator,
"authenticatorNamespace", tokenCredentialReq.Namespace,
) )
userInfo, err := p.cache.AuthenticateTokenCredentialRequest(r.Context(), tokenCredentialReq) userInfo, err := p.cache.AuthenticateTokenCredentialRequest(r.Context(), tokenCredentialReq)

6
internal/concierge/impersonator/impersonator_test.go
View File

@ -146,7 +146,7 @@ func TestImpersonator(t *testing.T) {
request: newRequest(map[string][]string{"Authorization": {"Bearer " + makeTestTokenRequest("", "", "")}}), request: newRequest(map[string][]string{"Authorization": {"Bearer " + makeTestTokenRequest("", "", "")}}),
wantHTTPBody: "invalid token\n", wantHTTPBody: "invalid token\n",
wantHTTPStatus: http.StatusUnauthorized, wantHTTPStatus: http.StatusUnauthorized,
wantLogs: []string{"\"error\"=\"no such authenticator\" \"msg\"=\"received invalid token\" \"authenticator\"={\"apiGroup\":null,\"kind\":\"\",\"name\":\"\"} \"authenticatorNamespace\"=\"\" \"method\"=\"GET\" \"url\"=\"http://pinniped.dev/blah\""}, wantLogs: []string{"\"error\"=\"no such authenticator\" \"msg\"=\"received invalid token\" \"authenticator\"={\"apiGroup\":null,\"kind\":\"\",\"name\":\"\"} \"method\"=\"GET\" \"url\"=\"http://pinniped.dev/blah\""},
}, },
{ {
name: "token authenticates as nil", name: "token authenticates as nil",
@ -157,7 +157,7 @@ func TestImpersonator(t *testing.T) {
}, },
wantHTTPBody: "not authenticated\n", wantHTTPBody: "not authenticated\n",
wantHTTPStatus: http.StatusUnauthorized, wantHTTPStatus: http.StatusUnauthorized,
wantLogs: []string{"\"level\"=0 \"msg\"=\"received token that did not authenticate\" \"authenticator\"={\"apiGroup\":null,\"kind\":\"\",\"name\":\"authenticator-one\"} \"authenticatorNamespace\"=\"foo\" \"method\"=\"GET\" \"url\"=\"http://pinniped.dev/blah\""}, wantLogs: []string{"\"level\"=0 \"msg\"=\"received token that did not authenticate\" \"authenticator\"={\"apiGroup\":null,\"kind\":\"\",\"name\":\"authenticator-one\"} \"method\"=\"GET\" \"url\"=\"http://pinniped.dev/blah\""},
}, },
// happy path // happy path
{ {
@ -179,7 +179,7 @@ func TestImpersonator(t *testing.T) {
}, },
wantHTTPBody: "successful proxied response", wantHTTPBody: "successful proxied response",
wantHTTPStatus: http.StatusOK, wantHTTPStatus: http.StatusOK,
wantLogs: []string{"\"level\"=0 \"msg\"=\"proxying authenticated request\" \"authenticator\"={\"apiGroup\":null,\"kind\":\"\",\"name\":\"authenticator-one\"} \"authenticatorNamespace\"=\"foo\" \"method\"=\"GET\" \"url\"=\"http://pinniped.dev/blah\" \"userID\"=\"test-uid\""}, wantLogs: []string{"\"level\"=0 \"msg\"=\"proxying authenticated request\" \"authenticator\"={\"apiGroup\":null,\"kind\":\"\",\"name\":\"authenticator-one\"} \"method\"=\"GET\" \"url\"=\"http://pinniped.dev/blah\" \"userID\"=\"test-uid\""},
}, },
} }