From b565f7cd090e9ee2043fbb726fbaae01737f83cd Mon Sep 17 00:00:00 2001 From: JunXu Chen Date: Sun, 19 Dec 2021 10:08:27 +0800 Subject: [PATCH] fix: authentication middleware is implemented by changing from framework droplet to framework gin (#2254) --- api/internal/core/server/http.go | 3 +- api/internal/core/server/server.go | 2 +- api/internal/filter/authentication.go | 123 ++++++++---------- api/internal/filter/authentication_test.go | 86 ++++-------- api/internal/filter/ip_filter_test.go | 6 +- api/internal/filter/logging_test.go | 7 +- .../handler/upstream/upstream_test.go | 34 ++--- api/internal/route.go | 2 +- api/test/e2e/route_import_test.go | 12 +- api/test/e2enew/base/base.go | 2 +- api/test/e2enew/migrate/migrate_test.go | 21 +++ .../e2enew/stream_route/stream_route_test.go | 2 + .../upstream/upstream_keepalive_pool.go | 4 +- api/test/e2enew/upstream/upstream_test.go | 12 +- api/test/testdata/import/multi-routes.yaml | 42 +++--- 15 files changed, 163 insertions(+), 195 deletions(-) diff --git a/api/internal/core/server/http.go b/api/internal/core/server/http.go index 53a4216174..ea0c56c405 100644 --- a/api/internal/core/server/http.go +++ b/api/internal/core/server/http.go @@ -27,7 +27,6 @@ import ( "github.com/apisix/manager-api/internal" "github.com/apisix/manager-api/internal/conf" - "github.com/apisix/manager-api/internal/filter" "github.com/apisix/manager-api/internal/handler" ) @@ -37,7 +36,7 @@ func (s *server) setupAPI() { var newMws []droplet.Middleware // default middleware order: resp_reshape, auto_input, traffic_log // We should put err_transform at second to catch all error - newMws = append(newMws, mws[0], &handler.ErrorTransformMiddleware{}, &filter.AuthenticationMiddleware{}) + newMws = append(newMws, mws[0], &handler.ErrorTransformMiddleware{}) newMws = append(newMws, mws[1:]...) return newMws } diff --git a/api/internal/core/server/server.go b/api/internal/core/server/server.go index c46ab3a192..6d0d20b3de 100644 --- a/api/internal/core/server/server.go +++ b/api/internal/core/server/server.go @@ -35,7 +35,7 @@ type server struct { options *Options } -type Options struct {} +type Options struct{} // NewServer Create a server manager func NewServer(options *Options) (*server, error) { diff --git a/api/internal/filter/authentication.go b/api/internal/filter/authentication.go index 7b565f237f..7c7e7280f8 100644 --- a/api/internal/filter/authentication.go +++ b/api/internal/filter/authentication.go @@ -17,84 +17,67 @@ package filter import ( - "errors" "net/http" "strings" "github.com/dgrijalva/jwt-go" - "github.com/shiningrush/droplet" - "github.com/shiningrush/droplet/data" - "github.com/shiningrush/droplet/middleware" + "github.com/gin-gonic/gin" "github.com/apisix/manager-api/internal/conf" "github.com/apisix/manager-api/internal/log" ) -type AuthenticationMiddleware struct { - middleware.BaseMiddleware -} - -func (mw *AuthenticationMiddleware) Handle(ctx droplet.Context) error { - httpReq := ctx.Get(middleware.KeyHttpRequest) - if httpReq == nil { - err := errors.New("input middleware cannot get http request") - - // Wrong usage, just panic here and let recoverHandler to deal with - panic(err) - } - - req := httpReq.(*http.Request) - - if req.URL.Path == "/apisix/admin/tool/version" || req.URL.Path == "/apisix/admin/user/login" { - return mw.BaseMiddleware.Handle(ctx) - } - - if !strings.HasPrefix(req.URL.Path, "/apisix") { - return mw.BaseMiddleware.Handle(ctx) - } - - // Need check the auth header - tokenStr := req.Header.Get("Authorization") - - // verify token - token, err := jwt.ParseWithClaims(tokenStr, &jwt.StandardClaims{}, func(token *jwt.Token) (interface{}, error) { - return []byte(conf.AuthConf.Secret), nil - }) - - // TODO: design the response error code - response := data.Response{Code: 010013, Message: "request unauthorized"} - - if err != nil || token == nil || !token.Valid { - log.Warnf("token validate failed: %s", err) - log.Warn("please check the secret in conf.yaml") - ctx.SetOutput(&data.SpecCodeResponse{StatusCode: http.StatusUnauthorized, Response: response}) - return nil - } - - claims, ok := token.Claims.(*jwt.StandardClaims) - if !ok { - log.Warnf("token validate failed: %s, %v", err, token.Valid) - ctx.SetOutput(&data.SpecCodeResponse{StatusCode: http.StatusUnauthorized, Response: response}) - return nil - } - - if err := token.Claims.Valid(); err != nil { - log.Warnf("token claims validate failed: %s", err) - ctx.SetOutput(&data.SpecCodeResponse{StatusCode: http.StatusUnauthorized, Response: response}) - return nil +func Authentication() gin.HandlerFunc { + return func(c *gin.Context) { + if c.Request.URL.Path == "/apisix/admin/user/login" || + c.Request.URL.Path == "/apisix/admin/tool/version" || + !strings.HasPrefix(c.Request.URL.Path, "/apisix") { + c.Next() + return + } + + tokenStr := c.GetHeader("Authorization") + // verify token + token, err := jwt.ParseWithClaims(tokenStr, &jwt.StandardClaims{}, func(token *jwt.Token) (interface{}, error) { + return []byte(conf.AuthConf.Secret), nil + }) + + errResp := gin.H{ + "code": 010013, + "message": "request unauthorized", + } + + if err != nil || token == nil || !token.Valid { + log.Warnf("token validate failed: %s", err) + c.AbortWithStatusJSON(http.StatusUnauthorized, errResp) + return + } + + claims, ok := token.Claims.(*jwt.StandardClaims) + if !ok { + log.Warnf("token validate failed: %s, %v", err, token.Valid) + c.AbortWithStatusJSON(http.StatusUnauthorized, errResp) + return + } + + if err := token.Claims.Valid(); err != nil { + log.Warnf("token claims validate failed: %s", err) + c.AbortWithStatusJSON(http.StatusUnauthorized, errResp) + return + } + + if claims.Subject == "" { + log.Warn("token claims subject empty") + c.AbortWithStatusJSON(http.StatusUnauthorized, errResp) + return + } + + if _, ok := conf.UserList[claims.Subject]; !ok { + log.Warnf("user not exists by token claims subject %s", claims.Subject) + c.AbortWithStatusJSON(http.StatusUnauthorized, errResp) + return + } + + c.Next() } - - if claims.Subject == "" { - log.Warn("token claims subject empty") - ctx.SetOutput(&data.SpecCodeResponse{StatusCode: http.StatusUnauthorized, Response: response}) - return nil - } - - if _, ok := conf.UserList[claims.Subject]; !ok { - log.Warnf("user not exists by token claims subject %s", claims.Subject) - ctx.SetOutput(&data.SpecCodeResponse{StatusCode: http.StatusUnauthorized, Response: response}) - return nil - } - - return mw.BaseMiddleware.Handle(ctx) } diff --git a/api/internal/filter/authentication_test.go b/api/internal/filter/authentication_test.go index e18cc3efc4..7129d4ecc8 100644 --- a/api/internal/filter/authentication_test.go +++ b/api/internal/filter/authentication_test.go @@ -17,16 +17,12 @@ package filter import ( - "errors" "net/http" - "net/url" "testing" "time" "github.com/dgrijalva/jwt-go" - "github.com/shiningrush/droplet" - "github.com/shiningrush/droplet/data" - "github.com/shiningrush/droplet/middleware" + "github.com/gin-gonic/gin" "github.com/stretchr/testify/assert" "github.com/apisix/manager-api/internal/conf" @@ -44,73 +40,35 @@ func genToken(username string, issueAt, expireAt int64) string { return signedToken } -type mockMiddleware struct { - middleware.BaseMiddleware -} - -func (mw *mockMiddleware) Handle(ctx droplet.Context) error { - return errors.New("next middleware") -} - -func testPanic(t *testing.T, mw AuthenticationMiddleware, ctx droplet.Context) { - defer func() { - panicErr := recover() - assert.Contains(t, panicErr.(error).Error(), "input middleware cannot get http request") - }() - _ = mw.Handle(ctx) -} - func TestAuthenticationMiddleware_Handle(t *testing.T) { - ctx := droplet.NewContext() - fakeReq, _ := http.NewRequest(http.MethodGet, "", nil) - expectOutput := &data.SpecCodeResponse{ - Response: data.Response{ - Code: 010013, - Message: "request unauthorized", - }, - StatusCode: http.StatusUnauthorized, - } - - mw := AuthenticationMiddleware{} - mockMw := mockMiddleware{} - mw.SetNext(&mockMw) - - // test without http.Request - testPanic(t, mw, ctx) - - ctx.Set(middleware.KeyHttpRequest, fakeReq) + r := gin.New() + r.Use(Authentication()) + r.GET("/*path", func(c *gin.Context) { + }) - // test without token check - fakeReq.URL = &url.URL{Path: "/apisix/admin/user/login"} - assert.Equal(t, mw.Handle(ctx), errors.New("next middleware")) + w := performRequest(r, "GET", "/apisix/admin/user/login", nil) + assert.Equal(t, http.StatusOK, w.Code) - // test without authorization header - fakeReq.URL = &url.URL{Path: "/apisix/admin/routes"} - assert.Nil(t, mw.Handle(ctx)) - assert.Equal(t, expectOutput, ctx.Output().(*data.SpecCodeResponse)) + w = performRequest(r, "GET", "/apisix/admin/routes", nil) + assert.Equal(t, http.StatusUnauthorized, w.Code) // test with token expire expireToken := genToken("admin", time.Now().Unix(), time.Now().Unix()-60*3600) - fakeReq.Header.Set("Authorization", expireToken) - assert.Nil(t, mw.Handle(ctx)) - assert.Equal(t, expectOutput, ctx.Output().(*data.SpecCodeResponse)) + w = performRequest(r, "GET", "/apisix/admin/routes", map[string]string{"Authorization": expireToken}) + assert.Equal(t, http.StatusUnauthorized, w.Code) - // test with temp subject - tempSubjectToken := genToken("", time.Now().Unix(), time.Now().Unix()+60*3600) - fakeReq.Header.Set("Authorization", tempSubjectToken) - assert.Nil(t, mw.Handle(ctx)) - assert.Equal(t, expectOutput, ctx.Output().(*data.SpecCodeResponse)) + // test with empty subject + emptySubjectToken := genToken("", time.Now().Unix(), time.Now().Unix()+60*3600) + w = performRequest(r, "GET", "/apisix/admin/routes", map[string]string{"Authorization": emptySubjectToken}) + assert.Equal(t, http.StatusUnauthorized, w.Code) - // test username doesn't exist - userToken := genToken("user1", time.Now().Unix(), time.Now().Unix()+60*3600) - fakeReq.Header.Set("Authorization", userToken) - assert.Nil(t, mw.Handle(ctx)) - assert.Equal(t, expectOutput, ctx.Output().(*data.SpecCodeResponse)) + // test token with nonexistent username + nonexistentUserToken := genToken("user1", time.Now().Unix(), time.Now().Unix()+60*3600) + w = performRequest(r, "GET", "/apisix/admin/routes", map[string]string{"Authorization": nonexistentUserToken}) + assert.Equal(t, http.StatusUnauthorized, w.Code) // test auth success - adminToken := genToken("admin", time.Now().Unix(), time.Now().Unix()+60*3600) - fakeReq.Header.Set("Authorization", adminToken) - ctx.SetOutput("test data") - assert.Equal(t, mw.Handle(ctx), errors.New("next middleware")) - assert.Equal(t, "test data", ctx.Output().(string)) + validToken := genToken("admin", time.Now().Unix(), time.Now().Unix()+60*3600) + w = performRequest(r, "GET", "/apisix/admin/routes", map[string]string{"Authorization": validToken}) + assert.Equal(t, http.StatusOK, w.Code) } diff --git a/api/internal/filter/ip_filter_test.go b/api/internal/filter/ip_filter_test.go index dad4da6871..e0c975f7e2 100644 --- a/api/internal/filter/ip_filter_test.go +++ b/api/internal/filter/ip_filter_test.go @@ -35,7 +35,7 @@ func TestIPFilter_Handle(t *testing.T) { r.GET("/", func(c *gin.Context) { }) - w := performRequest(r, "GET", "/") + w := performRequest(r, "GET", "/", nil) assert.Equal(t, 200, w.Code) // should forbidden @@ -45,7 +45,7 @@ func TestIPFilter_Handle(t *testing.T) { r.GET("/fbd", func(c *gin.Context) { }) - w = performRequest(r, "GET", "/fbd") + w = performRequest(r, "GET", "/fbd", nil) assert.Equal(t, 403, w.Code) // should allowed @@ -54,7 +54,7 @@ func TestIPFilter_Handle(t *testing.T) { r.Use(IPFilter()) r.GET("/test", func(c *gin.Context) { }) - w = performRequest(r, "GET", "/test") + w = performRequest(r, "GET", "/test", nil) assert.Equal(t, 200, w.Code) // should forbidden diff --git a/api/internal/filter/logging_test.go b/api/internal/filter/logging_test.go index 37c4cd3230..5a02bafd7f 100644 --- a/api/internal/filter/logging_test.go +++ b/api/internal/filter/logging_test.go @@ -27,8 +27,11 @@ import ( "github.com/apisix/manager-api/internal/log" ) -func performRequest(r http.Handler, method, path string) *httptest.ResponseRecorder { +func performRequest(r http.Handler, method, path string, headers map[string]string) *httptest.ResponseRecorder { req := httptest.NewRequest(method, path, nil) + for key, val := range headers { + req.Header.Add(key, val) + } w := httptest.NewRecorder() r.ServeHTTP(w, req) return w @@ -41,6 +44,6 @@ func TestRequestLogHandler(t *testing.T) { r.GET("/", func(c *gin.Context) { }) - w := performRequest(r, "GET", "/") + w := performRequest(r, "GET", "/", nil) assert.Equal(t, 200, w.Code) } diff --git a/api/internal/handler/upstream/upstream_test.go b/api/internal/handler/upstream/upstream_test.go index 289033dc87..3e3b632a9a 100644 --- a/api/internal/handler/upstream/upstream_test.go +++ b/api/internal/handler/upstream/upstream_test.go @@ -1085,7 +1085,7 @@ func TestUpstream_Patch(t *testing.T) { }, UpstreamDef: entity.UpstreamDef{ Name: "upstream2", - Timeout: &entity.Timeout{ + Timeout: &entity.Timeout{ Connect: 20, Send: 20, Read: 20, @@ -1138,7 +1138,7 @@ func TestUpstream_Patch(t *testing.T) { }, UpstreamDef: entity.UpstreamDef{ Name: "upstream2", - Timeout: &entity.Timeout{ + Timeout: &entity.Timeout{ Connect: 20, Send: 20, Read: 20, @@ -1186,7 +1186,7 @@ func TestUpstream_Patch(t *testing.T) { }, UpstreamDef: entity.UpstreamDef{ Name: "upstream2", - Timeout: &entity.Timeout{ + Timeout: &entity.Timeout{ Connect: 20, Send: 20, Read: 20, @@ -1243,7 +1243,7 @@ func TestUpstream_Patch(t *testing.T) { }, UpstreamDef: entity.UpstreamDef{ Name: "upstream1", - Timeout: &entity.Timeout{ + Timeout: &entity.Timeout{ Connect: 20, Send: 20, Read: 20, @@ -1291,7 +1291,7 @@ func TestUpstream_Patch(t *testing.T) { }, UpstreamDef: entity.UpstreamDef{ Name: "upstream1", - Timeout: &entity.Timeout{ + Timeout: &entity.Timeout{ Connect: 15, Send: 15, Read: 15, @@ -1339,7 +1339,7 @@ func TestUpstream_Patch(t *testing.T) { }, UpstreamDef: entity.UpstreamDef{ Name: "upstream1", - Timeout: &entity.Timeout{ + Timeout: &entity.Timeout{ Connect: 20, Send: 20, Read: 20, @@ -1426,19 +1426,19 @@ func TestUpstream_Patch(t *testing.T) { func TestUpstreams_Delete(t *testing.T) { tests := []struct { - caseDesc string - giveInput *BatchDelete - giveErr error - wantInput []string - wantErr error - wantRet interface{} - routeMockData []*entity.Route - routeMockErr error - serviceMockData []*entity.Service - serviceMockErr error + caseDesc string + giveInput *BatchDelete + giveErr error + wantInput []string + wantErr error + wantRet interface{} + routeMockData []*entity.Route + routeMockErr error + serviceMockData []*entity.Service + serviceMockErr error streamRouteMockData []*entity.Service streamRouteMockErr error - getCalled bool + getCalled bool }{ { caseDesc: "delete success", diff --git a/api/internal/route.go b/api/internal/route.go index d45d35de78..0a2d9c6f2b 100644 --- a/api/internal/route.go +++ b/api/internal/route.go @@ -56,8 +56,8 @@ func SetUpRouter() *gin.Engine { } r := gin.New() logger := log.GetLogger(log.AccessLog) - r.Use(filter.CORS(), filter.RequestId(), filter.IPFilter(), filter.RequestLogHandler(logger), filter.SchemaCheck(), filter.RecoverHandler()) r.Use(gzip.Gzip(gzip.DefaultCompression)) + r.Use(filter.CORS(), filter.RequestId(), filter.IPFilter(), filter.RequestLogHandler(logger), filter.SchemaCheck(), filter.RecoverHandler(), filter.Authentication()) r.Use(static.Serve("/", static.LocalFile(filepath.Join(conf.WorkDir, conf.WebDir), false))) r.NoRoute(func(c *gin.Context) { c.File(fmt.Sprintf("%s/index.html", filepath.Join(conf.WorkDir, conf.WebDir))) diff --git a/api/test/e2e/route_import_test.go b/api/test/e2e/route_import_test.go index b482688a07..f2dbd7dcb9 100644 --- a/api/test/e2e/route_import_test.go +++ b/api/test/e2e/route_import_test.go @@ -317,9 +317,9 @@ func TestImport_with_multi_routes(t *testing.T) { Headers: map[string]string{"Authorization": token}, ExpectStatus: http.StatusOK, ExpectBody: []string{`"methods":["GET","POST","HEAD","PUT","PATCH","DELETE"]`, - `"proxy-rewrite":{"disable":false,"scheme":"https"}`, + `"proxy-rewrite":{"disable":false,"scheme":"http"}`, `"labels":{"API_VERSION":"v2","dev":"test"}`, - `"upstream":{"nodes":[{"host":"httpbin.org","port":443,"weight":1}],"timeout":{"connect":6000,"send":6000,"read":6000},"type":"roundrobin","pass_host":"node"}`, + `"upstream":{"nodes":[{"host":"172.16.238.20","port":80,"weight":1}],"timeout":{"connect":6000,"send":6000,"read":6000},"type":"roundrobin","pass_host":"node"}`, }, Sleep: sleepTime, } @@ -333,9 +333,9 @@ func TestImport_with_multi_routes(t *testing.T) { Headers: map[string]string{"Authorization": token}, ExpectStatus: http.StatusOK, ExpectBody: []string{`"methods":["POST"]`, - `"proxy-rewrite":{"disable":false,"scheme":"https"}`, + `"proxy-rewrite":{"disable":false,"scheme":"http"}`, `"labels":{"API_VERSION":"v1","version":"v1"}`, - `"upstream":{"nodes":[{"host":"httpbin.org","port":443,"weight":1}],"timeout":{"connect":6000,"send":6000,"read":6000},"type":"roundrobin","pass_host":"node"}`, + `"upstream":{"nodes":[{"host":"172.16.238.20","port":80,"weight":1}],"timeout":{"connect":6000,"send":6000,"read":6000},"type":"roundrobin","pass_host":"node"}`, }, Sleep: sleepTime, } @@ -351,7 +351,7 @@ func TestImport_with_multi_routes(t *testing.T) { Method: http.MethodGet, Path: "/get", ExpectStatus: http.StatusOK, - ExpectBody: `"url": "https://127.0.0.1/get"`, + ExpectBody: `/get`, Sleep: sleepTime, }, { @@ -360,7 +360,7 @@ func TestImport_with_multi_routes(t *testing.T) { Method: http.MethodPost, Path: "/post", ExpectStatus: http.StatusOK, - ExpectBody: `"url": "https://127.0.0.1/post"`, + ExpectBody: `/post`, Sleep: sleepTime, }, } diff --git a/api/test/e2enew/base/base.go b/api/test/e2enew/base/base.go index 2879696612..a3aa943bc6 100644 --- a/api/test/e2enew/base/base.go +++ b/api/test/e2enew/base/base.go @@ -108,7 +108,7 @@ func APISIXStreamProxyExpect(port uint16, sni string) *httpexpect.Expect { }, }) } else { - return httpexpect.New(t, "http://" + net.JoinHostPort("127.0.0.1", strconv.Itoa(int(port)))) + return httpexpect.New(t, "http://"+net.JoinHostPort("127.0.0.1", strconv.Itoa(int(port)))) } } diff --git a/api/test/e2enew/migrate/migrate_test.go b/api/test/e2enew/migrate/migrate_test.go index 8736fc2251..c3ff88dfe3 100644 --- a/api/test/e2enew/migrate/migrate_test.go +++ b/api/test/e2enew/migrate/migrate_test.go @@ -128,10 +128,27 @@ var _ = Describe("Migrate", func() { ExpectStatus: http.StatusOK, Sleep: time.Second * 1, }), + Entry("migrate export auth test", base.HttpTestCase{ + Object: base.ManagerApiExpect(), + Method: http.MethodPost, + Path: "/apisix/admin/migrate/export", + ExpectStatus: http.StatusUnauthorized, + ExpectBody: "request unauthorized", + Sleep: base.SleepTime, + }), + Entry("migrate import auth test", base.HttpTestCase{ + Object: base.ManagerApiExpect(), + Method: http.MethodPost, + Path: "/apisix/admin/migrate/import", + ExpectStatus: http.StatusUnauthorized, + ExpectBody: "request unauthorized", + Sleep: base.SleepTime, + }), ) It("export config success", func() { req := base.ManagerApiExpect().GET("/apisix/admin/migrate/export") + req.WithHeader("Authorization", base.GetToken()) resp := req.Expect() resp.Status(http.StatusOK) exportData = []byte(resp.Body().Raw()) @@ -145,6 +162,7 @@ var _ = Describe("Migrate", func() { buffer := bytes.NewBuffer(exportData) req.WithMultipart().WithForm(map[string]string{"mode": "return"}) req.WithMultipart().WithFile("file", "apisix-config.bak", buffer) + req.WithHeader("Authorization", base.GetToken()) resp := req.Expect() resp.Status(http.StatusOK) rsp := &response{} @@ -161,6 +179,7 @@ var _ = Describe("Migrate", func() { buffer := bytes.NewBuffer(exportData) req.WithMultipart().WithForm(map[string]string{"mode": "skip"}) req.WithMultipart().WithFile("file", "apisix-config.bak", buffer) + req.WithHeader("Authorization", base.GetToken()) resp := req.Expect() resp.Status(http.StatusOK) rsp := &response{} @@ -174,6 +193,7 @@ var _ = Describe("Migrate", func() { buffer := bytes.NewBuffer(exportData) req.WithMultipart().WithForm(map[string]string{"mode": "overwrite"}) req.WithMultipart().WithFile("file", "apisix-config.bak", buffer) + req.WithHeader("Authorization", base.GetToken()) resp := req.Expect() resp.Status(http.StatusOK) rsp := &response{} @@ -245,6 +265,7 @@ var _ = Describe("Migrate", func() { buffer := bytes.NewBuffer(exportData) req.WithMultipart().WithForm(map[string]string{"mode": "return"}) req.WithMultipart().WithFile("file", "apisix-config.bak", buffer) + req.WithHeader("Authorization", base.GetToken()) resp := req.Expect() resp.Status(http.StatusOK) rsp := &response{} diff --git a/api/test/e2enew/stream_route/stream_route_test.go b/api/test/e2enew/stream_route/stream_route_test.go index 62f8c52f42..9ca39ba6fd 100644 --- a/api/test/e2enew/stream_route/stream_route_test.go +++ b/api/test/e2enew/stream_route/stream_route_test.go @@ -210,6 +210,7 @@ var _ = Describe("Stream Route", func() { }) }) It("hit stream route through tcp", func() { + time.Sleep(base.SleepTime) conn, err := net.Dial("tcp", "127.0.0.1:1991") Expect(err).To(BeNil()) @@ -250,6 +251,7 @@ var _ = Describe("Stream Route", func() { }) }) It("hit stream route through udp", func() { + time.Sleep(base.SleepTime) conn, err := net.Dial("udp", "127.0.0.1:10095") Expect(err).To(BeNil()) diff --git a/api/test/e2enew/upstream/upstream_keepalive_pool.go b/api/test/e2enew/upstream/upstream_keepalive_pool.go index 9047ac3899..a16ebe0ae8 100644 --- a/api/test/e2enew/upstream/upstream_keepalive_pool.go +++ b/api/test/e2enew/upstream/upstream_keepalive_pool.go @@ -39,8 +39,8 @@ var _ = ginkgo.Describe("Upstream keepalive pool", func() { } createUpstreamBody["type"] = "roundrobin" createUpstreamBody["keepalive_pool"] = map[string]interface{}{ - "size": 320, - "requests": 1000, + "size": 320, + "requests": 1000, "idle_timeout": 60, } _createUpstreamBody, err := json.Marshal(createUpstreamBody) diff --git a/api/test/e2enew/upstream/upstream_test.go b/api/test/e2enew/upstream/upstream_test.go index 2689b0a679..af8fb10ebd 100644 --- a/api/test/e2enew/upstream/upstream_test.go +++ b/api/test/e2enew/upstream/upstream_test.go @@ -285,6 +285,7 @@ var _ = ginkgo.Describe("Upstream update with domain", func() { Body: string(_createUpstreamBody), Headers: map[string]string{"Authorization": base.GetToken()}, ExpectStatus: http.StatusOK, + ExpectBody: `"code":0`, }) }) ginkgo.It("create route using the upstream(use proxy rewriteproxy rewrite plugin)", func() { @@ -294,11 +295,11 @@ var _ = ginkgo.Describe("Upstream update with domain", func() { Path: "/apisix/admin/routes/1", Body: `{ "name": "route1", - "uri": "/get", + "uri": "/*", "upstream_id": "1", "plugins": { "proxy-rewrite": { - "uri": "/get", + "uri": "/", "scheme": "https" } } @@ -312,12 +313,13 @@ var _ = ginkgo.Describe("Upstream update with domain", func() { createUpstreamBody := make(map[string]interface{}) createUpstreamBody["nodes"] = []map[string]interface{}{ { - "host": "httpbin.org", + "host": "www.google.com", "port": 443, "weight": 1, }, } createUpstreamBody["type"] = "roundrobin" + createUpstreamBody["pass_host"] = "node" _createUpstreamBody, err := json.Marshal(createUpstreamBody) gomega.Expect(err).To(gomega.BeNil()) base.RunTestCase(base.HttpTestCase{ @@ -333,9 +335,9 @@ var _ = ginkgo.Describe("Upstream update with domain", func() { base.RunTestCase(base.HttpTestCase{ Object: base.APISIXExpect(), Method: http.MethodGet, - Path: "/get", + Path: "/", ExpectStatus: http.StatusOK, - ExpectBody: "\n \"url\": \"https://127.0.0.1/get\"\n}\n", + ExpectBody: "google", Sleep: base.SleepTime, }) }) diff --git a/api/test/testdata/import/multi-routes.yaml b/api/test/testdata/import/multi-routes.yaml index 966815f714..42352c6618 100644 --- a/api/test/testdata/import/multi-routes.yaml +++ b/api/test/testdata/import/multi-routes.yaml @@ -37,13 +37,13 @@ paths: x-apisix-plugins: proxy-rewrite: disable: false - scheme: https + scheme: http x-apisix-priority: 0 x-apisix-status: 1 x-apisix-upstream: nodes: - - host: httpbin.org - port: 443 + - host: 172.16.238.20 + port: 80 weight: 1 timeout: connect: 6000 @@ -65,13 +65,13 @@ paths: x-apisix-plugins: proxy-rewrite: disable: false - scheme: https + scheme: http x-apisix-priority: 0 x-apisix-status: 1 x-apisix-upstream: nodes: - - host: httpbin.org - port: 443 + - host: 172.16.238.20 + port: 80 weight: 1 timeout: connect: 6000 @@ -93,13 +93,13 @@ paths: x-apisix-plugins: proxy-rewrite: disable: false - scheme: https + scheme: http x-apisix-priority: 0 x-apisix-status: 1 x-apisix-upstream: nodes: - - host: httpbin.org - port: 443 + - host: 172.16.238.20 + port: 80 weight: 1 timeout: connect: 6000 @@ -121,13 +121,13 @@ paths: x-apisix-plugins: proxy-rewrite: disable: false - scheme: https + scheme: http x-apisix-priority: 0 x-apisix-status: 1 x-apisix-upstream: nodes: - - host: httpbin.org - port: 443 + - host: 172.16.238.20 + port: 80 weight: 1 timeout: connect: 6000 @@ -149,13 +149,13 @@ paths: x-apisix-plugins: proxy-rewrite: disable: false - scheme: https + scheme: http x-apisix-priority: 0 x-apisix-status: 1 x-apisix-upstream: nodes: - - host: httpbin.org - port: 443 + - host: 172.16.238.20 + port: 80 weight: 1 timeout: connect: 6000 @@ -177,13 +177,13 @@ paths: x-apisix-plugins: proxy-rewrite: disable: false - scheme: https + scheme: http x-apisix-priority: 0 x-apisix-status: 1 x-apisix-upstream: nodes: - - host: httpbin.org - port: 443 + - host: 172.16.238.20 + port: 80 weight: 1 timeout: connect: 6000 @@ -207,13 +207,13 @@ paths: x-apisix-plugins: proxy-rewrite: disable: false - scheme: https + scheme: http x-apisix-priority: 0 x-apisix-status: 1 x-apisix-upstream: nodes: - - host: httpbin.org - port: 443 + - host: 172.16.238.20 + port: 80 weight: 1 timeout: connect: 6000