From 1266801154b9d0eeea02a9e2159c499787d0cd9d Mon Sep 17 00:00:00 2001 From: batman-ezio <80014017+batman-ezio@users.noreply.github.com> Date: Fri, 28 May 2021 22:44:36 +0800 Subject: [PATCH] change(echo): remove odd auth_value (#4055) Co-authored-by: spacewander --- apisix/plugins/echo.lua | 14 -- docs/en/latest/plugins/echo.md | 1 - docs/zh/latest/plugins/echo.md | 1 - t/plugin/echo.t | 258 +-------------------------------- 4 files changed, 8 insertions(+), 266 deletions(-) diff --git a/apisix/plugins/echo.lua b/apisix/plugins/echo.lua index a376183dc921..434ed55c34e0 100644 --- a/apisix/plugins/echo.lua +++ b/apisix/plugins/echo.lua @@ -40,10 +40,6 @@ local schema = { type = "object", minProperties = 1, }, - auth_value = { - description = "auth value", - type = "string" - }, }, anyOf = { {required = {"before_body"}}, @@ -91,16 +87,6 @@ function _M.body_filter(conf, ctx) end -function _M.access(conf, ctx) - local value = core.request.header(ctx, "Authorization") - - if value ~= conf.auth_value then - return 401, "unauthorized body" - end - -end - - function _M.header_filter(conf, ctx) if conf.body or conf.before_body or conf.after_body then core.response.clear_header_as_body_modified() diff --git a/docs/en/latest/plugins/echo.md b/docs/en/latest/plugins/echo.md index af2661150e35..3438e9b5df33 100644 --- a/docs/en/latest/plugins/echo.md +++ b/docs/en/latest/plugins/echo.md @@ -45,7 +45,6 @@ This plugin addresses the corresponding functionality in the common phases such | body | string | optional | | | Body to replace upstream response. | | after_body | string | optional | | | Body after the modification of filter phase. | | headers | object | optional | | | New headers for response | -| auth_value | string | optional | | | Auth value | At least one of `before_body`, `body`, and `after_body` must be specified. diff --git a/docs/zh/latest/plugins/echo.md b/docs/zh/latest/plugins/echo.md index c9df63cc5184..ce1fc1e0f8b1 100644 --- a/docs/zh/latest/plugins/echo.md +++ b/docs/zh/latest/plugins/echo.md @@ -45,7 +45,6 @@ echo 可以帮助用户尽可能全面地了解如何开发APISIX插件。 | body | string | 可选 | | | 返回给客户端的响应内容,它将覆盖 upstream 返回的响应 body。 | | after_body | string | 可选 | | | 在 body 属性之后添加的内容,如果 body 属性没有指定将在 upstream 响应 body 之后添加。 | | headers | object | 可选 | | | 返回值的 headers | -| auth_value | string | 可选 | | | | 参数 before_body,body 和 after_body 至少要存在一个 diff --git a/t/plugin/echo.t b/t/plugin/echo.t index 97103a46d7a6..296ed0639e8c 100644 --- a/t/plugin/echo.t +++ b/t/plugin/echo.t @@ -86,8 +86,7 @@ done "headers": { "Location":"https://www.iresty.com", "Authorization": "userpass" - }, - "auth_value" : "userpass" + } } }, "upstream": { @@ -108,7 +107,6 @@ done "headers": { "Location":"https://www.iresty.com" }, - "auth_value" : "userpass" } }, "upstream": { @@ -143,8 +141,6 @@ passed === TEST 4: access --- request GET /hello ---- more_headers -Authorization: userpass --- response_body chomp before the body modification hello upstream after the body modification. --- response_headers @@ -167,7 +163,6 @@ Authorization: userpass "plugins": { "echo": { "before_body": "before the body modification ", - "auth_value" : "userpass", "headers": { "Location":"https://www.iresty.com" } @@ -187,7 +182,6 @@ Authorization: userpass "plugins": { "echo": { "before_body": "before the body modification ", - "auth_value" : "userpass", "headers": { "Location":"https://www.iresty.com" } @@ -225,8 +219,6 @@ passed === TEST 6: access without upstream body change --- request GET /hello ---- more_headers -Authorization: userpass --- response_body before the body modification hello world --- response_headers @@ -238,240 +230,7 @@ Location: https://www.iresty.com -=== TEST 7: update plugin back ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/routes/1', - ngx.HTTP_PUT, - [[{ - "plugins": { - "echo": { - "before_body": "before the body modification ", - "auth_value" : "userpassword", - "headers": { - "Location":"https://www.iresty.com" - } - } - }, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 - }, - "type": "roundrobin" - }, - "uri": "/hello" - }]], - [[{ - "node": { - "value": { - "plugins": { - "echo": { - "before_body": "before the body modification ", - "auth_value" : "userpassword", - "headers": { - "Location":"https://www.iresty.com" - } - } - }, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 - }, - "type": "roundrobin" - }, - "uri": "/hello" - }, - "key": "/apisix/routes/1" - }, - "action": "set" - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- response_body -passed ---- no_error_log -[error] - - - -=== TEST 8: access with wrong value in auth header value throws 401 ---- request -GET /hello ---- more_headers -Authorization: userpass ---- error_code: 401 ---- response_body chomp -before the body modification unauthorized body ---- response_headers -Location: https://www.iresty.com - - - -=== TEST 9: update plugin back ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/routes/1', - ngx.HTTP_PUT, - [[{ - "plugins": { - "echo": { - "before_body": "before the body modification ", - "headers": { - "Location":"https://www.iresty.com" - } - } - }, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 - }, - "type": "roundrobin" - }, - "uri": "/hello" - }]], - [[{ - "node": { - "value": { - "plugins": { - "echo": { - "before_body": "before the body modification ", - "headers": { - "Location":"https://www.iresty.com" - } - } - }, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 - }, - "type": "roundrobin" - }, - "uri": "/hello" - }, - "key": "/apisix/routes/1" - }, - "action": "set" - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- response_body -passed ---- no_error_log -[error] - - - -=== TEST 10: access with no auth header and value throws 401 ---- request -GET /hello ---- more_headers -Authorization: userpass ---- error_code: 401 ---- response_body chomp -before the body modification unauthorized body ---- response_headers -Location: https://www.iresty.com - - - -=== TEST 11: update plugin ---- config - location /t { - content_by_lua_block { - local t = require("lib.test_admin").test - local code, body = t('/apisix/admin/routes/1', - ngx.HTTP_PUT, - [[{ - "plugins": { - "echo": { - "before_body": "before the body modification ", - "auth_value" : "userpass", - "headers": { - "Location":"https://www.iresty.com" - } - } - }, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 - }, - "type": "roundrobin" - }, - "uri": "/hello" - }]], - [[{ - "node": { - "value": { - "plugins": { - "echo": { - "before_body": "before the body modification ", - "auth_value" : "userpass", - "headers": { - "Location":"https://www.iresty.com" - } - } - }, - "upstream": { - "nodes": { - "127.0.0.1:1980": 1 - }, - "type": "roundrobin" - }, - "uri": "/hello" - }, - "key": "/apisix/routes/1" - }, - "action": "set" - }]] - ) - - if code >= 300 then - ngx.status = code - end - ngx.say(body) - } - } ---- request -GET /t ---- response_body -passed ---- no_error_log -[error] - - - -=== TEST 12: access without authorization as a header should throws 401 ---- request -GET /hello ---- error_code: 401 ---- response_body chomp -before the body modification unauthorized body ---- response_headers -Location: https://www.iresty.com - - - -=== TEST 13: print the `conf` in etcd, no dirty data +=== TEST 7: print the `conf` in etcd, no dirty data --- config location /t { content_by_lua_block { @@ -485,7 +244,6 @@ Location: https://www.iresty.com "plugins": { "echo": { "before_body": "before the body modification ", - "auth_value" : "userpass", "headers": { "Location":"https://www.iresty.com" } @@ -506,13 +264,13 @@ Location: https://www.iresty.com --- request GET /t --- response_body -{"echo":{"auth_value":"userpass","before_body":"before the body modification ","headers":{"Location":"https://www.iresty.com"}}} +{"echo":{"before_body":"before the body modification ","headers":{"Location":"https://www.iresty.com"}}} --- no_error_log [error] -=== TEST 14: additional property +=== TEST 8: additional property --- config location /t { content_by_lua_block { @@ -540,7 +298,7 @@ additional properties forbidden, found invalid_att -=== TEST 15: set body with chunked upstream +=== TEST 9: set body with chunked upstream --- config location /t { content_by_lua_block { @@ -578,7 +336,7 @@ passed -=== TEST 16: access +=== TEST 10: access --- request GET /hello_chunked --- response_body chomp @@ -588,7 +346,7 @@ hello upstream -=== TEST 17: add before/after body with chunked upstream +=== TEST 11: add before/after body with chunked upstream --- config location /t { content_by_lua_block { @@ -627,7 +385,7 @@ passed -=== TEST 18: access +=== TEST 12: access --- request GET /hello_chunked --- response_body chomp