aljaz/aperture
1
1
Fork 0
mirror of https://github.com/lightninglabs/aperture.git synced 2025-12-18 09:34:20 +01:00
Code Issues Packages Projects Releases Wiki Activity

Merge pull request #54 from lightninglabs/fix-auth-header-not-found

Browse Source 
proxy: remove manual trailer fields
This commit is contained in:
Olaoluwa Osuntokun
2021-07-05 18:32:57 -07:00
committed by GitHub
parent 0194e0da36 74282b9978
commit c819b4ac7e
2 changed files with 17 additions and 5 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
proxy/proxy.go
View File

@@ -333,10 +333,6 @@ func sendDirectResponse(w http.ResponseWriter, r *http.Request,
case strings.HasPrefix(r.Header.Get(hdrContentType), hdrTypeGrpc): case strings.HasPrefix(r.Header.Get(hdrContentType), hdrTypeGrpc):
w.Header().Set(hdrGrpcStatus, strconv.Itoa(int(codes.Internal))) w.Header().Set(hdrGrpcStatus, strconv.Itoa(int(codes.Internal)))
w.Header().Set(hdrGrpcMessage, errInfo) w.Header().Set(hdrGrpcMessage, errInfo)
w.Header().Set("Content-Length", "0")
w.Header().Set(":status", strconv.Itoa(statusCode))
w.Header().Add("Trailer", hdrGrpcStatus)
w.Header().Add("Trailer", hdrGrpcMessage)
w.WriteHeader(statusCode) w.WriteHeader(statusCode)

18
proxy/proxy_test.go
View File

@@ -23,6 +23,7 @@ import (
"google.golang.org/grpc" "google.golang.org/grpc"
"google.golang.org/grpc/codes" "google.golang.org/grpc/codes"
"google.golang.org/grpc/credentials" "google.golang.org/grpc/credentials"
"google.golang.org/grpc/metadata"
"google.golang.org/grpc/status" "google.golang.org/grpc/status"
"gopkg.in/macaroon.v2" "gopkg.in/macaroon.v2"
) )
@@ -293,10 +294,13 @@ func runGRPCTest(t *testing.T, tc *testCase) {
client := proxytest.NewGreeterClient(conn) client := proxytest.NewGreeterClient(conn)
// Make request without authentication. We expect an error that can // Make request without authentication. We expect an error that can
// be parsed by gRPC. // be parsed by gRPC. We also need to extract any metadata that are
// sent in the trailer to make sure the challenge is returned properly.
req := &proxytest.HelloRequest{Name: "foo"} req := &proxytest.HelloRequest{Name: "foo"}
captureMetadata := metadata.MD{}
_, err = client.SayHello( _, err = client.SayHello(
context.Background(), req, grpc.WaitForReady(true), context.Background(), req, grpc.WaitForReady(true),
grpc.Trailer(&captureMetadata),
) )
require.Error(t, err) require.Error(t, err)
statusErr, ok := status.FromError(err) statusErr, ok := status.FromError(err)
@@ -304,6 +308,18 @@ func runGRPCTest(t *testing.T, tc *testCase) {
require.Equal(t, "payment required", statusErr.Message()) require.Equal(t, "payment required", statusErr.Message())
require.Equal(t, codes.Internal, statusErr.Code()) require.Equal(t, codes.Internal, statusErr.Code())
// We expect the WWW-Authenticate header field to be set to an LSAT
// auth response.
expectedHeaderContent, _ := mockAuth.FreshChallengeHeader(&http.Request{
Header: map[string][]string{},
}, "", 0)
capturedHeader := captureMetadata.Get("WWW-Authenticate")
require.Len(t, capturedHeader, 1)
require.Equal(
t, expectedHeaderContent.Get("WWW-Authenticate"),
capturedHeader[0],
)
// Make sure that if we query an URL that is on the whitelist, we don't // Make sure that if we query an URL that is on the whitelist, we don't
// get the 402 response. // get the 402 response.
if len(tc.authWhitelist) > 0 { if len(tc.authWhitelist) > 0 {