You are viewing a plain text version of this content. The canonical link for it is here.
Posted to notifications@apisix.apache.org by sp...@apache.org on 2020/10/11 11:18:44 UTC
[apisix] branch master updated: change(hmac-auth): split schema to
adapt different occasions (#2386)
This is an automated email from the ASF dual-hosted git repository.
spacewander pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new b8e4b85 change(hmac-auth): split schema to adapt different occasions (#2386)
b8e4b85 is described below
commit b8e4b8589d3b62a1c30fe726963a9dca7a6ff3f6
Author: 罗泽轩 <sp...@gmail.com>
AuthorDate: Sun Oct 11 19:18:37 2020 +0800
change(hmac-auth): split schema to adapt different occasions (#2386)
---
apisix/plugins/hmac-auth.lua | 68 +++++++++++++++++++++++---------------------
t/plugin/hmac-auth.t | 37 +++++++++++++++++++++---
2 files changed, 68 insertions(+), 37 deletions(-)
diff --git a/apisix/plugins/hmac-auth.lua b/apisix/plugins/hmac-auth.lua
index 2c9d0ac..edb3a78 100644
--- a/apisix/plugins/hmac-auth.lua
+++ b/apisix/plugins/hmac-auth.lua
@@ -39,39 +39,37 @@ local plugin_name = "hmac-auth"
local schema = {
type = "object",
- oneOf = {
- {
- title = "work with route or service object",
- properties = {},
- additionalProperties = false,
+ title = "work with route or service object",
+ properties = {},
+ additionalProperties = false,
+}
+
+local consumer_schema = {
+ type = "object",
+ title = "work with consumer object",
+ properties = {
+ access_key = {type = "string", minLength = 1, maxLength = 256},
+ secret_key = {type = "string", minLength = 1, maxLength = 256},
+ algorithm = {
+ type = "string",
+ enum = {"hmac-sha1", "hmac-sha256", "hmac-sha512"},
+ default = "hmac-sha256"
},
- {
- title = "work with consumer object",
- properties = {
- access_key = {type = "string", minLength = 1, maxLength = 256},
- secret_key = {type = "string", minLength = 1, maxLength = 256},
- algorithm = {
- type = "string",
- enum = {"hmac-sha1", "hmac-sha256", "hmac-sha512"},
- default = "hmac-sha256"
- },
- clock_skew = {
- type = "integer",
- default = 0
- },
- signed_headers = {
- type = "array",
- items = {
- type = "string",
- minLength = 1,
- maxLength = 50,
- }
- },
- },
- required = {"access_key", "secret_key"},
- additionalProperties = false,
+ clock_skew = {
+ type = "integer",
+ default = 0
},
- }
+ signed_headers = {
+ type = "array",
+ items = {
+ type = "string",
+ minLength = 1,
+ maxLength = 50,
+ }
+ },
+ },
+ required = {"access_key", "secret_key"},
+ additionalProperties = false,
}
local _M = {
@@ -138,10 +136,14 @@ do
end -- do
-function _M.check_schema(conf)
+function _M.check_schema(conf, schema_type)
core.log.info("input conf: ", core.json.delay_encode(conf))
- return core.schema.check(schema, conf)
+ if schema_type == core.schema.TYPE_CONSUMER then
+ return core.schema.check(consumer_schema, conf)
+ else
+ return core.schema.check(schema, conf)
+ end
end
diff --git a/t/plugin/hmac-auth.t b/t/plugin/hmac-auth.t
index fee4598..a91f4d0 100644
--- a/t/plugin/hmac-auth.t
+++ b/t/plugin/hmac-auth.t
@@ -96,7 +96,7 @@ passed
GET /t
--- error_code: 400
--- response_body eval
-qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: value should match only one schema, but matches none"\}/
+qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: property \\"secret_key\\" is required"\}/
--- no_error_log
[error]
@@ -126,7 +126,7 @@ qr/\{"error_msg":"invalid plugins configuration: failed to check the configurati
GET /t
--- error_code: 400
--- response_body eval
-qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: value should match only one schema, but matches none"\}/
+qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: property \\"access_key\\" is required"\}/
--- no_error_log
[error]
@@ -157,7 +157,7 @@ qr/\{"error_msg":"invalid plugins configuration: failed to check the configurati
GET /t
--- error_code: 400
--- response_body eval
-qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: value should match only one schema, but matches none"\}/
+qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: property \\"access_key\\" validation failed: string too long, expected at most 256, got 320"\}/
--- no_error_log
[error]
@@ -188,7 +188,7 @@ qr/\{"error_msg":"invalid plugins configuration: failed to check the configurati
GET /t
--- error_code: 400
--- response_body eval
-qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: value should match only one schema, but matches none"\}/
+qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: property \\"secret_key\\" validation failed: string too long, expected at most 256, got 384"\}/
--- no_error_log
[error]
@@ -844,3 +844,32 @@ GET /t
passed
--- no_error_log
[error]
+
+
+
+=== TEST 24: add consumer with plugin hmac-auth - empty configuration
+--- config
+ location /t {
+ content_by_lua_block {
+ local t = require("lib.test_admin").test
+ local code, body = t('/apisix/admin/consumers',
+ ngx.HTTP_PUT,
+ [[{
+ "username": "foo",
+ "plugins": {
+ "hmac-auth": {
+ }
+ }
+ }]])
+
+ ngx.status = code
+ ngx.say(body)
+ }
+ }
+--- request
+GET /t
+--- error_code: 400
+--- response_body eval
+qr/\{"error_msg":"invalid plugins configuration: failed to check the configuration of plugin hmac-auth err: property \\"secret_key\\" is required"\}/
+--- no_error_log
+[error]