Merge pull request Kong#82 from Mashape/feature/auth-plugins

Separating plugins
streamdataio · Mar 20, 2015 · d9c26d9 · d9c26d9
2 parents f2c73e0 + 0c33451
commit d9c26d9
Show file tree

Hide file tree

Showing 33 changed files with 604 additions and 256 deletions.
diff --git a/kong-0.0.1beta-1.rockspec b/kong-0.0.1beta-1.rockspec
@@ -28,6 +28,7 @@ dependencies = {
   "stringy ~> 0.2-1",
   "inspect ~> 3.0-1",
   "luasocket ~> 2.0.2-5",
+  "lua-llthreads2 ~> 0.1.3-1",
   "lua_cliargs ~> 2.3-3",
   "lua-path ~> 0.2.3-1",
   "luatz ~> 0.3-1"
@@ -64,13 +65,29 @@ build = {
     ["kong.dao.cassandra.accounts"] = "src/dao/cassandra/accounts.lua",
     ["kong.dao.cassandra.applications"] = "src/dao/cassandra/applications.lua",
 
-    ["kong.plugins.authentication.handler"] = "src/plugins/authentication/handler.lua",
-    ["kong.plugins.authentication.access"] = "src/plugins/authentication/access.lua",
-    ["kong.plugins.authentication.schema"] = "src/plugins/authentication/schema.lua",
+    ["kong.plugins.basicauth.handler"] = "src/plugins/basicauth/handler.lua",
+    ["kong.plugins.basicauth.access"] = "src/plugins/basicauth/access.lua",
+    ["kong.plugins.basicauth.schema"] = "src/plugins/basicauth/schema.lua",
 
-    ["kong.plugins.networklog.handler"] = "src/plugins/networklog/handler.lua",
-    ["kong.plugins.networklog.log"] = "src/plugins/networklog/log.lua",
-    ["kong.plugins.networklog.schema"] = "src/plugins/networklog/schema.lua",
+    ["kong.plugins.queryauth.handler"] = "src/plugins/queryauth/handler.lua",
+    ["kong.plugins.queryauth.access"] = "src/plugins/queryauth/access.lua",
+    ["kong.plugins.queryauth.schema"] = "src/plugins/queryauth/schema.lua",
+
+    ["kong.plugins.headerauth.handler"] = "src/plugins/headerauth/handler.lua",
+    ["kong.plugins.headerauth.access"] = "src/plugins/headerauth/access.lua",
+    ["kong.plugins.headerauth.schema"] = "src/plugins/headerauth/schema.lua",
+
+    ["kong.plugins.tcplog.handler"] = "src/plugins/tcplog/handler.lua",
+    ["kong.plugins.tcplog.log"] = "src/plugins/tcplog/log.lua",
+    ["kong.plugins.tcplog.schema"] = "src/plugins/tcplog/schema.lua",
+
+    ["kong.plugins.udplog.handler"] = "src/plugins/udplog/handler.lua",
+    ["kong.plugins.udplog.log"] = "src/plugins/udplog/log.lua",
+    ["kong.plugins.udplog.schema"] = "src/plugins/udplog/schema.lua",
+
+    ["kong.plugins.filelog.handler"] = "src/plugins/filelog/handler.lua",
+    ["kong.plugins.filelog.log"] = "src/plugins/filelog/log.lua",
+    ["kong.plugins.filelog.schema"] = "src/plugins/filelog/schema.lua",
 
     ["kong.plugins.ratelimiting.handler"] = "src/plugins/ratelimiting/handler.lua",
     ["kong.plugins.ratelimiting.access"] = "src/plugins/ratelimiting/access.lua",

diff --git a/kong.yml b/kong.yml
@@ -1,8 +1,12 @@
 # Available plugins on this server
 plugins_available:
-  - authentication
+  - queryauth
+  - headerauth
+  - basicauth
   - ratelimiting
-  - networklog
+  - tcplog
+  - udplog
+  - filelog
 
 # Uncomment the following line to setup a custom output directory
 # output: /var/log/kong

diff --git a/spec/integration/proxy/log_spec.lua b/spec/integration/proxy/log_spec.lua
@@ -0,0 +1,107 @@
+local spec_helper = require "spec.spec_helpers"
+local http_client = require "kong.tools.http_client"
+local cjson = require "cjson"
+local Threads = require "llthreads2.ex"
+
+local STUB_GET_URL = spec_helper.STUB_GET_URL
+
+local function start_tcp_server()
+  local thread = Threads.new({
+    function()
+      local socket = require "socket"
+      local server = assert(socket.bind("*", 7777))
+      local client = server:accept()
+      local line, err = client:receive()
+      if not err then client:send(line .. "\n") end
+      client:close()
+      return line
+    end;
+  })
+
+  thread:start()
+  return thread;
+end
+
+local function start_udp_server()
+  local thread = Threads.new({
+    function()
+      local socket = require("socket")
+      udp = socket.udp()
+      udp:setsockname("*", 8888)
+      data, ip, port = udp:receivefrom()
+      return data
+    end;
+  })
+
+  thread:start()
+  return thread;
+end
+
+describe("Logging Plugins #proxy", function()
+
+  setup(function()
+    spec_helper.prepare_db()
+    spec_helper.start_kong()
+  end)
+
+  teardown(function()
+    spec_helper.stop_kong()
+    spec_helper.reset_db()
+  end)
+
+  describe("Invalid API", function()
+
+    it("should log to TCP", function()
+      local thread = start_tcp_server() -- Starting the mock TCP server
+
+      -- Making the request
+      local response, status, headers = http_client.get(STUB_GET_URL, {apikey = "apikey123"}, {host = "test.com"})
+      assert.are.equal(200, status)
+
+      -- Getting back the TCP server input
+      local ok, res = thread:join()
+      assert.truthy(ok)
+      assert.truthy(res)
+
+      -- Making sure it's alright
+      local log_message = cjson.decode(res)
+      assert.are.same("127.0.0.1", log_message.ip)
+    end)
+
+    it("should log to UDP", function()
+      local thread = start_udp_server() -- Starting the mock TCP server
+
+      -- Making the request
+      local response, status, headers = http_client.get(STUB_GET_URL, {apikey = "apikey123"}, {host = "test.com"})
+      assert.are.equal(200, status)
+
+      -- Getting back the TCP server input
+      local ok, res = thread:join()
+      assert.truthy(ok)
+      assert.truthy(res)
+
+      -- Making sure it's alright
+      local log_message = cjson.decode(res)
+      assert.are.same("127.0.0.1", log_message.ip)
+    end)
+
+    it("should log to file", function()
+      local thread = start_udp_server() -- Starting the mock TCP server
+
+      -- Making the request
+      local response, status, headers = http_client.get(STUB_GET_URL, {apikey = "apikey123"}, {host = "test.com"})
+      assert.are.equal(200, status)
+
+      -- Getting back the TCP server input
+      local ok, res = thread:join()
+      assert.truthy(ok)
+      assert.truthy(res)
+
+      -- Making sure it's alright
+      local log_message = cjson.decode(res)
+      assert.are.same("127.0.0.1", log_message.ip)
+    end)
+
+  end)
+
+end)
diff --git a/spec/integration/server/server_spec.lua b/spec/integration/server/server_spec.lua
@@ -84,29 +84,30 @@ describe("Server", function()
     end)
 
     it("should not fail when an existing plugin is being enabled", function()
-      replace_conf_property("plugins_available", {"authentication"})
+      replace_conf_property("plugins_available", {"queryauth"})
 
       local result, exit_code = spec_helper.start_kong(SERVER_CONF, true)
       assert.are.same(0, exit_code)
     end)
 
     it("should not work when an unexisting plugin is being enabled along with an existing one", function()
-      replace_conf_property("plugins_available", {"authentication", "wot-wat"})
+      replace_conf_property("plugins_available", {"queryauth", "wot-wat"})
       assert.has_error(function()
         spec_helper.start_kong(SERVER_CONF, true)
       end, "The following plugin has been enabled in the configuration but is not installed on the system: wot-wat")
     end)
 
     it("should not work when a plugin is being used in the DB but it's not in the configuration", function()
-      replace_conf_property("plugins_available", {"authentication"})
+      replace_conf_property("plugins_available", {"queryauth", "basicauth", "headerauth", "tcplog", "udplog", "filelog"})
       spec_helper.prepare_db()
       assert.has_error(function()
         spec_helper.start_kong(SERVER_CONF, true)
       end, "You are using a plugin that has not been enabled in the configuration: ratelimiting")
     end)
 
     it("should work the used plugins are enabled", function()
-      replace_conf_property("plugins_available", {"ratelimiting", "authentication"})
+      replace_conf_property("plugins_available", {"ratelimiting", "queryauth", "headerauth", "basicauth", "tcplog", "udplog", "filelog"})
+      spec_helper.prepare_db()
       local result, exit_code = spec_helper.start_kong(SERVER_CONF, true)
       assert.are.same(0, exit_code)
     end)

diff --git a/spec/unit/base_controller_spec.lua b/spec/unit/base_controller_spec.lua
@@ -48,79 +48,77 @@ describe("Base Controller", function()
   end)
 
   it("should parse tables without invalid sub-schema values", function()
-    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "wot", ["value.authentication_type"] = "query" })
+    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "wot", ["value.key_names"] = "apikey" })
     assert.are.same({
       name = "wot",
       value = {}
     }, result)
 
-    result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "authentication", wot = "query" })
+    result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "queryauth", wot = "query" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {}
     }, result)
   end)
   it("should parse tables with valid sub-schema values", function()
-    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "authentication", ["value.authentication_type"] = "query" })
+    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "queryauth", ["value.key_names"] = "apikey" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {
-        authentication_type = "query"
+        key_names = { "apikey" }
       }
     }, result)
   end)
   it("should not parse tables with invalid subschema prefix", function()
-    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "authentication", ["asd.authentication_type"] = "query" })
+    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "queryauth", ["asd.key_names"] = "apikey" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {}
     }, result)
 
-    result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "authentication", ["authentication_type"] = "query" })
+    result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "queryauth", ["key_names"] = "apikey" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {}
     }, result)
   end)
 
   it("should parse tables with skippig invalid values", function()
-    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "authentication", ["value.authentication_type"] = "query", ["value.wot"] = "ciao" })
+    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {name = "queryauth", ["value.key_names"] = "apikey", ["value.wot"] = "ciao" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {
-        authentication_type = "query"
+        key_names = { "apikey" }
       }
     }, result)
   end)
 
   it("should parse reversed-order tables with valid sub-schema values", function()
-    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {["value.authentication_type"] = "query", name = "authentication" })
+    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {["value.key_names"] = "query", name = "queryauth" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {
-        authentication_type = "query"
+        key_names = { "query" }
       }
     }, result)
   end)
 
   it("should parse arrays with a correct delimitator", function()
-    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {["value.authentication_type"] = "query", name = "authentication", ["value.authentication_key_names"] = "wot,wat" })
+    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {["value.key_names"] = "wot,wat", name = "queryauth" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {
-        authentication_type = "query",
-        authentication_key_names = { "wot", "wat" }
+        key_names = { "wot", "wat" }
       }
     }, result)
   end)
 
   it("should parse arrays with a incorrect delimitator", function()
-    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {["value.authentication_type"] = "query", name = "authentication", ["value.authentication_key_names"] = "wot;wat" })
+    local result = base_controller.parse_params(env.dao_factory.plugins._schema, {["value.key_names"] = "wot;wat", name = "queryauth" })
     assert.are.same({
-      name = "authentication",
+      name = "queryauth",
       value = {
-        authentication_type = "query",
-        authentication_key_names = { "wot;wat" }
+        key_names = { "wot;wat" }
       }
     }, result)
   end)

diff --git a/spec/unit/dao/cassandra_spec.lua b/spec/unit/dao/cassandra_spec.lua
@@ -315,10 +315,9 @@ describe("Cassandra DAO #dao #cassandra", function()
         local plugin_t =  {
           api_id = api.id,
           application_id = apps[#apps].id,
-          name = "authentication",
+          name = "queryauth",
           value = {
-            authentication_type = "query",
-            authentication_key_names = { "x-kong-key" }
+            key_names = { "x-kong-key" }
           }
         }
 
@@ -331,12 +330,13 @@ describe("Cassandra DAO #dao #cassandra", function()
         assert.falsy(err)
 
         -- Failure
-        plugin_t.value.authentication_type = "hello"
+        plugin_t.name = "ratelimiting"
+        plugin_t.value = { period = "hello" }
         local plugin, err = dao_factory.plugins:insert(plugin_t)
         assert.truthy(err)
         assert.is_daoError(err)
         assert.truthy(err.schema)
-        assert.are.same("\"hello\" is not allowed. Allowed values are: \"query\", \"basic\", \"header\"", err.message["value.authentication_type"])
+        assert.are.same("\"hello\" is not allowed. Allowed values are: \"second\", \"minute\", \"hour\", \"day\", \"month\", \"year\"", err.message["value.period"])
         assert.falsy(plugin)
       end)
 
@@ -808,9 +808,14 @@ describe("Cassandra DAO #dao #cassandra", function()
       assert.falsy(err)
       assert.truthy(res)
 
-      assert.are.same(2, #res)
-      assert.truthy(utils.array_contains(res, "authentication"))
+      assert.are.same(7, #res)
+      assert.truthy(utils.array_contains(res, "queryauth"))
+      assert.truthy(utils.array_contains(res, "headerauth"))
+      assert.truthy(utils.array_contains(res, "basicauth"))
       assert.truthy(utils.array_contains(res, "ratelimiting"))
+      assert.truthy(utils.array_contains(res, "tcplog"))
+      assert.truthy(utils.array_contains(res, "udplog"))
+      assert.truthy(utils.array_contains(res, "filelog"))
     end)
 
     it("should insert a plugin and set the application_id to a 'null' uuid if none is specified", function()

diff --git a/spec/unit/faker_spec.lua b/spec/unit/faker_spec.lua
@@ -78,7 +78,7 @@ describe("Faker #tools", function()
     it("should be possible to add some random entities complementing the default hard-coded ones", function()
       faker:seed(2000)
       assert.spy(faker.insert_from_table).was.called(2)
-      assert.spy(insert_spy).was.called(6018) -- 3*2000 + 18 base entities
+      assert.spy(insert_spy).was.called(6021) -- 3*2000 + 21 base entities
     end)
 
     it("should create relations between entities_to_insert and inserted entities", function()