3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-21 04:57:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

proxy: refactor handler setup code (#1205)

Browse source
This commit is contained in:
Travis Groth 2020-08-05 01:48:44 -04:00 committed by GitHub
parent 202b42f307
commit f538b29a0c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 8 additions and 13 deletions
Download patch file Download diff file Expand all files Collapse all files

19
proxy/proxy.go
View file

@ -157,6 +157,11 @@ func New(opts config.Options) (*Proxy, error) {
}
p.authzClient = envoy_service_auth_v2.NewAuthorizationClient(authzConn)
err = p.UpdateOptions(opts)
if err != nil {
return nil, err
}
metrics.AddPolicyCountCallback("pomerium-proxy", func() int64 {
return int64(len(opts.Policies))
})
@ -171,11 +176,11 @@ func (p *Proxy) UpdateOptions(o config.Options) error {
return nil
}
log.Info().Str("checksum", fmt.Sprintf("%x", o.Checksum())).Msg("proxy: updating options")
return p.UpdatePolicies(&o)
p.setHandlers(&o)
return nil
}
// UpdatePolicies updates the H basedon the configured policies
func (p *Proxy) UpdatePolicies(opts *config.Options) error {
func (p *Proxy) setHandlers(opts *config.Options) {
if len(opts.Policies) == 0 {
log.Warn().Msg("proxy: configuration has no policies")
}
@ -195,15 +200,7 @@ func (p *Proxy) UpdatePolicies(opts *config.Options) error {
h.PathPrefix("/").Handler(p.registerFwdAuthHandlers())
}
for _, policy := range opts.Policies {
if err := policy.Validate(); err != nil {
return fmt.Errorf("proxy: invalid policy %w", err)
}
}
p.currentRouter.Store(r)
return nil
}
func (p *Proxy) ServeHTTP(w http.ResponseWriter, r *http.Request) {

2
proxy/proxy_test.go
View file

@ -178,10 +178,8 @@ func Test_UpdateOptions(t *testing.T) {
{"good no change", good, good, "https://corp.example.example", false, true},
{"changed", good, newPolicies, "https://bar.example", false, true},
{"changed and missing", good, newPolicies, "https://corp.example.example", false, false},
{"bad change bad policy url", good, badNewPolicy, "https://bar.example", true, false},
{"disable tls verification", good, disableTLSPolicies, "https://bar.example", false, true},
{"custom root ca", good, customCAPolicies, "https://bar.example", false, true},
{"bad custom root ca base64", good, badCustomCAPolicies, "https://bar.example", true, false},
{"good client certs", good, goodClientCertPolicies, "https://bar.example", false, true},
{"custom server name", customServerName, customServerName, "https://bar.example", false, true},
{"good no policies to start", emptyPolicies, good, "https://corp.example.example", false, true},