primal/traefik
1
0
Fork 0
mirror of https://github.com/traefik/traefik synced 2026-02-03 11:10:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add support for auth-signin annotation

Browse Source
This commit is contained in:
DesalLama
2026-01-27 20:45:05 +05:45
committed by GitHub
parent 50faaf298a
commit 2c47d71666
6 changed files with 17 additions and 9 deletions
Download Patch File Download Diff File Expand all files Collapse all files
pkg/provider/kubernetes/ingress-nginx/annotations.go
+1
View File
@@ -16,6 +16,7 @@ type ingressConfig struct {
AuthSecretType *string `annotation:"nginx.ingress.kubernetes.io/auth-secret-type"`
AuthURL *string `annotation:"nginx.ingress.kubernetes.io/auth-url"`
AuthSignin *string `annotation:"nginx.ingress.kubernetes.io/auth-signin"`
AuthResponseHeaders *string `annotation:"nginx.ingress.kubernetes.io/auth-response-headers"`
ForceSSLRedirect *bool `annotation:"nginx.ingress.kubernetes.io/force-ssl-redirect"`
pkg/provider/kubernetes/ingress-nginx/annotations_test.go
+4
View File
@@ -28,6 +28,8 @@ func Test_parseIngressConfig(t *testing.T) {
"nginx.ingress.kubernetes.io/session-cookie-max-age": "3600",
"nginx.ingress.kubernetes.io/backend-protocol": "HTTPS",
"nginx.ingress.kubernetes.io/cors-expose-headers": "foo, bar",
"nginx.ingress.kubernetes.io/auth-url": "http://auth.example.com/verify",
"nginx.ingress.kubernetes.io/auth-signin": "https://auth.example.com/oauth2/start?rd=foo",
},
expected: ingressConfig{
SSLPassthrough: ptr.To(true),
@@ -40,6 +42,8 @@ func Test_parseIngressConfig(t *testing.T) {
SessionCookieMaxAge: ptr.To(3600),
BackendProtocol: ptr.To("HTTPS"),
CORSExposeHeaders: ptr.To([]string{"foo", "bar"}),
AuthURL: ptr.To("http://auth.example.com/verify"),
AuthSignin: ptr.To("https://auth.example.com/oauth2/start?rd=foo"),
},
},
{
pkg/provider/kubernetes/ingress-nginx/fixtures/ingresses/02-ingress-with-forwardauth.yml
+1
View File
@@ -8,6 +8,7 @@ metadata:
nginx.ingress.kubernetes.io/auth-url: "http://whoami.default.svc/"
nginx.ingress.kubernetes.io/auth-method: "GET"
nginx.ingress.kubernetes.io/auth-response-headers: "X-Foo"
nginx.ingress.kubernetes.io/auth-signin: "https://auth.example.com/oauth2/start?rd=foo"
spec:
ingressClassName: nginx
pkg/provider/kubernetes/ingress-nginx/kubernetes.go
+1
View File
@@ -1166,6 +1166,7 @@ func applyForwardAuthConfiguration(routerName string, ingressConfig ingressConfi
ForwardAuth: &dynamic.ForwardAuth{
Address: *ingressConfig.AuthURL,
AuthResponseHeaders: authResponseHeaders,
AuthSigninURL: ptr.Deref(ingressConfig.AuthSignin, ""),
},
}
rt.Middlewares = append(rt.Middlewares, forwardMiddlewareName)
pkg/provider/kubernetes/ingress-nginx/kubernetes_test.go
+1
View File
@@ -250,6 +250,7 @@ func TestLoadIngresses(t *testing.T) {
ForwardAuth: &dynamic.ForwardAuth{
Address: "http://whoami.default.svc/",
AuthResponseHeaders: []string{"X-Foo"},
AuthSigninURL: "https://auth.example.com/oauth2/start?rd=foo",
},
},
},