Skip to content

Commit

Permalink
rebase
Browse files Browse the repository at this point in the history
  • Loading branch information
eguzki committed Nov 27, 2023
1 parent 1bc55f3 commit 4334377
Showing 1 changed file with 10 additions and 6 deletions.
16 changes: 10 additions & 6 deletions pkg/kuadrantapi/authpolicy.go
Original file line number Diff line number Diff line change
Expand Up @@ -16,8 +16,8 @@ func AuthPolicyObjectMetaFromOAS(doc *openapi3.T) metav1.ObjectMeta {
return gatewayapi.HTTPRouteObjectMetaFromOAS(doc)
}

func buildAuthPolicyRouteSelectors(basePath, path string, pathItem *openapi3.PathItem, verb string, op *openapi3.Operation) []kuadrantapiv1beta2.RouteSelector {
match := utils.OpenAPIMatcherFromOASOperations(basePath, path, pathItem, verb, op)
func buildAuthPolicyRouteSelectors(basePath, path string, pathItem *openapi3.PathItem, verb string, op *openapi3.Operation, pathMatchType gatewayapiv1beta1.PathMatchType) []kuadrantapiv1beta2.RouteSelector {
match := utils.OpenAPIMatcherFromOASOperations(basePath, path, pathItem, verb, op, pathMatchType)

return []kuadrantapiv1beta2.RouteSelector{
{
Expand All @@ -41,16 +41,14 @@ func AuthPolicyAuthenticationSchemeFromOAS(doc *openapi3.T) map[string]kuadranta
panic(err)
}

pathEnabled := kuadrantPathExtension.IsEnabled()

// Operations
for verb, operation := range pathItem.Operations() {
kuadrantOperationExtension, err := utils.NewKuadrantOASOperationExtension(operation)
if err != nil {
panic(err)
}

if !ptr.Deref(kuadrantOperationExtension.Enable, pathEnabled) {
if ptr.Deref(kuadrantOperationExtension.Disable, kuadrantPathExtension.IsDisabled()) {
// not enabled for the operation
//fmt.Printf("OUT not enabled: path: %s, method: %s\n", path, verb)
continue
Expand All @@ -64,13 +62,19 @@ func AuthPolicyAuthenticationSchemeFromOAS(doc *openapi3.T) map[string]kuadranta
continue
}

// default pathMatchType at the path level
pathMatchType := ptr.Deref(
kuadrantOperationExtension.PathMatchType,
kuadrantPathExtension.GetPathMatchType(),
)

oidcScheme := findOIDCSecuritySchemesFromRequirements(doc, secRequirements)

authName := utils.OpenAPIOperationName(path, verb, operation)

authentication[authName] = kuadrantapiv1beta2.AuthenticationSpec{
CommonAuthRuleSpec: kuadrantapiv1beta2.CommonAuthRuleSpec{
RouteSelectors: buildAuthPolicyRouteSelectors(basePath, path, pathItem, verb, operation),
RouteSelectors: buildAuthPolicyRouteSelectors(basePath, path, pathItem, verb, operation, pathMatchType),
},
AuthenticationSpec: authorinoapi.AuthenticationSpec{
AuthenticationMethodSpec: authorinoapi.AuthenticationMethodSpec{
Expand Down

0 comments on commit 4334377

Please sign in to comment.