Skip to content

Commit

Permalink
Merge pull request #61 from canonical/headers-template-fix
Browse files Browse the repository at this point in the history 
fix: include custom headers in template only if requested
  • Loading branch information
@natalian98
natalian98 authored Feb 21, 2024
2 parents 18de8f3 + f31aeed commit c9626b1
Show file tree
Hide file tree
Showing 4 changed files with 31 additions and 0 deletions.
1 change: 1 addition & 0 deletions src/charm.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -279,6 +279,7 @@ def _render_conf_file(self) -> str:
kratos_session_url=kratos_endpoints.get("sessions_endpoint", None),
kratos_login_url=kratos_endpoints.get("login_browser_endpoint", None),
access_rules=self._get_all_access_rules_repositories(),
headers=self.auth_proxy.get_headers(),
)
return rendered

Expand Down
4 changes: 4 additions & 0 deletions templates/oathkeeper.yaml.j2
View file
Original file line number Diff line number Diff line change
Expand Up @@ -75,5 +75,9 @@ mutators:
config:
headers:
X-User: {% raw %}"{{ print .Subject }}"{% endraw %}
{%- if "X-Email" in headers %}
X-Email: {% raw %}"{{ print .Extra.identity.traits.email }}"{% endraw %}
{%- endif %}
{%- if "X-Name" in headers %}
X-Name: {% raw %}"{{ print .Extra.identity.traits.name }}"{% endraw %}
{%- endif %}
9 changes: 9 additions & 0 deletions tests/unit/conftest.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -125,3 +125,12 @@ def mocked_oathkeeper_access_rules_list(mocker: MockerFixture) -> MagicMock:
)
mocked_oathkeeper_access_rules_list.return_value = ["requirer-access-rules.json"]
return mocked_oathkeeper_access_rules_list


@pytest.fixture()
def mocked_auth_proxy_headers(mocker: MockerFixture) -> MagicMock:
mocked_auth_proxy_headers = mocker.patch(
"charms.oathkeeper.v0.auth_proxy.AuthProxyProvider.get_headers",
return_value=["X-Name", "X-Email"],
)
return mocked_auth_proxy_headers
17 changes: 17 additions & 0 deletions tests/unit/test_charm.py
View file
Original file line number Diff line number Diff line change
Expand Up @@ -221,6 +221,23 @@ def test_update_container_config_with_kratos_relation(
assert yaml.safe_load(expected_config) == yaml.safe_load(config)


def test_container_config_updated_with_custom_headers(
harness: Harness, mocked_oathkeeper_configmap: MagicMock, mocked_auth_proxy_headers: MagicMock
) -> None:
harness.set_can_connect(CONTAINER_NAME, True)

harness.charm.on.oathkeeper_pebble_ready.emit(CONTAINER_NAME)

with open("templates/oathkeeper.yaml.j2", "r") as file:
template = Template(file.read())

expected_config = template.render(headers=["X-Name", "X-Email"])

configmap = mocked_oathkeeper_configmap.update.call_args_list[-1][0][0]
config = configmap["oathkeeper.yaml"]
assert yaml.safe_load(expected_config) == yaml.safe_load(config)


def test_on_pebble_ready_correct_plan(harness: Harness) -> None:
harness.set_can_connect(CONTAINER_NAME, True)
container = harness.model.unit.get_container(CONTAINER_NAME)
Expand Down

0 comments on commit c9626b1

Please sign in to comment.