Add more tests (#1949)

* add more test code * add more test code
2020-03-15 10:22:39 +08:00
parent f8e7d06b07
commit abf0d66b22
13 changed files with 444 additions and 55 deletions
--- a/pkg/apiserver/authentication/token_authenticator.go
+++ b/pkg/apiserver/authentication/token_authenticator.go
@@ -7,23 +7,30 @@ import (
 	"kubesphere.io/kubesphere/pkg/simple/client/cache"
 )

-type TokenAuthenticator struct {
+// TokenAuthenticator implements kubernetes token authenticate interface with our custom logic.
+// TokenAuthenticator will retrieve user info from cache by given token. If empty or invalid token
+// was given, authenticator will still give passed response at the condition user will be user.Anonymous
+// and group from user.AllUnauthenticated. This helps requests be passed along the handler chain,
+// because some resources are public accessible.
+type tokenAuthenticator struct {
 	cacheClient cache.Interface
 }

 func NewTokenAuthenticator(cacheClient cache.Interface) authenticator.Token {
-	return &TokenAuthenticator{
+	return &tokenAuthenticator{
 		cacheClient: cacheClient,
 	}
 }

-func (t *TokenAuthenticator) AuthenticateToken(ctx context.Context, token string) (*authenticator.Response, bool, error) {
+func (t *tokenAuthenticator) AuthenticateToken(ctx context.Context, token string) (*authenticator.Response, bool, error) {
+	//if len(token) == 0 {
 	return &authenticator.Response{
 		User: &user.DefaultInfo{
-			Name:   "admin",
+			Name:   user.Anonymous,
 			UID:    "",
-			Groups: nil,
+			Groups: []string{user.AllUnauthenticated},
 			Extra:  nil,
 		},
 	}, true, nil
+	//}
 }
--- a/pkg/apiserver/config/config.go
+++ b/pkg/apiserver/config/config.go
@@ -188,6 +188,7 @@ func (conf *Config) toMap() map[string]bool {
 	return result
 }

+// Remove invalid options before serializing to json or yaml
 func (conf *Config) stripEmptyOptions() {
 	if conf.MySQLOptions != nil && conf.MySQLOptions.Host == "" {
 		conf.MySQLOptions = nil
--- a/pkg/apiserver/dispatch/dispatch.go
+++ b/pkg/apiserver/dispatch/dispatch.go
@@ -7,7 +7,7 @@ import (
 	"k8s.io/apimachinery/pkg/util/proxy"
 )

-// Dispatcher defines how to forward request to desired cluster apiserver
+// Dispatcher defines how to forward request to designated cluster based on cluster name
 type Dispatcher interface {
 	Dispatch(w http.ResponseWriter, req *http.Request)
 }
--- a/pkg/apiserver/filters/authentication.go
+++ b/pkg/apiserver/filters/authentication.go
@@ -7,6 +7,7 @@ import (
 	"net/http"
 )

+// WithAuthentication installs authentication handler to handler chain.
 func WithAuthentication(handler http.Handler, auth authenticator.Request, failed http.Handler) http.Handler {
 	if auth == nil {
 		klog.Warningf("Authentication is disabled")