Added Configuration to specify that a header list is to apply for req…

ModuleFile

@@ -1,5 +1,5 @@
 name 'citops-repose'
-version '2.6.2'
+version '2.6.3'
 description "Repose is an api middleware that provides authentication,
 filtering, ratelimitting and several other features, this deploys it."
 project_page 'https://github.com/rackerlabs/puppet-repose'

manifests/filter/header_normalization.pp

@@ -28,6 +28,7 @@
 #   'default':
 #     header_filters => [
 #       {
+#          'direction'    => 'request',
 #          'http-methods' => 'GET',
 #          'blacklists'   => [
 #            {

puppet-module-repose.spec

@@ -2,7 +2,7 @@
 %define base_name repose
 
 Name:      puppet-module-%{user}-%{base_name}
-Version:   2.6.2
+Version:   2.6.3
 Release:   1
 BuildArch: noarch
 Summary:   Puppet module to configure %{base_name}
@@ -30,6 +30,8 @@ cp -pr * %{buildroot}%{module_dir}/
 %{module_dir}
 
 %changelog
+* Fri Apr 13 2018 Meynard Alconis <meynard.alconis@rackspace.com> - 2.6.3-1
+- Updated header-normalization module to allow definition of blacklist/whitelist for header filters
 * Wed Mar 21 2018 Meynard Alconis <meynard.alconis@rackspace.com> - 2.6.2-1
 - Fix for header user module and tests
 * Mon Mar 19 2018 Meynard Alconis <meynard.alconis@rackspace.com> - 2.6.1-1

spec/defines/filter/header_normalization_spec.rb

@@ -66,7 +66,147 @@
           with_content(/header id="X-PP-Groups"/).
           with_content(/whitelist id="creds"/).
           with_content(/header id="X-Auth-Key"/).
-          with_content(/header id="X-Auth-User"/)
+          with_content(/header id="X-Auth-User"/).
+          without_content(/<request>/).
+          without_content(/<\/request>/).
+          without_content(/<response>/).
+          without_content(/<\/response>/)
+      }
+    end
+
+    context 'with direction for header_filters' do
+      let(:title) { 'headers' }
+      let(:params) { {
+        :header_filters => [
+         {
+            'direction'    => 'request',
+            'uri-regex'    => '/.*test',
+            'http-methods' => 'GET',
+            'blacklists'   => [
+              {
+                'id'    => 'rate-limit-headers',
+                'headers' => [
+                  'X-PP-User',
+                  'X-PP-Groups'
+                ]
+              }
+            ],
+            'whitelists'   => [
+              {
+                'id'    => 'creds',
+                'headers' => [
+                  'X-Auth-Key',
+                  'X-Auth-User'
+                ]
+              }
+            ],
+         }
+       ]
+      } }
+      it {
+        should contain_file('/etc/repose/header-normalization.cfg.xml').
+          with_content(/uri-regex="\/\.\*test"/).
+          with_content(/http-methods="GET"/).
+          with_content(/blacklist id="rate-limit-headers"/).
+          with_content(/header id="X-PP-User"/).
+          with_content(/header id="X-PP-Groups"/).
+          with_content(/whitelist id="creds"/).
+          with_content(/header id="X-Auth-Key"/).
+          with_content(/header id="X-Auth-User"/).
+          with_content(/<request>/).
+          with_content(/<\/request>/).
+          without_content(/<response>/)
+      }
+    end
+
+    context 'with direction response for header_filters' do
+      let(:title) { 'headers' }
+      let(:params) { {
+        :header_filters => [
+         {
+            'direction'    => 'response',
+            'uri-regex'    => '/.*test',
+            'http-methods' => 'GET',
+            'blacklists'   => [
+              {
+                'id'    => 'rate-limit-headers',
+                'headers' => [
+                  'X-PP-User',
+                  'X-PP-Groups'
+                ]
+              }
+            ],
+            'whitelists'   => [
+              {
+                'id'    => 'creds',
+                'headers' => [
+                  'X-Auth-Key',
+                  'X-Auth-User'
+                ]
+              }
+            ],
+         }
+       ]
+      } }
+      it {
+        should contain_file('/etc/repose/header-normalization.cfg.xml').
+          with_content(/uri-regex="\/\.\*test"/).
+          with_content(/http-methods="GET"/).
+          with_content(/blacklist id="rate-limit-headers"/).
+          with_content(/header id="X-PP-User"/).
+          with_content(/header id="X-PP-Groups"/).
+          with_content(/whitelist id="creds"/).
+          with_content(/header id="X-Auth-Key"/).
+          with_content(/header id="X-Auth-User"/).
+          without_content(/<request>/).
+          without_content(/<\/request>/).
+          with_content(/<response>/).
+          with_content(/<\/response>/)
+      }
+    end
+
+    context 'with two targets direction response for header_filters' do
+      let(:title) { 'headers' }
+      let(:params) { {
+        :header_filters => [
+         {
+            'direction'    => 'response',
+            'blacklists'   => [
+              {
+                'id'    => 'rate-limit-headers',
+                'headers' => [
+                  'X-PP-User',
+                  'X-PP-Groups'
+                ]
+              }
+            ]
+         },
+         {
+            'direction'    => 'request',
+            'blacklists'   => [
+              {
+                'id'    => 'rate-limit-headers',
+                'headers' => [
+                  'X-PP-User',
+                  'X-PP-Groups'
+                ]
+              }
+            ]
+         }
+       ]
+      } }
+      it {
+        should contain_file('/etc/repose/header-normalization.cfg.xml').
+          without_content(/uri-regex="\/\.\*test"/).
+          without_content(/http-methods="GET"/).
+          with_content(/blacklist id="rate-limit-headers"/).
+          with_content(/header id="X-PP-User"/).
+          with_content(/header id="X-PP-Groups"/).
+          without_content(/whitelist id="creds"/).
+          with_content(/<request>/).
+          with_content(/<\/request>/).
+          with_content(/<response>/).
+          with_content(/<\/response>/)
       }
     end
 

templates/header-normalization.cfg.xml.erb

@@ -13,6 +13,14 @@
             http-methods="<%= target['http-methods'] %>"
     <%- end -%>
             >
+    <%- if target.has_key?('direction') -%>
+       <%- if target['direction'] == 'request' -%>
+          <request> 
+       <%- elsif target['direction'] == 'response' -%>
+          <response> 
+       <%- end -%>
+    <%- end -%>
+
     <%- if target.has_key?('whitelists') -%>
       <%- target['whitelists'].each do |whitelist| -%>
             <whitelist id="<%= whitelist['id'] %>">
@@ -35,6 +43,13 @@
             </blacklist>
       <%- end -%>
     <%- end -%>
+    <%- if target.has_key?('direction') -%>
+       <%- if target['direction'] == 'request' -%>
+          </request> 
+       <%- elsif target['direction'] == 'response' -%>
+          </response> 
+       <%- end -%>
+    <%- end -%>
     </target>
   <%- end -%>
     </header-filters>