-
Notifications
You must be signed in to change notification settings - Fork 22
/
helpers.go
61 lines (53 loc) · 1.5 KB
/
helpers.go
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
package processing
import (
"fmt"
gatewayv1beta1 "github.com/kyma-project/api-gateway/apis/gateway/v1beta1"
)
var (
//OwnerLabel .
OwnerLabel = fmt.Sprintf("%s.%s", "apirule", gatewayv1beta1.GroupVersion.String())
)
func HasJwtRule(api *gatewayv1beta1.APIRule) bool {
for _, rule := range api.Spec.Rules {
if IsJwtSecured(rule) {
return true
}
}
return false
}
func IsJwtSecured(rule gatewayv1beta1.Rule) bool {
for _, strat := range rule.AccessStrategies {
if strat.Name == "jwt" {
return true
}
}
return false
}
// IsSecuredByOathkeeper checks whether the rule contains an access strategy that should lead to the creation of an Oathkeeper rule.
func IsSecuredByOathkeeper(rule gatewayv1beta1.Rule) bool {
if len(rule.Mutators) > 0 {
return true
}
for _, strat := range rule.AccessStrategies {
if strat.Name != gatewayv1beta1.AccessStrategyAllow && strat.Name != gatewayv1beta1.AccessStrategyNoAuth {
return true
}
}
return false
}
func GetOwnerLabels(api *gatewayv1beta1.APIRule) map[string]string {
labels := make(map[string]string)
labels[OwnerLabel] = fmt.Sprintf("%s.%s", api.ObjectMeta.Name, api.ObjectMeta.Namespace)
return labels
}
func FilterDuplicatePaths(rules []gatewayv1beta1.Rule) []gatewayv1beta1.Rule {
duplicates := make(map[string]bool)
var filteredRules []gatewayv1beta1.Rule
for _, rule := range rules {
if _, exists := duplicates[rule.Path]; !exists {
duplicates[rule.Path] = true
filteredRules = append(filteredRules, rule)
}
}
return filteredRules
}