From 87e9ca00154f7975d77697f49199c5700bcb95f8 Mon Sep 17 00:00:00 2001 From: Guilherme Cassolato Date: Wed, 11 Oct 2023 18:13:08 +0200 Subject: [PATCH] Well-known attributes used in the generated AuthConfigs Closes: - #265 --- controllers/authpolicy_auth_config.go | 12 +-- controllers/authpolicy_controller_test.go | 82 +++++++++---------- .../authpolicy_istio_auth_config_test.go | 58 ++++++------- 3 files changed, 76 insertions(+), 76 deletions(-) diff --git a/controllers/authpolicy_auth_config.go b/controllers/authpolicy_auth_config.go index 2854b0a17..17554e77f 100644 --- a/controllers/authpolicy_auth_config.go +++ b/controllers/authpolicy_auth_config.go @@ -384,7 +384,7 @@ func authorinoConditionsFromHTTPRouteRule(rule gatewayapiv1beta1.HTTPRouteRule, func hostnameRuleToAuthorinoCondition(hostnames []string) authorinoapi.PatternExpressionOrRef { return authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: hostnamesToRegex(hostnames), }, @@ -400,7 +400,7 @@ func hostnamesToRegex(hostnames []string) string { func httpMethodRuleToAuthorinoCondition(method gatewayapiv1beta1.HTTPMethod) authorinoapi.PatternExpressionOrRef { return authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.method", + Selector: "request.method", Operator: "eq", Value: string(method), }, @@ -432,7 +432,7 @@ func httpPathRuleToAuthorinoCondition(path gatewayapiv1beta1.HTTPPathMatch) auth return authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: authorinoapi.PatternExpressionOperator(operator), Value: value, }, @@ -455,7 +455,7 @@ func httpHeaderRuleToAuthorinoCondition(header gatewayapiv1beta1.HTTPHeaderMatch } return authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: fmt.Sprintf("context.request.http.headers.%s", strings.ToLower(string(header.Name))), + Selector: fmt.Sprintf("request.headers.%s", strings.ToLower(string(header.Name))), Operator: authorinoapi.PatternExpressionOperator(operator), Value: header.Value, }, @@ -481,7 +481,7 @@ func httpQueryParamRuleToAuthorinoCondition(queryParam gatewayapiv1beta1.HTTPQue { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: fmt.Sprintf(`context.request.http.path.@extract:{"sep":"?%s=","pos":1}.@extract:{"sep":"&"}`, queryParam.Name), + Selector: fmt.Sprintf(`request.path.@extract:{"sep":"?%s=","pos":1}|@extract:{"sep":"&"}`, queryParam.Name), Operator: authorinoapi.PatternExpressionOperator(operator), Value: queryParam.Value, }, @@ -490,7 +490,7 @@ func httpQueryParamRuleToAuthorinoCondition(queryParam gatewayapiv1beta1.HTTPQue { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: fmt.Sprintf(`context.request.http.path.@extract:{"sep":"&%s=","pos":1}.@extract:{"sep":"&"}`, queryParam.Name), + Selector: fmt.Sprintf(`request.path.@extract:{"sep":"&%s=","pos":1}|@extract:{"sep":"&"}`, queryParam.Name), Operator: authorinoapi.PatternExpressionOperator(operator), Value: queryParam.Value, }, diff --git a/controllers/authpolicy_controller_test.go b/controllers/authpolicy_controller_test.go index 1d786ad7d..67087f0c2 100644 --- a/controllers/authpolicy_controller_test.go +++ b/controllers/authpolicy_controller_test.go @@ -124,10 +124,10 @@ var _ = Describe("AuthPolicy controller", func() { Expect(authConfig.Spec.Conditions[0].Any).To(HaveLen(1)) // 1 HTTPRouteRule in the HTTPRoute Expect(authConfig.Spec.Conditions[0].Any[0].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Value).To(Equal("GET")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Value).To(Equal("/toy.*")) }) @@ -184,10 +184,10 @@ var _ = Describe("AuthPolicy controller", func() { Expect(authConfig.Spec.Conditions[0].Any).To(HaveLen(1)) // 1 HTTPRouteRule in the HTTPRoute Expect(authConfig.Spec.Conditions[0].Any[0].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Value).To(Equal("GET")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Value).To(Equal("/toy.*")) }) @@ -283,10 +283,10 @@ var _ = Describe("AuthPolicy controller", func() { Expect(authConfig.Spec.Conditions[0].Any).To(HaveLen(1)) // 1 HTTPRouteRule in the policyless HTTPRoute Expect(authConfig.Spec.Conditions[0].Any[0].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Value).To(Equal("POST")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Value).To(Equal("/.*")) }) @@ -770,7 +770,7 @@ var _ = Describe("AuthPolicy controller", func() { return err == nil && authConfig.Status.Ready() }, 2*time.Minute, 5*time.Second).Should(BeTrue()) authConfigSpecAsJSON, _ := json.Marshal(authConfig.Spec) - Expect(string(authConfigSpecAsJSON)).To(Equal(`{"hosts":["*.toystore.com"],"patterns":{"authz-and-rl-required":[{"selector":"source.ip","operator":"neq","value":"192.168.0.10"}],"internal-source":[{"selector":"source.ip","operator":"matches","value":"192\\.168\\..*"}]},"when":[{"patternRef":"internal-source"},{"any":[{"any":[{"all":[{"selector":"context.request.http.method","operator":"eq","value":"GET"},{"selector":"context.request.http.path.@extract:{\"sep\":\"?\"}","operator":"matches","value":"/toy.*"}]}]}]}],"authentication":{"jwt":{"when":[{"selector":"filter_metadata.envoy\\.filters\\.http\\.jwt_authn|verified_jwt","operator":"neq"}],"credentials":{"authorizationHeader":{}},"plain":{"selector":"filter_metadata.envoy\\.filters\\.http\\.jwt_authn|verified_jwt"}}},"metadata":{"user-groups":{"when":[{"selector":"auth.identity.admin","operator":"neq","value":"true"}],"http":{"url":"http://user-groups/username={auth.identity.username}","method":"GET","contentType":"application/x-www-form-urlencoded","credentials":{"authorizationHeader":{}}}}},"authorization":{"admin-or-privileged":{"when":[{"patternRef":"authz-and-rl-required"}],"patternMatching":{"patterns":[{"any":[{"selector":"auth.identity.admin","operator":"eq","value":"true"},{"selector":"auth.metadata.user-groups","operator":"incl","value":"privileged"}]}]}}},"response":{"unauthenticated":{"message":{"value":"Missing verified JWT injected by the gateway"}},"unauthorized":{"message":{"value":"User must be admin or member of privileged group"}},"success":{"headers":{"x-username":{"when":[{"selector":"request.headers.x-propagate-username.@case:lower","operator":"matches","value":"1|yes|true"}],"plain":{"value":null,"selector":"auth.identity.username"}}},"dynamicMetadata":{"x-auth-data":{"when":[{"patternRef":"authz-and-rl-required"}],"json":{"properties":{"groups":{"value":null,"selector":"auth.metadata.user-groups"},"username":{"value":null,"selector":"auth.identity.username"}}}}}}},"callbacks":{"unauthorized-attempt":{"when":[{"patternRef":"authz-and-rl-required"},{"selector":"auth.authorization.admin-or-privileged","operator":"neq","value":"true"}],"http":{"url":"http://events/unauthorized","method":"POST","body":{"value":null,"selector":"\\{\"identity\":{auth.identity},\"request-id\":{request.id}\\}"},"contentType":"application/json","credentials":{"authorizationHeader":{}}}}}}`)) + Expect(string(authConfigSpecAsJSON)).To(Equal(`{"hosts":["*.toystore.com"],"patterns":{"authz-and-rl-required":[{"selector":"source.ip","operator":"neq","value":"192.168.0.10"}],"internal-source":[{"selector":"source.ip","operator":"matches","value":"192\\.168\\..*"}]},"when":[{"patternRef":"internal-source"},{"any":[{"any":[{"all":[{"selector":"request.method","operator":"eq","value":"GET"},{"selector":"request.url_path","operator":"matches","value":"/toy.*"}]}]}]}],"authentication":{"jwt":{"when":[{"selector":"filter_metadata.envoy\\.filters\\.http\\.jwt_authn|verified_jwt","operator":"neq"}],"credentials":{"authorizationHeader":{}},"plain":{"selector":"filter_metadata.envoy\\.filters\\.http\\.jwt_authn|verified_jwt"}}},"metadata":{"user-groups":{"when":[{"selector":"auth.identity.admin","operator":"neq","value":"true"}],"http":{"url":"http://user-groups/username={auth.identity.username}","method":"GET","contentType":"application/x-www-form-urlencoded","credentials":{"authorizationHeader":{}}}}},"authorization":{"admin-or-privileged":{"when":[{"patternRef":"authz-and-rl-required"}],"patternMatching":{"patterns":[{"any":[{"selector":"auth.identity.admin","operator":"eq","value":"true"},{"selector":"auth.metadata.user-groups","operator":"incl","value":"privileged"}]}]}}},"response":{"unauthenticated":{"message":{"value":"Missing verified JWT injected by the gateway"}},"unauthorized":{"message":{"value":"User must be admin or member of privileged group"}},"success":{"headers":{"x-username":{"when":[{"selector":"request.headers.x-propagate-username.@case:lower","operator":"matches","value":"1|yes|true"}],"plain":{"value":null,"selector":"auth.identity.username"}}},"dynamicMetadata":{"x-auth-data":{"when":[{"patternRef":"authz-and-rl-required"}],"json":{"properties":{"groups":{"value":null,"selector":"auth.metadata.user-groups"},"username":{"value":null,"selector":"auth.identity.username"}}}}}}},"callbacks":{"unauthorized-attempt":{"when":[{"patternRef":"authz-and-rl-required"},{"selector":"auth.authorization.admin-or-privileged","operator":"neq","value":"true"}],"http":{"url":"http://events/unauthorized","method":"POST","body":{"value":null,"selector":"\\{\"identity\":{auth.identity},\"request-id\":{request.id}\\}"},"contentType":"application/json","credentials":{"authorizationHeader":{}}}}}}`)) }) }) @@ -852,25 +852,25 @@ var _ = Describe("AuthPolicy controller", func() { Expect(authConfig.Spec.Conditions[0].Any).To(HaveLen(2)) // 2 HTTPRouteRules in the HTTPRoute Expect(authConfig.Spec.Conditions[0].Any[0].Any).To(HaveLen(2)) // 2 HTTPRouteMatches in the 1st HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Value).To(Equal("POST")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Value).To(Equal("DELETE")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[1].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the 2nd HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Value).To(Equal("GET")) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Value).To(Equal("/private.*")) }) @@ -963,31 +963,31 @@ var _ = Describe("AuthPolicy controller", func() { Expect(authConfig.Spec.Conditions[0].Any).To(HaveLen(2)) // 2 HTTPRouteRules in the HTTPRoute Expect(authConfig.Spec.Conditions[0].Any[0].Any).To(HaveLen(2)) // 2 HTTPRouteMatches in the 1st HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All).To(HaveLen(3)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.host")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.host")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Value).To(Equal(`.*\.admin\.toystore\.com`)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Value).To(Equal("POST")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[2].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[2].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[2].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[2].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All).To(HaveLen(3)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("context.request.http.host")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("request.host")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Value).To(Equal(`.*\.admin\.toystore\.com`)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Value).To(Equal("DELETE")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[2].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[2].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[2].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[2].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[1].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the 2nd HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Value).To(Equal("GET")) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Value).To(Equal("/private.*")) }) @@ -1073,48 +1073,48 @@ var _ = Describe("AuthPolicy controller", func() { Expect(authConfig.Spec.Conditions[0].Any).To(HaveLen(2)) // 2 HTTPRouteRules in the HTTPRoute Expect(authConfig.Spec.Conditions[0].Any[0].Any).To(HaveLen(2)) // 2 HTTPRouteMatches in the 1st HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Value).To(Equal("POST")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Value).To(Equal("DELETE")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[1].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the 2nd HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Value).To(Equal("GET")) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Value).To(Equal("/private.*")) Expect(apiKeyConditions).To(HaveLen(1)) Expect(apiKeyConditions[0].Any).To(HaveLen(1)) // 1 HTTPRouteRule selected from the HTTPRoute Expect(apiKeyConditions[0].Any[0].Any).To(HaveLen(2)) // 2 HTTPRouteMatches in the HTTPRouteRule Expect(apiKeyConditions[0].Any[0].Any[0].All).To(HaveLen(3)) - Expect(apiKeyConditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.host")) + Expect(apiKeyConditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.host")) Expect(apiKeyConditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(apiKeyConditions[0].Any[0].Any[0].All[0].Value).To(Equal(`.*\.admin\.toystore\.com`)) - Expect(apiKeyConditions[0].Any[0].Any[0].All[1].Selector).To(Equal("context.request.http.method")) + Expect(apiKeyConditions[0].Any[0].Any[0].All[1].Selector).To(Equal("request.method")) Expect(apiKeyConditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(apiKeyConditions[0].Any[0].Any[0].All[1].Value).To(Equal("POST")) - Expect(apiKeyConditions[0].Any[0].Any[0].All[2].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(apiKeyConditions[0].Any[0].Any[0].All[2].Selector).To(Equal(`request.url_path`)) Expect(apiKeyConditions[0].Any[0].Any[0].All[2].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(apiKeyConditions[0].Any[0].Any[0].All[2].Value).To(Equal("/admin.*")) Expect(apiKeyConditions[0].Any[0].Any[1].All).To(HaveLen(3)) - Expect(apiKeyConditions[0].Any[0].Any[1].All[0].Selector).To(Equal("context.request.http.host")) + Expect(apiKeyConditions[0].Any[0].Any[1].All[0].Selector).To(Equal("request.host")) Expect(apiKeyConditions[0].Any[0].Any[1].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(apiKeyConditions[0].Any[0].Any[1].All[0].Value).To(Equal(`.*\.admin\.toystore\.com`)) - Expect(apiKeyConditions[0].Any[0].Any[1].All[1].Selector).To(Equal("context.request.http.method")) + Expect(apiKeyConditions[0].Any[0].Any[1].All[1].Selector).To(Equal("request.method")) Expect(apiKeyConditions[0].Any[0].Any[1].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(apiKeyConditions[0].Any[0].Any[1].All[1].Value).To(Equal("DELETE")) - Expect(apiKeyConditions[0].Any[0].Any[1].All[2].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(apiKeyConditions[0].Any[0].Any[1].All[2].Selector).To(Equal(`request.url_path`)) Expect(apiKeyConditions[0].Any[0].Any[1].All[2].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(apiKeyConditions[0].Any[0].Any[1].All[2].Value).To(Equal("/admin.*")) }) @@ -1181,25 +1181,25 @@ var _ = Describe("AuthPolicy controller", func() { Expect(authConfig.Spec.Conditions[0].Any).To(HaveLen(2)) // 2 HTTPRouteRules in the HTTPRoute Expect(authConfig.Spec.Conditions[0].Any[0].Any).To(HaveLen(2)) // 2 HTTPRouteMatches in the 1st HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[0].Value).To(Equal("POST")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[0].All[1].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[0].Value).To(Equal("DELETE")) - Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[0].Any[1].All[1].Value).To(Equal("/admin.*")) Expect(authConfig.Spec.Conditions[0].Any[1].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the 2nd HTTPRouteRule Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All).To(HaveLen(2)) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Selector).To(Equal("request.method")) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[0].Value).To(Equal("GET")) - Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(authConfig.Spec.Conditions[0].Any[1].Any[0].All[1].Value).To(Equal("/private.*")) Expect(apiKeyConditions).To(HaveLen(2)) // 1 existed condition + 1 HTTPRouteRule selected from the HTTPRoute @@ -1209,10 +1209,10 @@ var _ = Describe("AuthPolicy controller", func() { Expect(apiKeyConditions[1].Any).To(HaveLen(1)) // 1 HTTPRouteRule selected from the HTTPRoute Expect(apiKeyConditions[1].Any[0].Any).To(HaveLen(1)) // 1 HTTPRouteMatch in the HTTPRouteRule Expect(apiKeyConditions[1].Any[0].Any[0].All).To(HaveLen(2)) - Expect(apiKeyConditions[1].Any[0].Any[0].All[0].Selector).To(Equal("context.request.http.method")) + Expect(apiKeyConditions[1].Any[0].Any[0].All[0].Selector).To(Equal("request.method")) Expect(apiKeyConditions[1].Any[0].Any[0].All[0].Operator).To(Equal(authorinoapi.PatternExpressionOperator("eq"))) Expect(apiKeyConditions[1].Any[0].Any[0].All[0].Value).To(Equal("GET")) - Expect(apiKeyConditions[1].Any[0].Any[0].All[1].Selector).To(Equal(`context.request.http.path.@extract:{"sep":"?"}`)) + Expect(apiKeyConditions[1].Any[0].Any[0].All[1].Selector).To(Equal(`request.url_path`)) Expect(apiKeyConditions[1].Any[0].Any[0].All[1].Operator).To(Equal(authorinoapi.PatternExpressionOperator("matches"))) Expect(apiKeyConditions[1].Any[0].Any[0].All[1].Value).To(Equal("/private.*")) }) diff --git a/controllers/authpolicy_istio_auth_config_test.go b/controllers/authpolicy_istio_auth_config_test.go index d0ae64b91..bef86f20b 100644 --- a/controllers/authpolicy_istio_auth_config_test.go +++ b/controllers/authpolicy_istio_auth_config_test.go @@ -25,7 +25,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { expected: []authorinoapi.PatternExpressionOrRef{ { PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: `toystore\.kuadrant\.io`, }, @@ -54,7 +54,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: `toystore\.kuadrant\.io`, }, @@ -63,7 +63,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "matches", Value: `/toy.*`, }, @@ -104,7 +104,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: `toystore\.kuadrant\.io`, }, @@ -113,7 +113,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "matches", Value: `/toy.*`, }, @@ -128,7 +128,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: `toystore\.kuadrant\.io`, }, @@ -137,7 +137,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "eq", Value: `/foo`, }, @@ -172,7 +172,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: `toystore\.kuadrant\.io|gamestore\.kuadrant\.io`, }, @@ -181,7 +181,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "matches", Value: `/toy.*`, }, @@ -216,7 +216,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: `.*\.kuadrant\.io`, }, @@ -225,7 +225,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "matches", Value: `/toy.*`, }, @@ -260,7 +260,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: "context.request.http.host", + Selector: "request.host", Operator: "matches", Value: `toystore\.kuadrant\.io`, }, @@ -269,7 +269,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "matches", Value: `/toy.*`, }, @@ -300,7 +300,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.method`, + Selector: `request.method`, Operator: "eq", Value: `GET`, }, @@ -334,7 +334,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "eq", Value: `/toy`, }, @@ -368,7 +368,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "matches", Value: `/toy.*`, }, @@ -402,7 +402,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?"}`, + Selector: `request.url_path`, Operator: "matches", Value: "^/(dolls|cars)", }, @@ -439,7 +439,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.headers.x-foo`, + Selector: `request.headers.x-foo`, Operator: "eq", Value: "a-value", }, @@ -481,7 +481,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.headers.x-foo`, + Selector: `request.headers.x-foo`, Operator: "eq", Value: "a-value", }, @@ -490,7 +490,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.headers.x-bar`, + Selector: `request.headers.x-bar`, Operator: "eq", Value: "other-value", }, @@ -527,7 +527,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.headers.x-foo`, + Selector: `request.headers.x-foo`, Operator: "matches", Value: "^a+.*$", }, @@ -567,7 +567,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?x-foo=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"?x-foo=","pos":1}.@extract:{"sep":"&"}`, Operator: "eq", Value: "a-value", }, @@ -576,7 +576,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"&x-foo=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"&x-foo=","pos":1}.@extract:{"sep":"&"}`, Operator: "eq", Value: "a-value", }, @@ -624,7 +624,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?x-foo=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"?x-foo=","pos":1}.@extract:{"sep":"&"}`, Operator: "eq", Value: "a-value", }, @@ -633,7 +633,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"&x-foo=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"&x-foo=","pos":1}.@extract:{"sep":"&"}`, Operator: "eq", Value: "a-value", }, @@ -648,7 +648,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?x-bar=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"?x-bar=","pos":1}.@extract:{"sep":"&"}`, Operator: "eq", Value: "other-value", }, @@ -657,7 +657,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"&x-bar=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"&x-bar=","pos":1}.@extract:{"sep":"&"}`, Operator: "eq", Value: "other-value", }, @@ -700,7 +700,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"?x-foo=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"?x-foo=","pos":1}.@extract:{"sep":"&"}`, Operator: "matches", Value: "^a+.*$", }, @@ -709,7 +709,7 @@ func TestAuthorinoConditionsFromHTTPRouteRule(t *testing.T) { { PatternExpressionOrRef: authorinoapi.PatternExpressionOrRef{ PatternExpression: authorinoapi.PatternExpression{ - Selector: `context.request.http.path.@extract:{"sep":"&x-foo=","pos":1}.@extract:{"sep":"&"}`, + Selector: `request.path.@extract:{"sep":"&x-foo=","pos":1}.@extract:{"sep":"&"}`, Operator: "matches", Value: "^a+.*$", },