feat:add authorization-annotation the ingress resource (#985)

pkg/kube/translation/annotations.go

@@ -29,6 +29,8 @@ var (
 		annotations.NewRewriteHandler(),
 		annotations.NewRedirectHandler(),
 		annotations.NewForwardAuthHandler(),
+		annotations.NewBasicAuthHandler(),
+		annotations.NewKeyAuthHandler(),
 	}
 )
 

pkg/kube/translation/annotations/authorization.go

@@ -0,0 +1,64 @@
+// Licensed to the Apache Software Foundation (ASF) under one or more
+// contributor license agreements.  See the NOTICE file distributed with
+// this work for additional information regarding copyright ownership.
+// The ASF licenses this file to You under the Apache License, Version 2.0
+// (the "License"); you may not use this file except in compliance with
+// the License.  You may obtain a copy of the License at
+//
+//     http://www.apache.org/licenses/LICENSE-2.0
+//
+// Unless required by applicable law or agreed to in writing, software
+// distributed under the License is distributed on an "AS IS" BASIS,
+// WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+// See the License for the specific language governing permissions and
+// limitations under the License.
+package annotations
+
+import (
+	apisixv1 "github.com/apache/apisix-ingress-controller/pkg/types/apisix/v1"
+)
+
+const (
+	// auth-type: keyAuth | basicAuth
+	_authType = AnnotationsPrefix + "auth-type"
+)
+
+type basicAuth struct{}
+
+// NewkeyBasicHandler creates a handler to convert
+// annotations about basicAuth control to APISIX basic-auth plugin.
+func NewBasicAuthHandler() Handler {
+	return &basicAuth{}
+}
+
+func (b *basicAuth) PluginName() string {
+	return "basic-auth"
+}
+
+func (b *basicAuth) Handle(e Extractor) (interface{}, error) {
+	if e.GetStringAnnotation(_authType) != "basicAuth" {
+		return nil, nil
+	}
+	plugin := apisixv1.BasicAuthConfig{}
+	return &plugin, nil
+}
+
+type keyAuth struct{}
+
+// NewkeyAuthHandler creates a handler to convert
+// annotations about keyAuth control to APISIX key-auth plugin.
+func NewKeyAuthHandler() Handler {
+	return &keyAuth{}
+}
+
+func (k *keyAuth) PluginName() string {
+	return "key-auth"
+}
+
+func (k *keyAuth) Handle(e Extractor) (interface{}, error) {
+	if e.GetStringAnnotation(_authType) != "keyAuth" {
+		return nil, nil
+	}
+	plugin := apisixv1.KeyAuthConfig{}
+	return &plugin, nil
+}

pkg/types/apisix/v1/plugin_types.go

@@ -99,3 +99,13 @@ type ForwardAuthConfig struct {
 	UpstreamHeaders []string `json:"upstream_headers,omitempty"`
 	ClientHeaders   []string `json:"client_headers,omitempty"`
 }
+
+// BasicAuthConfig is the rule config for basic-auth plugin.
+// +k8s:deepcopy-gen=true
+type BasicAuthConfig struct {
+}
+
+// KeyAuthConfig is the rule config for key-auth plugin.
+// +k8s:deepcopy-gen=true
+type KeyAuthConfig struct {
+}

test/e2e/scaffold/consumer.go

@@ -16,8 +16,8 @@ package scaffold
 
 import "fmt"
 
-func (s *Scaffold) ApisixConsumerBasicAuthCreated(name, username, password string) error {
-	ac := fmt.Sprintf(`
+var (
+	_apisixConsumerBasicAuth = `
 apiVersion: apisix.apache.org/v2beta3
 kind: ApisixConsumer
 metadata:
@@ -28,6 +28,26 @@ spec:
       value:
         username: %s
         password: %s
-`, name, username, password)
+`
+	_apisixConsumerKeyAuth = `
+  apiVersion: apisix.apache.org/v2beta3
+  kind: ApisixConsumer
+  metadata:
+    name: %s
+  spec:
+    authParameter:
+      keyAuth:
+        value:
+          key: %s
+  `
+)
+
+func (s *Scaffold) ApisixConsumerBasicAuthCreated(name, username, password string) error {
+	ac := fmt.Sprintf(_apisixConsumerBasicAuth, name, username, password)
+	return s.CreateResourceFromString(ac)
+}
+
+func (s *Scaffold) ApisixConsumerKeyAuthCreated(name, key string) error {
+	ac := fmt.Sprintf(_apisixConsumerKeyAuth, name, key)
 	return s.CreateResourceFromString(ac)
 }