use dep; fix authServer override

authenticator.go

@@ -190,6 +190,12 @@ func NewAuthenticationHandler(target *url.URL, creds *authContext, verbose bool,
 					response = r
 				}
 			}
+			if strings.Contains(response.Header.Get("Content-Type"), "text/event-stream") {
+				if a.Verbose {
+					log.Info("Adding eventStreamBody wrapper")
+				}
+				response.Body = newEventStreamBody(response.Body)
+			}
 			return response
 		})
 

event_stream_body.go

@@ -0,0 +1,41 @@
+package main
+
+import (
+	"bufio"
+	"io"
+)
+
+func newEventStreamBody(delegate io.ReadCloser) io.ReadCloser {
+	return &eventStreamBody{delegate: delegate}
+}
+
+type eventStreamBody struct {
+	delegate io.ReadCloser
+}
+
+func (esb *eventStreamBody) WriteTo(w io.Writer) (n int64, err error) {
+
+	reader := bufio.NewReader(esb.delegate)
+	var line []byte
+	var written int
+
+	for {
+		line, err = reader.ReadBytes('\n')
+		if err != nil {
+			return
+		}
+		written, err = w.Write(line)
+		if err != nil {
+			return
+		}
+		n += int64(written)
+	}
+}
+
+func (esb *eventStreamBody) Read(p []byte) (n int, err error) {
+	return esb.delegate.Read(p)
+}
+
+func (esb *eventStreamBody) Close() error {
+	return esb.delegate.Close()
+}

lock.json

@@ -0,0 +1,42 @@
+{
+    "memo": "3b356f8f31402acfca5616d9e008aa02f1057c4e697a036aa3c55a55f1a38505",
+    "projects": [
+        {
+            "name": "github.com/Sirupsen/logrus",
+            "version": "v0.10.0",
+            "revision": "4b6ea7319e214d98c938f12692336f7ca9348d6b",
+            "packages": [
+                "."
+            ]
+        },
+        {
+            "name": "github.com/elazarl/goproxy",
+            "revision": "4327d5f85a6da046b9b4818382a3e51f795a249b",
+            "packages": [
+                "."
+            ]
+        },
+        {
+            "name": "github.com/stretchr/testify",
+            "revision": "1297dc01ed0a819ff634c89707081a4df43baf6b",
+            "packages": [
+                "assert"
+            ]
+        },
+        {
+            "name": "github.com/urfave/cli",
+            "branch": "master",
+            "revision": "0bdeddeeb0f650497d603c4ad7b20cfe685682f6",
+            "packages": [
+                "."
+            ]
+        },
+        {
+            "name": "golang.org/x/sys",
+            "revision": "98fc11432b951eb53c62602ba4ae99d03c1fb7e2",
+            "packages": [
+                "unix"
+            ]
+        }
+    ]
+}

main.go

@@ -17,6 +17,59 @@ var Name string
 // Version is set at compile time with the git version
 var Version string
 
+var commonFlags = []cli.Flag{
+	cli.StringFlag{
+		Name:  "target, t",
+		Usage: "The target URL to be proxied",
+	},
+	cli.IntFlag{
+		Name:  "port, p",
+		Value: 8888,
+		Usage: "the port on which to listen",
+	},
+	cli.StringFlag{
+		Name:  "auth-endpoint, a",
+		Usage: "The target URL to be proxied",
+	},
+	cli.StringFlag{
+		Name:  "host, H",
+		Value: "localhost",
+		Usage: "the host address on which to listen",
+	},
+	cli.StringFlag{
+		Name:  "username, u",
+		Usage: "proxy authentication user",
+	},
+	cli.StringFlag{
+		Name:  "password, P",
+		Usage: "proxy authentication password",
+	},
+	cli.StringFlag{
+		Name:  "password-file, f",
+		Usage: "proxy authentication password file",
+	},
+	cli.StringFlag{
+		Name:  "private-key-file",
+		Usage: "file containing private-key used to authenticate (requires 'username')",
+	},
+	cli.StringFlag{
+		Name:  "principal-secret, s",
+		Usage: "principal secret containing credentials for obtaining auth tokens",
+	},
+	cli.StringFlag{
+		Name:  "principal-secret-file",
+		Usage: "principal secret file containing credentials for obtaining auth tokens",
+	},
+	cli.BoolFlag{
+		Name:  "verbose, V",
+		Usage: "whether to output all request/response traffic",
+	},
+	cli.BoolFlag{
+		Name:  "insecure, k",
+		Usage: "allow connections to SSL sites without valid certs",
+	},
+}
+
 func run(args []string, stdout *os.File, stderr *os.File) {
 
 	app := cli.NewApp()
@@ -27,60 +80,7 @@ func run(args []string, stdout *os.File, stderr *os.File) {
 		by obtaining and injecting auth tokens as needed.
 		`
 	app.Version = Version
-	commonFlags := []cli.Flag{
-		cli.StringFlag{
-			Name:  "target, t",
-			Usage: "The target URL to be proxied",
-		},
-		cli.IntFlag{
-			Name:  "port, p",
-			Value: 8888,
-			Usage: "the port on which to listen",
-		},
-		cli.StringFlag{
-			Name:  "auth-endpoint, a",
-			Usage: "The target URL to be proxied",
-		},
-		cli.StringFlag{
-			Name:  "host, H",
-			Value: "localhost",
-			Usage: "the host address on which to listen",
-		},
-		cli.StringFlag{
-			Name:  "username, u",
-			Usage: "proxy authentication user",
-		},
-		cli.StringFlag{
-			Name:  "password, P",
-			Usage: "proxy authentication password",
-		},
-		cli.StringFlag{
-			Name:  "password-file, f",
-			Usage: "proxy authentication password file",
-		},
-		cli.StringFlag{
-			Name:  "private-key-file, pk",
-			Usage: "file containing private-key used to authenticate (requires 'username')",
-		},
-		cli.StringFlag{
-			Name:  "principal-secret, s",
-			Usage: "principal secret containing credentials for obtaining auth tokens",
-		},
-		cli.StringFlag{
-			Name:  "principal-secret-file, sf",
-			Usage: "principal secret file containing credentials for obtaining auth tokens",
-		},
-		cli.BoolFlag{
-			Name:  "verbose, V",
-			Usage: "whether to output all request/response traffic",
-		},
-		cli.BoolFlag{
-			Name:  "insecure, k",
-			Usage: "allow connections to SSL sites without valid certs",
-		},
-	}
 	app.Flags = commonFlags
-
 	app.Commands = []cli.Command{
 		cli.Command{
 			Name:  "authenticate",
@@ -210,6 +210,11 @@ func parseFlags(c *cli.Context) (creds *authContext, targetURL *url.URL) {
 
 		creds = &authContext{UID: username, Password: string(bytes), AuthEndpoint: authEndpoint}
 	}
+
+	if creds != nil && len(authEndpoint) > 0 {
+		creds.AuthEndpoint = authEndpoint
+	}
+
 	return creds, targetURL
 }
 

main_test.go

@@ -12,6 +12,7 @@ import (
 	"time"
 
 	"github.com/stretchr/testify/assert"
+	"github.com/urfave/cli"
 )
 
 func TestCLISecret(t *testing.T) {
@@ -125,3 +126,47 @@ func TestCLIAuthenticate(t *testing.T) {
 
 	assert.NotEmpty(t, string(bytes))
 }
+
+func TestCLIParseFlags(t *testing.T) {
+
+	pk := genPrivateKey(t)
+	token := genToken()
+
+	authServer := httptest.NewTLSServer(&mockAuthEndpoint{pk: pk, token: token})
+	defer authServer.Close()
+
+	targetServer := httptest.NewTLSServer(&mockTarget{expectedAuthZ: "token=" + token})
+	defer targetServer.Close()
+
+	results := make(chan map[string]interface{}, 1)
+	app := cli.NewApp()
+	app.Commands = []cli.Command{
+		cli.Command{
+			Name:  "authenticate",
+			Flags: commonFlags,
+			Action: func(c *cli.Context) {
+				creds, targetURL := parseFlags(c)
+				results <- map[string]interface{}{
+					"creds":     creds,
+					"targetURL": targetURL,
+				}
+			},
+		},
+	}
+	err := app.Run([]string{
+		"dcos-auth-proxy",
+		"authenticate",
+		"-a", "http://some-other-url",
+		"-s", `{"login_endpoint":"` + authServer.URL + `","uid":"random","private_key":"` + strings.Replace(string(toPEM(pk)), "\n", "\\n", -1) + `"}`,
+		"-k",
+		"-V",
+	})
+	if !assert.NoError(t, err, "Command should parse flags successfully") {
+		t.Fatal(err)
+	}
+
+	result := <-results
+	if result["creds"].(*authContext).AuthEndpoint != "http://some-other-url" {
+		t.Error("Auth endpoint should be overridden")
+	}
+}

manifest.json

@@ -0,0 +1,16 @@
+{
+    "dependencies": {
+        "github.com/Sirupsen/logrus": {
+            "version": ">=0.10.0, <1.0.0"
+        },
+        "github.com/elazarl/goproxy": {
+            "revision": "4327d5f85a6da046b9b4818382a3e51f795a249b"
+        },
+        "github.com/stretchr/testify": {
+            "revision": "1297dc01ed0a819ff634c89707081a4df43baf6b"
+        },
+        "github.com/urfave/cli": {
+            "branch": "master"
+        }
+    }
+}