CORS plugin

djbdjb00djb · Apr 27, 2015 · 6aebc40 · 6aebc40
1 parent e1ae0ed
commit 6aebc40
Show file tree

Hide file tree

Showing 15 changed files with 190 additions and 204 deletions.
diff --git a/kong-0.2.0-1.rockspec b/kong-0.2.0-1.rockspec
@@ -109,6 +109,10 @@ build = {
     ["kong.plugins.request_transfomer.access"] = "kong/plugins/request_transformer/access.lua",
     ["kong.plugins.request_transfomer.schema"] = "kong/plugins/request_transformer/schema.lua",
 
+    ["kong.plugins.cors.handler"] = "kong/plugins/cors/handler.lua",
+    ["kong.plugins.cors.access"] = "kong/plugins/cors/access.lua",
+    ["kong.plugins.cors.schema"] = "kong/plugins/cors/schema.lua",
+
     ["kong.api.app"] = "kong/api/app.lua",
     ["kong.api.routes.apis"] = "kong/api/routes/apis.lua",
     ["kong.api.routes.consumers"] = "kong/api/routes/consumers.lua",

diff --git a/kong.yml b/kong.yml
@@ -6,6 +6,7 @@ plugins_available:
   - tcplog
   - udplog
   - filelog
+  - cors
   - request_transformer
 
 nginx_working_dir: /usr/local/kong/

diff --git a/kong/plugins/cors/access.lua b/kong/plugins/cors/access.lua
@@ -0,0 +1,68 @@
+local _M = {}
+
+local function configure_origin(ngx, conf)
+  if conf.origin == nil then
+    ngx.header["Access-Control-Allow-Origin"] = "*"
+  else
+    ngx.header["Access-Control-Allow-Origin"] = conf.origin
+    ngx.header["Vary"] = "Origin"
+  end
+end
+
+local function configure_credentials(ngx, conf)
+  if (conf.credentials) then
+    ngx.header["Access-Control-Allow-Credentials"] = "true"
+  end
+end
+
+local function configure_headers(ngx, conf, headers)
+  if conf.headers == nil then
+    ngx.header["Access-Control-Allow-Headers"] = headers['access-control-request-headers'] or ""
+  else
+    ngx.header["Access-Control-Allow-Headers"] = conf.headers
+  end
+end
+
+local function configure_exposed_headers(ngx, conf)
+  if conf.exposed_headers ~= nil then
+    ngx.header["Access-Control-Expose-Headers"] = conf.exposed_headers
+  end
+end
+
+local function configure_methods(ngx, conf)
+  if conf.methods ~= nil then
+    ngx.header["Access-Control-Allow-Methods"] = conf.methods
+  else
+    ngx.header["Access-Control-Allow-Methods"] = "GET,HEAD,PUT,PATCH,POST,DELETE"
+  end
+end
+
+local function configure_max_age(ngx, conf)
+  if conf.max_age ~= nil then
+    ngx.header["Access-Control-Max-Age"] = tostring(conf.max_age)
+  end
+end
+
+function _M.execute(conf)
+  local request = ngx.req
+  local method = request.get_method()
+  local headers = request.get_headers()
+
+  configure_origin(ngx, conf)
+  configure_credentials(ngx, conf)
+
+  if method == "OPTIONS" then
+    -- Preflight
+    configure_headers(ngx, conf, headers)
+    configure_methods(ngx, conf)
+    configure_max_age(ngx, conf)
+
+    if not conf.preflight_continue then
+      utils.no_content()
+    end
+  else
+    configure_exposed_headers(ngx, conf)
+  end
+end
+
+return _M
diff --git a/kong/plugins/cors/handler.lua b/kong/plugins/cors/handler.lua
@@ -0,0 +1,17 @@
+local BasePlugin = require "kong.plugins.base_plugin"
+local access = require "kong.plugins.cors.access"
+
+local CorsHandler = BasePlugin:extend()
+
+function CorsHandler:new()
+  CorsHandler.super.new(self, "cors")
+end
+
+function CorsHandler:access(conf)
+  CorsHandler.super.access(self)
+  access.execute(conf)
+end
+
+CorsHandler.PRIORITY = 2000
+
+return CorsHandler
diff --git a/kong/plugins/cors/schema.lua b/kong/plugins/cors/schema.lua
@@ -0,0 +1,9 @@
+return {
+  origin = { type = "string" },
+  headers = { type = "string" },
+  exposed_headers = { type = "string" },
+  methods = { type = "string" },
+  max_age = { type = "number" },
+  credentials = { type = "boolean", default = false },
+  preflight_continue = { type = "boolean", default = false }
+}
diff --git a/kong/tools/faker.lua b/kong/tools/faker.lua
@@ -31,6 +31,9 @@ Faker.FIXTURES = {
     { name = "API TESTS 4", public_dns = "test4.com", target_url = "http://mockbin.com" },
     { name = "API TESTS 5", public_dns = "test5.com", target_url = "http://mockbin.com" },
 
+    { name = "API TESTS 6", public_dns = "cors1.com", target_url = "http://mockbin.com" },
+    { name = "API TESTS 7", public_dns = "cors2.com", target_url = "http://mockbin.com" },
+
     -- DEVELOPMENT APIs. Please do not use those in tests
     { name = "API DEV 1", public_dns = "dev.com", target_url = "http://mockbin.com" },
   },
@@ -59,14 +62,23 @@ Faker.FIXTURES = {
     { name = "ratelimiting", value = {period = "minute", limit = 8}, __api = 3, __consumer = 1 },
     -- API 4
     { name = "ratelimiting", value = {period = "minute", limit = 6}, __api = 4 },
-    --API 5
+    -- API 5
     { name = "request_transformer", value = {
       add = { headers = {"x-added:true", "x-added2:true" },
               querystring = {"newparam:value"},
               form = {"newformparam:newvalue"} },
       remove = { headers = { "x-to-remove" },
                  querystring = { "toremovequery" },
-                 form = { "toremoveform" } } }, __api = 5 }
+                 form = { "toremoveform" } } }, __api = 5 },
+    -- API 6
+    { name = "cors", value = {}, __api = 6 },
+    -- API 7
+    { name = "cors", value = { origin = "example.com", 
+                               methods = "GET", 
+                               headers = "origin, type, accepts", 
+                               exposed_headers = "x-auth-token",
+                               max_age = 23,
+                               credentials = true }, __api = 7 }
   }
 }
 

diff --git a/kong/tools/http_client.lua b/kong/tools/http_client.lua
@@ -49,9 +49,9 @@ local function http_call(options)
     local parsed_url = url.parse(options.url)
     local port_segment = ""
     if parsed_url.port then
-      port_segment = ":" .. parsed_url.port
+      port_segment = ":"..parsed_url.port
     end
-    options.headers["host"] = parsed_url.host .. port_segment
+    options.headers["host"] = parsed_url.host..port_segment
   end
 
   -- Returns: response, code, headers
@@ -143,7 +143,7 @@ function _M.put(url, table, headers)
   }
 end
 
--- DELETE methpd
+-- DELETE method
 function _M.delete(url, querystring, headers)
   if not headers then headers = {} end
 
@@ -158,4 +158,19 @@ function _M.delete(url, querystring, headers)
   }
 end
 
+-- OPTIONS method
+function _M.options(url, querystring, headers)
+  if not headers then headers = {} end
+
+  if querystring then
+    url = string.format("%s?%s", url, build_query(querystring))
+  end
+
+  return http_call {
+    method = "OPTIONS",
+    url = url,
+    headers = headers
+  }
+end
+
 return _M
diff --git a/package-build.sh b/package-build.sh
@@ -170,4 +170,4 @@ eval "fpm -a all -f -s dir -t $PACKAGE_TYPE -n 'kong' -v $KONG_VERSION $FPM_PARA
 --url http://getkong.org/ \
 usr"
 
-echo "DONE"
+echo "DONE"
diff --git a/spec/integration/cli/start_spec.lua b/spec/integration/cli/start_spec.lua
@@ -88,7 +88,7 @@ describe("CLI", function()
     end)
 
     it("should work the used plugins are enabled", function()
-      replace_conf_property("plugins_available", {"ratelimiting", "keyauth", "basicauth", "tcplog", "udplog", "filelog", "request_transformer"})
+      replace_conf_property("plugins_available", {"ratelimiting", "keyauth", "basicauth", "tcplog", "udplog", "filelog", "request_transformer", "cors"})
 
       spec_helper.prepare_db(SERVER_CONF)
-Original file line number
+Diff line change
@@ Expand Up / @@ -6,6 +6,7 @@ plugins_available: @@
       - tcplog
       - udplog
       - filelog
+      - cors
       - request_transformer
     nginx_working_dir: /usr/local/kong/
@@ Expand Down @@