test: add realistic Golang plugin test for IP binding per key using meta_data#7971
test: add realistic Golang plugin test for IP binding per key using meta_data#7971probelabs[bot] wants to merge 2 commits intomasterfrom
Conversation
|
This PR introduces a new integration test to validate the "IP Binding per Key" feature using a Golang plugin. The changes add a test-only plugin function that checks the client's IP address against an Files Changed Analysis
The changes are purely additive and confined to test files, ensuring no impact on production code while improving test coverage for a key extensibility feature. Architecture & Impact Assessment
Request Flow DiagramsequenceDiagram
participant Client
participant TykGateway as Tyk Gateway
participant GoPlugin as Go Plugin
participant SessionStore as Session Store
Client->>TykGateway: Request with API Key & X-Forwarded-For
TykGateway->>SessionStore: Validate API Key
SessionStore-->>TykGateway: Return SessionState (with meta_data)
TykGateway->>GoPlugin: Execute PostKeyAuth hook (MyPluginIPBindingPostKeyAuth)
GoPlugin->>GoPlugin: Get SessionState from context
GoPlugin->>GoPlugin: Extract allowed_ips from meta_data
GoPlugin->>GoPlugin: Compare allowed_ips with X-Forwarded-For header
alt IP matches
GoPlugin-->>TykGateway: Allow request to proceed
TykGateway->>TykGateway: Proxy to upstream service
else IP does not match
GoPlugin-->>TykGateway: Deny request (403 Forbidden)
TykGateway-->>Client: 403 Forbidden Response
end
Scope Discovery & Context Expansion
Metadata
Powered by Visor from Probelabs Last updated: 2026-04-08T10:06:31.530Z | Triggered by: pr_updated | Commit: 14ff7fb 💡 TIP: You can chat with Visor using |
Architecture Issues (1)
Performance Issues (1)
Powered by Visor from Probelabs Last updated: 2026-04-08T10:06:32.594Z | Triggered by: pr_updated | Commit: 14ff7fb 💡 TIP: You can chat with Visor using |
|
API Changes --- prev.txt 2026-04-08 10:07:21.913922898 +0000
+++ current.txt 2026-04-08 10:07:13.627919227 +0000
@@ -15038,6 +15038,7 @@
MyPluginAuthCheck does custom auth and will be used as "auth_check" custom
MW
+func MyPluginIPBindingPostKeyAuth(rw http.ResponseWriter, r *http.Request)
func MyPluginPerPathBar(rw http.ResponseWriter, r *http.Request)
func MyPluginPerPathFoo(rw http.ResponseWriter, r *http.Request)
func MyPluginPerPathResp(rw http.ResponseWriter, r *http.Request) |
🚨 Jira Linter FailedCommit: The Jira linter failed to validate your PR. Please check the error details below: 🔍 Click to view error detailsNext Steps
This comment will be automatically deleted once the linter passes. |
|


Problem / Task
The user requested a realistic test with a real Golang plugin to show that "IP Binding per Key" functionality is working using
meta_data.Changes
MyPluginIPBindingPostKeyAuthtotest/goplugins/test_goplugin.gowhich extractsallowed_ipsfrom session metadata and validates the client IP.TestGoPlugin_IPBindingPerKeytogoplugin/mw_go_plugin_test.gowhich configures an API to use the plugin and tests both allowed and disallowed IPs.Testing
go build -buildmode=plugin -o goplugins.so .intest/gopluginsgo test -tags goplugin -v -run TestGoPlugin_IPBindingPerKeyingopluginRequested by: @U3P2L4XNE
Trace: ed73c29a98fd4454abca25bc868a996b
Generated with Visor AI Assistant