feat: Enable impersonation to be configurable through the app config (#82)

* made impersonation configurable through appconfig

* remove previous made CORS implementation

Author: n3rdc4ptn

gateway/config/config.go

@@ -15,6 +15,8 @@ type Config struct {
 	LocalDevelopment bool   `envconfig:"default=false,optional"`
 	HandlerCfg       HandlerConfig
 	UserNameClaim    string `envconfig:"default=email,optional"`
+
+	ShouldImpersonate bool `envconfig:"default=true,optional"`
 }
 
 type HandlerConfig struct {

gateway/manager/manager.go

@@ -65,7 +65,7 @@ func NewManager(log *logger.Logger, cfg *rest.Config, appCfg appConfig.Config) (
 	cfg.Host = fmt.Sprintf("%s://%s", u.Scheme, u.Host)
 
 	cfg.Wrap(func(rt http.RoundTripper) http.RoundTripper {
-		return NewRoundTripper(log, rt, appCfg.UserNameClaim)
+		return NewRoundTripper(log, rt, appCfg.UserNameClaim, appCfg.ShouldImpersonate)
 	})
 
 	runtimeClient, err := kcp.NewClusterAwareClientWithWatch(cfg, client.Options{})

gateway/manager/roundtripper.go

@@ -11,16 +11,18 @@ import (
 type TokenKey struct{}
 
 type roundTripper struct {
-	userClaim string
-	log       *logger.Logger
-	base      http.RoundTripper // TODO change to awareBaseHttp
+	userClaim   string
+	log         *logger.Logger
+	base        http.RoundTripper // TODO change to awareBaseHttp
+	impersonate bool
 }
 
-func NewRoundTripper(log *logger.Logger, base http.RoundTripper, userNameClaim string) http.RoundTripper {
+func NewRoundTripper(log *logger.Logger, base http.RoundTripper, userNameClaim string, impersonate bool) http.RoundTripper {
 	return &roundTripper{
-		log:       log,
-		base:      base,
-		userClaim: userNameClaim,
+		log:         log,
+		base:        base,
+		userClaim:   userNameClaim,
+		impersonate: impersonate,
 	}
 }
 
@@ -31,6 +33,12 @@ func (rt *roundTripper) RoundTrip(req *http.Request) (*http.Response, error) {
 		return rt.base.RoundTrip(req)
 	}
 
+	if !rt.impersonate {
+		req.Header.Del("Authorization")
+		t := transport.NewBearerAuthRoundTripper(token, rt.base)
+		return t.RoundTrip(req)
+	}
+
 	claims := jwt.MapClaims{}
 	_, _, err := jwt.NewParser().ParseUnverified(token, claims)
 	if err != nil {