internal: trace headers and url for backend requests
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
a7fea5434d
commit
02ba493759
|
@ -18,6 +18,7 @@ func (ws *WebServer) configureProxy() {
|
||||||
director := func(req *http.Request) {
|
director := func(req *http.Request) {
|
||||||
req.URL.Scheme = u.Scheme
|
req.URL.Scheme = u.Scheme
|
||||||
req.URL.Host = u.Host
|
req.URL.Host = u.Host
|
||||||
|
req.Host = u.Host
|
||||||
if _, ok := req.Header["User-Agent"]; !ok {
|
if _, ok := req.Header["User-Agent"]; !ok {
|
||||||
// explicitly disable User-Agent so it's not set to default value
|
// explicitly disable User-Agent so it's not set to default value
|
||||||
req.Header.Set("User-Agent", "")
|
req.Header.Set("User-Agent", "")
|
||||||
|
@ -25,6 +26,7 @@ func (ws *WebServer) configureProxy() {
|
||||||
if req.TLS != nil {
|
if req.TLS != nil {
|
||||||
req.Header.Set("X-Forwarded-Proto", "https")
|
req.Header.Set("X-Forwarded-Proto", "https")
|
||||||
}
|
}
|
||||||
|
ws.log.WithField("url", req.URL.String()).WithField("headers", req.Header).Trace("tracing request to backend")
|
||||||
}
|
}
|
||||||
rp := &httputil.ReverseProxy{Director: director}
|
rp := &httputil.ReverseProxy{Director: director}
|
||||||
rp.ErrorHandler = ws.proxyErrorHandler
|
rp.ErrorHandler = ws.proxyErrorHandler
|
||||||
|
@ -66,7 +68,7 @@ func (ws *WebServer) configureProxy() {
|
||||||
}
|
}
|
||||||
|
|
||||||
func (ws *WebServer) proxyErrorHandler(rw http.ResponseWriter, req *http.Request, err error) {
|
func (ws *WebServer) proxyErrorHandler(rw http.ResponseWriter, req *http.Request, err error) {
|
||||||
ws.log.Warning(err.Error())
|
ws.log.WithError(err).Warning("failed to proxy to backend")
|
||||||
rw.WriteHeader(http.StatusBadGateway)
|
rw.WriteHeader(http.StatusBadGateway)
|
||||||
em := fmt.Sprintf("failed to connect to authentik backend: %v", err)
|
em := fmt.Sprintf("failed to connect to authentik backend: %v", err)
|
||||||
if !ws.p.IsRunning() {
|
if !ws.p.IsRunning() {
|
||||||
|
|
|
@ -16,6 +16,9 @@ func (ws *WebServer) GetCertificate() func(ch *tls.ClientHelloInfo) (*tls.Certif
|
||||||
ws.log.WithError(err).Error("failed to generate default cert")
|
ws.log.WithError(err).Error("failed to generate default cert")
|
||||||
}
|
}
|
||||||
return func(ch *tls.ClientHelloInfo) (*tls.Certificate, error) {
|
return func(ch *tls.ClientHelloInfo) (*tls.Certificate, error) {
|
||||||
|
if ch.ServerName == "" {
|
||||||
|
return &cert, nil
|
||||||
|
}
|
||||||
if ws.ProxyServer != nil {
|
if ws.ProxyServer != nil {
|
||||||
appCert := ws.ProxyServer.GetCertificate(ch.ServerName)
|
appCert := ws.ProxyServer.GetCertificate(ch.ServerName)
|
||||||
if appCert != nil {
|
if appCert != nil {
|
||||||
|
|
Reference in a new issue