trustchain-oc1-orchestral
/
authentik
Archived
10
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

outposts/proxy: fix upstream ssl certificate not being ignored if configured to do so 

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-09-11 19:30:17 +02:00
parent 948ea7b087
commit 223d9ad414
1 changed files with 10 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
internal/outpost/proxyv2/application/mode_proxy.go
View File

@ -1,17 +1,26 @@
package application package application
import ( import (
"context"
"crypto/tls"
"net/http" "net/http"
"net/http/httputil" "net/http/httputil"
"net/url" "net/url"
"time" "time"
"github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus"
"goauthentik.io/internal/outpost/ak"
"goauthentik.io/internal/outpost/proxyv2/metrics" "goauthentik.io/internal/outpost/proxyv2/metrics"
"goauthentik.io/internal/outpost/proxyv2/templates" "goauthentik.io/internal/outpost/proxyv2/templates"
"goauthentik.io/internal/utils/web" "goauthentik.io/internal/utils/web"
) )
func (a *Application) getUpstreamTransport() http.RoundTripper {
return &http.Transport{
TLSClientConfig: &tls.Config{InsecureSkipVerify: *a.proxyConfig.InternalHostSslValidation},
}
}
func (a *Application) configureProxy() error { func (a *Application) configureProxy() error {
// Reverse proxy to the application server // Reverse proxy to the application server
u, err := url.Parse(*a.proxyConfig.InternalHost) u, err := url.Parse(*a.proxyConfig.InternalHost)
@ -19,6 +28,7 @@ func (a *Application) configureProxy() error {
return err return err
} }
rp := &httputil.ReverseProxy{Director: a.proxyModifyRequest(u)} rp := &httputil.ReverseProxy{Director: a.proxyModifyRequest(u)}
rp.Transport = ak.NewTracingTransport(context.TODO(), a.getUpstreamTransport())
rp.ErrorHandler = NewProxyErrorHandler(templates.GetTemplates()) rp.ErrorHandler = NewProxyErrorHandler(templates.GetTemplates())
rp.ModifyResponse = a.proxyModifyResponse rp.ModifyResponse = a.proxyModifyResponse
a.mux.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { a.mux.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {