From 347c3793fc265879d50fb31bce2a494bdf8a11f5 Mon Sep 17 00:00:00 2001 From: Jens Langhammer Date: Thu, 2 Dec 2021 14:19:57 +0100 Subject: [PATCH] outposts/proxy: add additional headers Signed-off-by: Jens Langhammer --- internal/outpost/proxyv2/application/claims.go | 2 ++ internal/outpost/proxyv2/application/mode_common.go | 2 ++ internal/outpost/proxyv2/application/oauth_callback.go | 1 + 3 files changed, 5 insertions(+) diff --git a/internal/outpost/proxyv2/application/claims.go b/internal/outpost/proxyv2/application/claims.go index 40cd148a2..4ff89dbff 100644 --- a/internal/outpost/proxyv2/application/claims.go +++ b/internal/outpost/proxyv2/application/claims.go @@ -13,4 +13,6 @@ type Claims struct { Name string `json:"name"` PreferredUsername string `json:"preferred_username"` Groups []string `json:"groups"` + + RawToken string } diff --git a/internal/outpost/proxyv2/application/mode_common.go b/internal/outpost/proxyv2/application/mode_common.go index 1b0e94199..a1430ad1e 100644 --- a/internal/outpost/proxyv2/application/mode_common.go +++ b/internal/outpost/proxyv2/application/mode_common.go @@ -25,8 +25,10 @@ func (a *Application) addHeaders(headers http.Header, c *Claims) { headers.Set("X-authentik-email", c.Email) headers.Set("X-authentik-name", c.Name) headers.Set("X-authentik-uid", c.Sub) + headers.Set("X-authentik-jwt", c.RawToken) // System headers + headers.Set("X-authentik-meta-jwks", a.proxyConfig.OidcConfiguration.JwksUri) headers.Set("X-authentik-meta-outpost", a.outpostName) headers.Set("X-authentik-meta-provider", a.proxyConfig.Name) headers.Set("X-authentik-meta-app", a.proxyConfig.AssignedApplicationSlug) diff --git a/internal/outpost/proxyv2/application/oauth_callback.go b/internal/outpost/proxyv2/application/oauth_callback.go index 7f2937184..acd66cf31 100644 --- a/internal/outpost/proxyv2/application/oauth_callback.go +++ b/internal/outpost/proxyv2/application/oauth_callback.go @@ -45,5 +45,6 @@ func (a *Application) redeemCallback(r *http.Request, shouldState string) (*Clai if err := idToken.Claims(&claims); err != nil { return nil, err } + claims.RawToken = rawIDToken return claims, nil }