From 4343246a41227d91329a665489af7968e9f296a5 Mon Sep 17 00:00:00 2001 From: Jens L Date: Tue, 8 Feb 2022 20:25:38 +0100 Subject: [PATCH] *: rename akprox to outpost.goauthentik.io (#2266) Signed-off-by: Jens Langhammer --- authentik/providers/proxy/apps.py | 4 + .../providers/proxy/controllers/docker.py | 4 +- .../proxy/controllers/k8s/ingress.py | 2 +- .../proxy/controllers/k8s/traefik.py | 5 +- authentik/providers/proxy/models.py | 2 +- authentik/providers/proxy/tasks.py | 11 + internal/outpost/ldap/metrics/metrics.go | 2 +- .../proxyv2/application/application.go | 10 +- internal/outpost/proxyv2/application/error.go | 2 +- .../proxyv2/application/mode_forward.go | 16 +- .../application/mode_forward_nginx_test.go | 14 +- .../application/mode_forward_traefik_test.go | 16 +- internal/outpost/proxyv2/application/utils.go | 2 +- .../outpost/proxyv2/application/utils_test.go | 8 +- internal/outpost/proxyv2/handlers.go | 6 +- internal/outpost/proxyv2/metrics/metrics.go | 2 +- internal/outpost/proxyv2/proxyv2.go | 4 +- internal/outpost/proxyv2/templates/error.html | 10 +- internal/web/proxy.go | 2 +- ldap.Dockerfile | 2 +- proxy.Dockerfile | 2 +- tests/e2e/test_provider_proxy.py | 2 +- web/src/locales/en.po | 190 +++++++++--------- web/src/locales/es.po | 4 +- web/src/locales/fr_FR.po | 72 +++---- web/src/locales/pl.po | 4 +- web/src/locales/pl_PL.po | 8 +- web/src/locales/pseudo-LOCALE.po | 188 ++++++++--------- web/src/locales/tr.po | 4 +- web/src/locales/zh-Hans.po | 8 +- web/src/locales/zh-Hant.po | 8 +- web/src/locales/zh_TW.po | 8 +- .../providers/proxy/ProxyProviderForm.ts | 2 +- website/docs/outposts/embedded/embedded.md | 2 +- website/docs/outposts/integrations/docker.md | 2 +- .../docs/providers/proxy/_nginx_ingress.md | 6 +- .../providers/proxy/_nginx_proxy_manager.md | 14 +- .../docs/providers/proxy/_nginx_standalone.md | 16 +- .../docs/providers/proxy/_traefik_compose.md | 4 +- .../docs/providers/proxy/_traefik_ingress.md | 4 +- .../providers/proxy/_traefik_standalone.md | 6 +- website/docs/providers/proxy/forward_auth.mdx | 2 +- website/docs/providers/proxy/proxy.md | 6 +- website/docs/releases/v2021.8.md | 2 +- website/docs/releases/v2022.1.md | 4 +- 45 files changed, 355 insertions(+), 337 deletions(-) create mode 100644 authentik/providers/proxy/tasks.py diff --git a/authentik/providers/proxy/apps.py b/authentik/providers/proxy/apps.py index 5355ece60..ad1f0bf45 100644 --- a/authentik/providers/proxy/apps.py +++ b/authentik/providers/proxy/apps.py @@ -12,4 +12,8 @@ class AuthentikProviderProxyConfig(AppConfig): verbose_name = "authentik Providers.Proxy" def ready(self) -> None: + from authentik.providers.proxy.tasks import proxy_set_defaults + import_module("authentik.providers.proxy.managed") + + proxy_set_defaults.delay() diff --git a/authentik/providers/proxy/controllers/docker.py b/authentik/providers/proxy/controllers/docker.py index ef47a69de..32cc9ff33 100644 --- a/authentik/providers/proxy/controllers/docker.py +++ b/authentik/providers/proxy/controllers/docker.py @@ -28,12 +28,12 @@ class ProxyDockerController(DockerController): labels["traefik.enable"] = "true" labels[ f"traefik.http.routers.{traefik_name}-router.rule" - ] = f"Host({','.join(hosts)}) && PathPrefix(`/akprox`)" + ] = f"Host({','.join(hosts)}) && PathPrefix(`/outpost.goauthentik.io`)" labels[f"traefik.http.routers.{traefik_name}-router.tls"] = "true" labels[f"traefik.http.routers.{traefik_name}-router.service"] = f"{traefik_name}-service" labels[ f"traefik.http.services.{traefik_name}-service.loadbalancer.healthcheck.path" - ] = "/akprox/ping" + ] = "/outpost.goauthentik.io/ping" labels[ f"traefik.http.services.{traefik_name}-service.loadbalancer.healthcheck.port" ] = "9300" diff --git a/authentik/providers/proxy/controllers/k8s/ingress.py b/authentik/providers/proxy/controllers/k8s/ingress.py index 7b4f10d5d..1d7f1fe07 100644 --- a/authentik/providers/proxy/controllers/k8s/ingress.py +++ b/authentik/providers/proxy/controllers/k8s/ingress.py @@ -126,7 +126,7 @@ class IngressReconciler(KubernetesObjectReconciler[V1Ingress]): port=V1ServiceBackendPort(name="http"), ), ), - path="/akprox", + path="/outpost.goauthentik.io", path_type="ImplementationSpecific", ) ] diff --git a/authentik/providers/proxy/controllers/k8s/traefik.py b/authentik/providers/proxy/controllers/k8s/traefik.py index 4831d4123..2066b2620 100644 --- a/authentik/providers/proxy/controllers/k8s/traefik.py +++ b/authentik/providers/proxy/controllers/k8s/traefik.py @@ -119,7 +119,10 @@ class TraefikMiddlewareReconciler(KubernetesObjectReconciler[TraefikMiddleware]) ), spec=TraefikMiddlewareSpec( forwardAuth=TraefikMiddlewareSpecForwardAuth( - address=f"http://{self.name}.{self.namespace}:9000/akprox/auth/traefik", + address=( + f"http://{self.name}.{self.namespace}:9000/" + "outpost.goauthentik.io/auth/traefik" + ), authResponseHeaders=[ "X-authentik-username", "X-authentik-groups", diff --git a/authentik/providers/proxy/models.py b/authentik/providers/proxy/models.py index d7f9ceebc..10237d218 100644 --- a/authentik/providers/proxy/models.py +++ b/authentik/providers/proxy/models.py @@ -27,7 +27,7 @@ def get_cookie_secret(): def _get_callback_url(uri: str) -> str: - return urljoin(uri, "/akprox/callback") + return urljoin(uri, "/outpost.goauthentik.io/callback") class ProxyMode(models.TextChoices): diff --git a/authentik/providers/proxy/tasks.py b/authentik/providers/proxy/tasks.py new file mode 100644 index 000000000..2261c2f09 --- /dev/null +++ b/authentik/providers/proxy/tasks.py @@ -0,0 +1,11 @@ +"""proxy provider tasks""" +from authentik.providers.proxy.models import ProxyProvider +from authentik.root.celery import CELERY_APP + + +@CELERY_APP.task() +def proxy_set_defaults(): + """Ensure correct defaults are set for all providers""" + for provider in ProxyProvider.objects.all(): + provider.set_oauth_defaults() + provider.save() diff --git a/internal/outpost/ldap/metrics/metrics.go b/internal/outpost/ldap/metrics/metrics.go index fdd1a1825..2ff8af4b0 100644 --- a/internal/outpost/ldap/metrics/metrics.go +++ b/internal/outpost/ldap/metrics/metrics.go @@ -25,7 +25,7 @@ var ( func RunServer() { m := mux.NewRouter() l := log.WithField("logger", "authentik.outpost.metrics") - m.HandleFunc("/akprox/ping", func(rw http.ResponseWriter, r *http.Request) { + m.HandleFunc("/outpost.goauthentik.io/ping", func(rw http.ResponseWriter, r *http.Request) { rw.WriteHeader(204) }) m.Path("/metrics").Handler(promhttp.Handler()) diff --git a/internal/outpost/proxyv2/application/application.go b/internal/outpost/proxyv2/application/application.go index 6b9c9f02f..72e19adc0 100644 --- a/internal/outpost/proxyv2/application/application.go +++ b/internal/outpost/proxyv2/application/application.go @@ -78,7 +78,7 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore oauth2Config := oauth2.Config{ ClientID: *p.ClientId, ClientSecret: *p.ClientSecret, - RedirectURL: urlJoin(p.ExternalHost, "/akprox/callback"), + RedirectURL: urlJoin(p.ExternalHost, "/outpost.goauthentik.io/callback"), Endpoint: endpoint.Endpoint, Scopes: p.ScopesToRequest, } @@ -145,10 +145,10 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore mux.Use(sentryhttp.New(sentryhttp.Options{}).Handle) // Support /start and /sign_in for backwards compatibility - mux.HandleFunc("/akprox/start", a.handleRedirect) - mux.HandleFunc("/akprox/sign_in", a.handleRedirect) - mux.HandleFunc("/akprox/callback", a.handleCallback) - mux.HandleFunc("/akprox/sign_out", a.handleSignOut) + mux.HandleFunc("/outpost.goauthentik.io/start", a.handleRedirect) + mux.HandleFunc("/outpost.goauthentik.io/sign_in", a.handleRedirect) + mux.HandleFunc("/outpost.goauthentik.io/callback", a.handleCallback) + mux.HandleFunc("/outpost.goauthentik.io/sign_out", a.handleSignOut) switch *p.Mode { case api.PROXYMODE_PROXY: err = a.configureProxy() diff --git a/internal/outpost/proxyv2/application/error.go b/internal/outpost/proxyv2/application/error.go index ce01178c3..1b52d4f7a 100644 --- a/internal/outpost/proxyv2/application/error.go +++ b/internal/outpost/proxyv2/application/error.go @@ -18,7 +18,7 @@ func (a *Application) ErrorPage(rw http.ResponseWriter, r *http.Request, err str data := ErrorPageData{ Title: "Bad Gateway", Message: "Error proxying to upstream server", - ProxyPrefix: "/akprox", + ProxyPrefix: "/outpost.goauthentik.io", } if claims != nil && len(err) > 0 { data.Message = err diff --git a/internal/outpost/proxyv2/application/mode_forward.go b/internal/outpost/proxyv2/application/mode_forward.go index 35460dd9c..1d06dd5e8 100644 --- a/internal/outpost/proxyv2/application/mode_forward.go +++ b/internal/outpost/proxyv2/application/mode_forward.go @@ -12,15 +12,15 @@ import ( ) func (a *Application) configureForward() error { - a.mux.HandleFunc("/akprox/auth", func(rw http.ResponseWriter, r *http.Request) { + a.mux.HandleFunc("/outpost.goauthentik.io/auth", func(rw http.ResponseWriter, r *http.Request) { if _, ok := r.URL.Query()["traefik"]; ok { a.forwardHandleTraefik(rw, r) return } a.forwardHandleNginx(rw, r) }) - a.mux.HandleFunc("/akprox/auth/traefik", a.forwardHandleTraefik) - a.mux.HandleFunc("/akprox/auth/nginx", a.forwardHandleNginx) + a.mux.HandleFunc("/outpost.goauthentik.io/auth/traefik", a.forwardHandleTraefik) + a.mux.HandleFunc("/outpost.goauthentik.io/auth/nginx", a.forwardHandleNginx) return nil } @@ -49,8 +49,8 @@ func (a *Application) forwardHandleTraefik(rw http.ResponseWriter, r *http.Reque a.log.Trace("path can be accessed without authentication") return } - if strings.HasPrefix(r.Header.Get("X-Forwarded-Uri"), "/akprox") { - a.log.WithField("url", r.URL.String()).Trace("path begins with /akprox, allowing access") + if strings.HasPrefix(r.Header.Get("X-Forwarded-Uri"), "/outpost.goauthentik.io") { + a.log.WithField("url", r.URL.String()).Trace("path begins with /outpost.goauthentik.io, allowing access") return } host := "" @@ -80,7 +80,7 @@ func (a *Application) forwardHandleTraefik(rw http.ResponseWriter, r *http.Reque if proto != "" { proto = proto + ":" } - rdFinal := fmt.Sprintf("%s//%s%s", proto, host, "/akprox/start") + rdFinal := fmt.Sprintf("%s//%s%s", proto, host, "/outpost.goauthentik.io/start") a.log.WithField("url", rdFinal).Debug("Redirecting to login") http.Redirect(rw, r, rdFinal, http.StatusTemporaryRedirect) } @@ -119,8 +119,8 @@ func (a *Application) forwardHandleNginx(rw http.ResponseWriter, r *http.Request } if fwd.String() != r.URL.String() { - if strings.HasPrefix(fwd.Path, "/akprox") { - a.log.WithField("url", r.URL.String()).Trace("path begins with /akprox, allowing access") + if strings.HasPrefix(fwd.Path, "/outpost.goauthentik.io") { + a.log.WithField("url", r.URL.String()).Trace("path begins with /outpost.goauthentik.io, allowing access") return } } diff --git a/internal/outpost/proxyv2/application/mode_forward_nginx_test.go b/internal/outpost/proxyv2/application/mode_forward_nginx_test.go index 58873fc15..5d2681ae0 100644 --- a/internal/outpost/proxyv2/application/mode_forward_nginx_test.go +++ b/internal/outpost/proxyv2/application/mode_forward_nginx_test.go @@ -12,7 +12,7 @@ import ( func TestForwardHandleNginx_Single_Blank(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/nginx", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/nginx", nil) rr := httptest.NewRecorder() a.forwardHandleNginx(rr, req) @@ -22,7 +22,7 @@ func TestForwardHandleNginx_Single_Blank(t *testing.T) { func TestForwardHandleNginx_Single_Skip(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/nginx", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/nginx", nil) req.Header.Set("X-Original-URL", "http://test.goauthentik.io/skip") rr := httptest.NewRecorder() @@ -33,7 +33,7 @@ func TestForwardHandleNginx_Single_Skip(t *testing.T) { func TestForwardHandleNginx_Single_Headers(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/nginx", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/nginx", nil) req.Header.Set("X-Original-URL", "http://test.goauthentik.io/app") rr := httptest.NewRecorder() @@ -47,7 +47,7 @@ func TestForwardHandleNginx_Single_Headers(t *testing.T) { func TestForwardHandleNginx_Single_URI(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "https://foo.bar/akprox/auth/nginx", nil) + req, _ := http.NewRequest("GET", "https://foo.bar/outpost.goauthentik.io/auth/nginx", nil) req.Header.Set("X-Original-URI", "/app") rr := httptest.NewRecorder() @@ -61,7 +61,7 @@ func TestForwardHandleNginx_Single_URI(t *testing.T) { func TestForwardHandleNginx_Single_Claims(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/nginx", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/nginx", nil) req.Header.Set("X-Original-URI", "/") rr := httptest.NewRecorder() @@ -108,7 +108,7 @@ func TestForwardHandleNginx_Domain_Blank(t *testing.T) { a := newTestApplication() a.proxyConfig.Mode = api.PROXYMODE_FORWARD_DOMAIN.Ptr() a.proxyConfig.CookieDomain = api.PtrString("foo") - req, _ := http.NewRequest("GET", "/akprox/auth/nginx", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/nginx", nil) rr := httptest.NewRecorder() a.forwardHandleNginx(rr, req) @@ -121,7 +121,7 @@ func TestForwardHandleNginx_Domain_Header(t *testing.T) { a.proxyConfig.Mode = api.PROXYMODE_FORWARD_DOMAIN.Ptr() a.proxyConfig.CookieDomain = api.PtrString("foo") a.proxyConfig.ExternalHost = "http://auth.test.goauthentik.io" - req, _ := http.NewRequest("GET", "/akprox/auth/nginx", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/nginx", nil) req.Header.Set("X-Original-URL", "http://test.goauthentik.io/app") rr := httptest.NewRecorder() diff --git a/internal/outpost/proxyv2/application/mode_forward_traefik_test.go b/internal/outpost/proxyv2/application/mode_forward_traefik_test.go index e9abe5259..5767a8885 100644 --- a/internal/outpost/proxyv2/application/mode_forward_traefik_test.go +++ b/internal/outpost/proxyv2/application/mode_forward_traefik_test.go @@ -12,7 +12,7 @@ import ( func TestForwardHandleTraefik_Single_Blank(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/traefik", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/traefik", nil) rr := httptest.NewRecorder() a.forwardHandleTraefik(rr, req) @@ -22,7 +22,7 @@ func TestForwardHandleTraefik_Single_Blank(t *testing.T) { func TestForwardHandleTraefik_Single_Skip(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/traefik", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/traefik", nil) req.Header.Set("X-Forwarded-Proto", "http") req.Header.Set("X-Forwarded-Host", "test.goauthentik.io") req.Header.Set("X-Forwarded-Uri", "/skip") @@ -35,7 +35,7 @@ func TestForwardHandleTraefik_Single_Skip(t *testing.T) { func TestForwardHandleTraefik_Single_Headers(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/traefik", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/traefik", nil) req.Header.Set("X-Forwarded-Proto", "http") req.Header.Set("X-Forwarded-Host", "test.goauthentik.io") req.Header.Set("X-Forwarded-Uri", "/app") @@ -45,7 +45,7 @@ func TestForwardHandleTraefik_Single_Headers(t *testing.T) { assert.Equal(t, rr.Code, http.StatusTemporaryRedirect) loc, _ := rr.Result().Location() - assert.Equal(t, loc.String(), "http://test.goauthentik.io/akprox/start") + assert.Equal(t, loc.String(), "http://test.goauthentik.io/outpost.goauthentik.io/start") s, _ := a.sessions.Get(req, constants.SeesionName) assert.Equal(t, "http://test.goauthentik.io/app", s.Values[constants.SessionRedirect]) @@ -53,7 +53,7 @@ func TestForwardHandleTraefik_Single_Headers(t *testing.T) { func TestForwardHandleTraefik_Single_Claims(t *testing.T) { a := newTestApplication() - req, _ := http.NewRequest("GET", "/akprox/auth/traefik", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/traefik", nil) req.Header.Set("X-Forwarded-Proto", "http") req.Header.Set("X-Forwarded-Host", "test.goauthentik.io") req.Header.Set("X-Forwarded-Uri", "/app") @@ -102,7 +102,7 @@ func TestForwardHandleTraefik_Domain_Blank(t *testing.T) { a := newTestApplication() a.proxyConfig.Mode = api.PROXYMODE_FORWARD_DOMAIN.Ptr() a.proxyConfig.CookieDomain = api.PtrString("foo") - req, _ := http.NewRequest("GET", "/akprox/auth/traefik", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/traefik", nil) rr := httptest.NewRecorder() a.forwardHandleTraefik(rr, req) @@ -115,7 +115,7 @@ func TestForwardHandleTraefik_Domain_Header(t *testing.T) { a.proxyConfig.Mode = api.PROXYMODE_FORWARD_DOMAIN.Ptr() a.proxyConfig.CookieDomain = api.PtrString("foo") a.proxyConfig.ExternalHost = "http://auth.test.goauthentik.io" - req, _ := http.NewRequest("GET", "/akprox/auth/traefik", nil) + req, _ := http.NewRequest("GET", "/outpost.goauthentik.io/auth/traefik", nil) req.Header.Set("X-Forwarded-Proto", "http") req.Header.Set("X-Forwarded-Host", "test.goauthentik.io") req.Header.Set("X-Forwarded-Uri", "/app") @@ -125,7 +125,7 @@ func TestForwardHandleTraefik_Domain_Header(t *testing.T) { assert.Equal(t, http.StatusTemporaryRedirect, rr.Code) loc, _ := rr.Result().Location() - assert.Equal(t, "http://auth.test.goauthentik.io/akprox/start", loc.String()) + assert.Equal(t, "http://auth.test.goauthentik.io/outpost.goauthentik.io/start", loc.String()) s, _ := a.sessions.Get(req, constants.SeesionName) assert.Equal(t, "http://test.goauthentik.io/app", s.Values[constants.SessionRedirect]) diff --git a/internal/outpost/proxyv2/application/utils.go b/internal/outpost/proxyv2/application/utils.go index 3fb5b44e3..44b20f4da 100644 --- a/internal/outpost/proxyv2/application/utils.go +++ b/internal/outpost/proxyv2/application/utils.go @@ -42,7 +42,7 @@ func (a *Application) redirectToStart(rw http.ResponseWriter, r *http.Request) { a.log.WithError(err).Warning("failed to save session before redirect") } - authUrl := urlJoin(a.proxyConfig.ExternalHost, "/akprox/start") + authUrl := urlJoin(a.proxyConfig.ExternalHost, "/outpost.goauthentik.io/start") http.Redirect(rw, r, authUrl, http.StatusFound) } diff --git a/internal/outpost/proxyv2/application/utils_test.go b/internal/outpost/proxyv2/application/utils_test.go index 3d84f7608..a10ac20ac 100644 --- a/internal/outpost/proxyv2/application/utils_test.go +++ b/internal/outpost/proxyv2/application/utils_test.go @@ -21,7 +21,7 @@ func TestRedirectToStart_Proxy(t *testing.T) { assert.Equal(t, http.StatusFound, rr.Code) loc, _ := rr.Result().Location() - assert.Equal(t, "https://test.goauthentik.io/akprox/start", loc.String()) + assert.Equal(t, "https://test.goauthentik.io/outpost.goauthentik.io/start", loc.String()) s, _ := a.sessions.Get(req, constants.SeesionName) assert.Equal(t, "https://test.goauthentik.io/foo/bar/baz", s.Values[constants.SessionRedirect]) @@ -38,7 +38,7 @@ func TestRedirectToStart_Forward(t *testing.T) { assert.Equal(t, http.StatusFound, rr.Code) loc, _ := rr.Result().Location() - assert.Equal(t, "https://test.goauthentik.io/akprox/start", loc.String()) + assert.Equal(t, "https://test.goauthentik.io/outpost.goauthentik.io/start", loc.String()) s, _ := a.sessions.Get(req, constants.SeesionName) assert.Equal(t, "https://test.goauthentik.io/foo/bar/baz", s.Values[constants.SessionRedirect]) @@ -56,7 +56,7 @@ func TestRedirectToStart_Forward_Domain_Invalid(t *testing.T) { assert.Equal(t, http.StatusFound, rr.Code) loc, _ := rr.Result().Location() - assert.Equal(t, "https://test.goauthentik.io/akprox/start", loc.String()) + assert.Equal(t, "https://test.goauthentik.io/outpost.goauthentik.io/start", loc.String()) s, _ := a.sessions.Get(req, constants.SeesionName) assert.Equal(t, "https://test.goauthentik.io", s.Values[constants.SessionRedirect]) @@ -74,7 +74,7 @@ func TestRedirectToStart_Forward_Domain(t *testing.T) { assert.Equal(t, http.StatusFound, rr.Code) loc, _ := rr.Result().Location() - assert.Equal(t, "https://test.goauthentik.io/akprox/start", loc.String()) + assert.Equal(t, "https://test.goauthentik.io/outpost.goauthentik.io/start", loc.String()) s, _ := a.sessions.Get(req, constants.SeesionName) assert.Equal(t, "https://test.goauthentik.io", s.Values[constants.SessionRedirect]) diff --git a/internal/outpost/proxyv2/handlers.go b/internal/outpost/proxyv2/handlers.go index 374bcd6af..19c1e8f97 100644 --- a/internal/outpost/proxyv2/handlers.go +++ b/internal/outpost/proxyv2/handlers.go @@ -32,7 +32,7 @@ func (ps *ProxyServer) HandlePing(rw http.ResponseWriter, r *http.Request) { func (ps *ProxyServer) HandleStatic(rw http.ResponseWriter, r *http.Request) { before := time.Now() - web.DisableIndex(http.StripPrefix("/akprox/static/dist", staticWeb.StaticHandler)).ServeHTTP(rw, r) + web.DisableIndex(http.StripPrefix("/outpost.goauthentik.io/static/dist", staticWeb.StaticHandler)).ServeHTTP(rw, r) after := time.Since(before) metrics.Requests.With(prometheus.Labels{ "outpost_name": ps.akAPI.Outpost.Name, @@ -90,11 +90,11 @@ func (ps *ProxyServer) lookupApp(r *http.Request) (*application.Application, str } func (ps *ProxyServer) Handle(rw http.ResponseWriter, r *http.Request) { - if strings.HasPrefix(r.URL.Path, "/akprox/static") { + if strings.HasPrefix(r.URL.Path, "/outpost.goauthentik.io/static") { ps.HandleStatic(rw, r) return } - if strings.HasPrefix(r.URL.Path, "/akprox/ping") { + if strings.HasPrefix(r.URL.Path, "/outpost.goauthentik.io/ping") { ps.HandlePing(rw, r) return } diff --git a/internal/outpost/proxyv2/metrics/metrics.go b/internal/outpost/proxyv2/metrics/metrics.go index fb9f18b97..664583683 100644 --- a/internal/outpost/proxyv2/metrics/metrics.go +++ b/internal/outpost/proxyv2/metrics/metrics.go @@ -25,7 +25,7 @@ var ( func RunServer() { m := mux.NewRouter() l := log.WithField("logger", "authentik.outpost.metrics") - m.HandleFunc("/akprox/ping", func(rw http.ResponseWriter, r *http.Request) { + m.HandleFunc("/outpost.goauthentik.io/ping", func(rw http.ResponseWriter, r *http.Request) { rw.WriteHeader(204) }) m.Path("/metrics").Handler(promhttp.Handler()) diff --git a/internal/outpost/proxyv2/proxyv2.go b/internal/outpost/proxyv2/proxyv2.go index 7ff1e33b1..7863b4660 100644 --- a/internal/outpost/proxyv2/proxyv2.go +++ b/internal/outpost/proxyv2/proxyv2.go @@ -64,8 +64,8 @@ func NewProxyServer(ac *ak.APIController, portOffset int) *ProxyServer { akAPI: ac, defaultCert: defaultCert, } - globalMux.PathPrefix("/akprox/static").HandlerFunc(s.HandleStatic) - globalMux.Path("/akprox/ping").HandlerFunc(s.HandlePing) + globalMux.PathPrefix("/outpost.goauthentik.io/static").HandlerFunc(s.HandleStatic) + globalMux.Path("/outpost.goauthentik.io/ping").HandlerFunc(s.HandlePing) rootMux.PathPrefix("/").HandlerFunc(s.Handle) return s } diff --git a/internal/outpost/proxyv2/templates/error.html b/internal/outpost/proxyv2/templates/error.html index f8853f6d7..02f60e350 100644 --- a/internal/outpost/proxyv2/templates/error.html +++ b/internal/outpost/proxyv2/templates/error.html @@ -5,12 +5,12 @@ {{.Title}} - - - + + + @@ -32,7 +32,7 @@