outposts/proxy: set http code when no redirect header is set
Signed-off-by: Jens Langhammer <jens@goauthentik.io>
This commit is contained in:
parent
d31e566873
commit
69d4719687
|
@ -5,17 +5,19 @@ import (
|
|||
"net/http"
|
||||
"net/url"
|
||||
"strings"
|
||||
|
||||
"goauthentik.io/internal/outpost/proxyv2/constants"
|
||||
)
|
||||
|
||||
func (a *Application) checkAuthHeaderBearer(r *http.Request) string {
|
||||
auth := r.Header.Get(HeaderAuthorization)
|
||||
auth := r.Header.Get(constants.HeaderAuthorization)
|
||||
if auth == "" {
|
||||
return ""
|
||||
}
|
||||
if len(auth) < len(AuthBearer) || !strings.EqualFold(auth[:len(AuthBearer)], AuthBearer) {
|
||||
if len(auth) < len(constants.AuthBearer) || !strings.EqualFold(auth[:len(constants.AuthBearer)], constants.AuthBearer) {
|
||||
return ""
|
||||
}
|
||||
return auth[len(AuthBearer):]
|
||||
return auth[len(constants.AuthBearer):]
|
||||
}
|
||||
|
||||
type TokenIntrospectionResponse struct {
|
||||
|
|
|
@ -36,6 +36,7 @@ func (a *Application) redirectToStart(rw http.ResponseWriter, r *http.Request) {
|
|||
a.log.WithError(err).Warning("failed to decode session")
|
||||
}
|
||||
if r.Header.Get(constants.HeaderNoRedirect) == "true" {
|
||||
rw.WriteHeader(401)
|
||||
er := a.errorTemplates.Execute(rw, ErrorPageData{
|
||||
Title: "Unauthenticated",
|
||||
Message: fmt.Sprintf("Due to '%s' being set, no redirect is performed.", constants.HeaderNoRedirect),
|
||||
|
|
Reference in a new issue