providers/proxy: use same redirect-save code for all modes

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-06-04 23:25:47 +02:00
parent dc9203789e
commit e30103aa9f
2 changed files with 25 additions and 24 deletions

View file

@ -12,19 +12,14 @@ import (
) )
const ( const (
envoyPrefix = "/outpost.goauthentik.io/auth/envoy" envoyPrefix = "/outpost.goauthentik.io/auth/envoy"
traefikPrefix = "/outpost.goauthentik.io/auth/traefik"
nginxPrefix = "/outpost.goauthentik.io/auth/nginx"
) )
func (a *Application) configureForward() error { func (a *Application) configureForward() error {
a.mux.HandleFunc("/outpost.goauthentik.io/auth", func(rw http.ResponseWriter, r *http.Request) { a.mux.HandleFunc(traefikPrefix, a.forwardHandleTraefik)
if _, ok := r.URL.Query()["traefik"]; ok { a.mux.HandleFunc(nginxPrefix, a.forwardHandleNginx)
a.forwardHandleTraefik(rw, r)
return
}
a.forwardHandleNginx(rw, r)
})
a.mux.HandleFunc("/outpost.goauthentik.io/auth/traefik", a.forwardHandleTraefik)
a.mux.HandleFunc("/outpost.goauthentik.io/auth/nginx", a.forwardHandleNginx)
a.mux.PathPrefix(envoyPrefix).HandlerFunc(a.forwardHandleEnvoy) a.mux.PathPrefix(envoyPrefix).HandlerFunc(a.forwardHandleEnvoy)
return nil return nil
} }
@ -59,7 +54,6 @@ func (a *Application) forwardHandleTraefik(rw http.ResponseWriter, r *http.Reque
return return
} }
host := "" host := ""
s, _ := a.sessions.Get(r, constants.SessionName)
// Optional suffix, which is appended to the URL // Optional suffix, which is appended to the URL
if *a.proxyConfig.Mode.Get() == api.PROXYMODE_FORWARD_SINGLE { if *a.proxyConfig.Mode.Get() == api.PROXYMODE_FORWARD_SINGLE {
host = web.GetHost(r) host = web.GetHost(r)
@ -75,10 +69,13 @@ func (a *Application) forwardHandleTraefik(rw http.ResponseWriter, r *http.Reque
// to a (possibly) different domain, but we want to be redirected back // to a (possibly) different domain, but we want to be redirected back
// to the application // to the application
// X-Forwarded-Uri is only the path, so we need to build the entire URL // X-Forwarded-Uri is only the path, so we need to build the entire URL
s.Values[constants.SessionRedirect] = fwd.String() s, _ := a.sessions.Get(r, constants.SessionName)
err = s.Save(r, rw) if _, redirectSet := s.Values[constants.SessionRedirect]; !redirectSet {
if err != nil { s.Values[constants.SessionRedirect] = fwd.String()
a.log.WithError(err).Warning("failed to save session before redirect") err = s.Save(r, rw)
if err != nil {
a.log.WithError(err).Warning("failed to save session before redirect")
}
} }
proto := r.Header.Get("X-Forwarded-Proto") proto := r.Header.Get("X-Forwarded-Proto")
@ -117,10 +114,12 @@ func (a *Application) forwardHandleNginx(rw http.ResponseWriter, r *http.Request
} }
s, _ := a.sessions.Get(r, constants.SessionName) s, _ := a.sessions.Get(r, constants.SessionName)
s.Values[constants.SessionRedirect] = fwd.String() if _, redirectSet := s.Values[constants.SessionRedirect]; !redirectSet {
err = s.Save(r, rw) s.Values[constants.SessionRedirect] = fwd.String()
if err != nil { err = s.Save(r, rw)
a.log.WithError(err).Warning("failed to save session before redirect") if err != nil {
a.log.WithError(err).Warning("failed to save session before redirect")
}
} }
if fwd.String() != r.URL.String() { if fwd.String() != r.URL.String() {
@ -152,7 +151,6 @@ func (a *Application) forwardHandleEnvoy(rw http.ResponseWriter, r *http.Request
return return
} }
host := "" host := ""
s, _ := a.sessions.Get(r, constants.SessionName)
// Optional suffix, which is appended to the URL // Optional suffix, which is appended to the URL
if *a.proxyConfig.Mode.Get() == api.PROXYMODE_FORWARD_SINGLE { if *a.proxyConfig.Mode.Get() == api.PROXYMODE_FORWARD_SINGLE {
host = web.GetHost(r) host = web.GetHost(r)
@ -168,6 +166,7 @@ func (a *Application) forwardHandleEnvoy(rw http.ResponseWriter, r *http.Request
// to a (possibly) different domain, but we want to be redirected back // to a (possibly) different domain, but we want to be redirected back
// to the application // to the application
// X-Forwarded-Uri is only the path, so we need to build the entire URL // X-Forwarded-Uri is only the path, so we need to build the entire URL
s, _ := a.sessions.Get(r, constants.SessionName)
if _, redirectSet := s.Values[constants.SessionRedirect]; !redirectSet { if _, redirectSet := s.Values[constants.SessionRedirect]; !redirectSet {
s.Values[constants.SessionRedirect] = fwd.String() s.Values[constants.SessionRedirect] = fwd.String()
err = s.Save(r, rw) err = s.Save(r, rw)

View file

@ -36,10 +36,12 @@ func (a *Application) redirectToStart(rw http.ResponseWriter, r *http.Request) {
redirectUrl = a.proxyConfig.ExternalHost redirectUrl = a.proxyConfig.ExternalHost
} }
} }
s.Values[constants.SessionRedirect] = redirectUrl if _, redirectSet := s.Values[constants.SessionRedirect]; !redirectSet {
err = s.Save(r, rw) s.Values[constants.SessionRedirect] = redirectUrl
if err != nil { err = s.Save(r, rw)
a.log.WithError(err).Warning("failed to save session before redirect") if err != nil {
a.log.WithError(err).Warning("failed to save session before redirect")
}
} }
urlArgs := url.Values{ urlArgs := url.Values{