providers/proxy: fix routing for external_host when using forward_auth_domain
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org> #2180
This commit is contained in:
parent
8b8ed3527a
commit
f5cc6c67ec
|
@ -8,6 +8,7 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
|
"goauthentik.io/api"
|
||||||
"goauthentik.io/internal/outpost/proxyv2/application"
|
"goauthentik.io/internal/outpost/proxyv2/application"
|
||||||
"goauthentik.io/internal/outpost/proxyv2/metrics"
|
"goauthentik.io/internal/outpost/proxyv2/metrics"
|
||||||
"goauthentik.io/internal/utils/web"
|
"goauthentik.io/internal/utils/web"
|
||||||
|
@ -58,6 +59,9 @@ func (ps *ProxyServer) lookupApp(r *http.Request) (*application.Application, str
|
||||||
var longestMatch *application.Application
|
var longestMatch *application.Application
|
||||||
longestMatchLength := 0
|
longestMatchLength := 0
|
||||||
for _, app := range ps.apps {
|
for _, app := range ps.apps {
|
||||||
|
if app.Mode() != api.PROXYMODE_FORWARD_DOMAIN {
|
||||||
|
continue
|
||||||
|
}
|
||||||
// Check if the cookie domain has a leading period for a wildcard
|
// Check if the cookie domain has a leading period for a wildcard
|
||||||
// This will decrease the weight of a wildcard domain, but a request to example.com
|
// This will decrease the weight of a wildcard domain, but a request to example.com
|
||||||
// with the cookie domain set to example.com will still be routed correctly.
|
// with the cookie domain set to example.com will still be routed correctly.
|
||||||
|
@ -70,6 +74,11 @@ func (ps *ProxyServer) lookupApp(r *http.Request) (*application.Application, str
|
||||||
}
|
}
|
||||||
longestMatch = app
|
longestMatch = app
|
||||||
longestMatchLength = len(cd)
|
longestMatchLength = len(cd)
|
||||||
|
// Also for forward_auth_domain, we need to respond on the external domain
|
||||||
|
if app.ProxyConfig().ExternalHost == host {
|
||||||
|
ps.log.WithField("host", host).WithField("app", app.ProxyConfig().Name).Debug("Found app based on external_host")
|
||||||
|
return app, host
|
||||||
|
}
|
||||||
}
|
}
|
||||||
// Check if our longes match is 0, in which case we didn't match, so we
|
// Check if our longes match is 0, in which case we didn't match, so we
|
||||||
// manually return no app
|
// manually return no app
|
||||||
|
|
Reference in a new issue