outpost/embedded: fix embedded outpost redirecting to localhost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-08-08 15:39:52 +02:00
parent c5976de500
commit 16f0f89a9d

View file

@ -35,6 +35,12 @@ func intToPointer(i int) *int {
return &i
}
func (pb *providerBundle) replaceLocal(url string) string {
f := strings.ReplaceAll(url, "localhost:8000", pb.s.ak.Client.GetConfig().Host)
f = strings.ReplaceAll(f, "http", pb.s.ak.Client.GetConfig().Scheme)
return f
}
func (pb *providerBundle) prepareOpts(provider api.ProxyOutpostConfig) *options.Options {
externalHost, err := url.Parse(provider.ExternalHost)
if err != nil {
@ -54,12 +60,12 @@ func (pb *providerBundle) prepareOpts(provider api.ProxyOutpostConfig) *options.
providerOpts.Cookie.Secure = externalHost.Scheme == "https"
providerOpts.SkipOIDCDiscovery = true
providerOpts.OIDCIssuerURL = provider.OidcConfiguration.Issuer
providerOpts.LoginURL = provider.OidcConfiguration.AuthorizationEndpoint
providerOpts.RedeemURL = provider.OidcConfiguration.TokenEndpoint
providerOpts.OIDCJwksURL = provider.OidcConfiguration.JwksUri
providerOpts.ProfileURL = provider.OidcConfiguration.UserinfoEndpoint
providerOpts.ValidateURL = provider.OidcConfiguration.UserinfoEndpoint
providerOpts.OIDCIssuerURL = pb.replaceLocal(provider.OidcConfiguration.Issuer)
providerOpts.LoginURL = pb.replaceLocal(provider.OidcConfiguration.AuthorizationEndpoint)
providerOpts.RedeemURL = pb.replaceLocal(provider.OidcConfiguration.TokenEndpoint)
providerOpts.OIDCJwksURL = pb.replaceLocal(provider.OidcConfiguration.JwksUri)
providerOpts.ProfileURL = pb.replaceLocal(provider.OidcConfiguration.UserinfoEndpoint)
providerOpts.ValidateURL = pb.replaceLocal(provider.OidcConfiguration.UserinfoEndpoint)
providerOpts.AcrValues = "goauthentik.io/providers/oauth2/default"
if *provider.SkipPathRegex != "" {