internal: add X-authentik-logout signature to trigger logouts when URLs are not exposed
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
7e3c21d77b
commit
201bea6d30
|
@ -150,6 +150,8 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
|
||||||
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
if _, set := r.URL.Query()[CallbackSignature]; set {
|
if _, set := r.URL.Query()[CallbackSignature]; set {
|
||||||
a.handleAuthCallback(w, r)
|
a.handleAuthCallback(w, r)
|
||||||
|
} else if _, set := r.URL.Query()[LogoutSignature]; set {
|
||||||
|
a.handleSignOut(w, r)
|
||||||
} else {
|
} else {
|
||||||
inner.ServeHTTP(w, r)
|
inner.ServeHTTP(w, r)
|
||||||
}
|
}
|
||||||
|
|
|
@ -15,6 +15,7 @@ import (
|
||||||
const (
|
const (
|
||||||
redirectParam = "rd"
|
redirectParam = "rd"
|
||||||
CallbackSignature = "X-authentik-auth-callback"
|
CallbackSignature = "X-authentik-auth-callback"
|
||||||
|
LogoutSignature = "X-authentik-logout"
|
||||||
)
|
)
|
||||||
|
|
||||||
func (a *Application) checkRedirectParam(r *http.Request) (string, bool) {
|
func (a *Application) checkRedirectParam(r *http.Request) (string, bool) {
|
||||||
|
|
|
@ -54,7 +54,8 @@ func (ws *WebServer) configureProxy() {
|
||||||
before := time.Now()
|
before := time.Now()
|
||||||
if ws.ProxyServer != nil {
|
if ws.ProxyServer != nil {
|
||||||
_, oauthCallbackSet := r.URL.Query()[application.CallbackSignature]
|
_, oauthCallbackSet := r.URL.Query()[application.CallbackSignature]
|
||||||
if ws.ProxyServer.HandleHost(rw, r) || oauthCallbackSet {
|
_, logoutSet := r.URL.Query()[application.LogoutSignature]
|
||||||
|
if ws.ProxyServer.HandleHost(rw, r) || oauthCallbackSet || logoutSet {
|
||||||
Requests.With(prometheus.Labels{
|
Requests.With(prometheus.Labels{
|
||||||
"dest": "embedded_outpost",
|
"dest": "embedded_outpost",
|
||||||
}).Observe(float64(time.Since(before)))
|
}).Observe(float64(time.Since(before)))
|
||||||
|
|
Reference in a new issue