internal: fix routing for requests with querystring signature to embedded outpost
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
fdb8fb4b4c
commit
514c48a986
|
@ -201,6 +201,16 @@ func (a *Application) Mode() api.ProxyMode {
|
||||||
return *a.proxyConfig.Mode.Get()
|
return *a.proxyConfig.Mode.Get()
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func (a *Application) HasQuerySignature(r *http.Request) bool {
|
||||||
|
if strings.EqualFold(r.URL.Query().Get(CallbackSignature), "true") {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
if strings.EqualFold(r.URL.Query().Get(LogoutSignature), "true") {
|
||||||
|
return true
|
||||||
|
}
|
||||||
|
return false
|
||||||
|
}
|
||||||
|
|
||||||
func (a *Application) ProxyConfig() api.ProxyOutpostConfig {
|
func (a *Application) ProxyConfig() api.ProxyOutpostConfig {
|
||||||
return a.proxyConfig
|
return a.proxyConfig
|
||||||
}
|
}
|
||||||
|
|
|
@ -67,12 +67,13 @@ func NewProxyServer(ac *ak.APIController) *ProxyServer {
|
||||||
|
|
||||||
func (ps *ProxyServer) HandleHost(rw http.ResponseWriter, r *http.Request) bool {
|
func (ps *ProxyServer) HandleHost(rw http.ResponseWriter, r *http.Request) bool {
|
||||||
a, _ := ps.lookupApp(r)
|
a, _ := ps.lookupApp(r)
|
||||||
if a != nil {
|
if a == nil {
|
||||||
if a.Mode() == api.PROXYMODE_PROXY {
|
return false
|
||||||
|
}
|
||||||
|
if a.HasQuerySignature(r) || a.Mode() == api.PROXYMODE_PROXY {
|
||||||
a.ServeHTTP(rw, r)
|
a.ServeHTTP(rw, r)
|
||||||
return true
|
return true
|
||||||
}
|
}
|
||||||
}
|
|
||||||
return false
|
return false
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
|
@ -9,7 +9,6 @@ import (
|
||||||
"time"
|
"time"
|
||||||
|
|
||||||
"github.com/prometheus/client_golang/prometheus"
|
"github.com/prometheus/client_golang/prometheus"
|
||||||
"goauthentik.io/internal/outpost/proxyv2/application"
|
|
||||||
"goauthentik.io/internal/utils/sentry"
|
"goauthentik.io/internal/utils/sentry"
|
||||||
)
|
)
|
||||||
|
|
||||||
|
@ -52,9 +51,7 @@ func (ws *WebServer) configureProxy() {
|
||||||
}
|
}
|
||||||
before := time.Now()
|
before := time.Now()
|
||||||
if ws.ProxyServer != nil {
|
if ws.ProxyServer != nil {
|
||||||
_, oauthCallbackSet := r.URL.Query()[application.CallbackSignature]
|
if ws.ProxyServer.HandleHost(rw, r) {
|
||||||
_, logoutSet := r.URL.Query()[application.LogoutSignature]
|
|
||||||
if ws.ProxyServer.HandleHost(rw, r) || oauthCallbackSet || logoutSet {
|
|
||||||
Requests.With(prometheus.Labels{
|
Requests.With(prometheus.Labels{
|
||||||
"dest": "embedded_outpost",
|
"dest": "embedded_outpost",
|
||||||
}).Observe(float64(time.Since(before)))
|
}).Observe(float64(time.Since(before)))
|
||||||
|
|
Reference in a new issue