internal: fix routing for requests with querystring signature to embedded outpost

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-08-18 20:43:01 +02:00
parent fdb8fb4b4c
commit 514c48a986
3 changed files with 17 additions and 9 deletions

View file

@ -201,6 +201,16 @@ func (a *Application) Mode() api.ProxyMode {
return *a.proxyConfig.Mode.Get() return *a.proxyConfig.Mode.Get()
} }
func (a *Application) HasQuerySignature(r *http.Request) bool {
if strings.EqualFold(r.URL.Query().Get(CallbackSignature), "true") {
return true
}
if strings.EqualFold(r.URL.Query().Get(LogoutSignature), "true") {
return true
}
return false
}
func (a *Application) ProxyConfig() api.ProxyOutpostConfig { func (a *Application) ProxyConfig() api.ProxyOutpostConfig {
return a.proxyConfig return a.proxyConfig
} }

View file

@ -67,12 +67,13 @@ func NewProxyServer(ac *ak.APIController) *ProxyServer {
func (ps *ProxyServer) HandleHost(rw http.ResponseWriter, r *http.Request) bool { func (ps *ProxyServer) HandleHost(rw http.ResponseWriter, r *http.Request) bool {
a, _ := ps.lookupApp(r) a, _ := ps.lookupApp(r)
if a != nil { if a == nil {
if a.Mode() == api.PROXYMODE_PROXY { return false
}
if a.HasQuerySignature(r) || a.Mode() == api.PROXYMODE_PROXY {
a.ServeHTTP(rw, r) a.ServeHTTP(rw, r)
return true return true
} }
}
return false return false
} }

View file

@ -9,7 +9,6 @@ import (
"time" "time"
"github.com/prometheus/client_golang/prometheus" "github.com/prometheus/client_golang/prometheus"
"goauthentik.io/internal/outpost/proxyv2/application"
"goauthentik.io/internal/utils/sentry" "goauthentik.io/internal/utils/sentry"
) )
@ -52,9 +51,7 @@ func (ws *WebServer) configureProxy() {
} }
before := time.Now() before := time.Now()
if ws.ProxyServer != nil { if ws.ProxyServer != nil {
_, oauthCallbackSet := r.URL.Query()[application.CallbackSignature] if ws.ProxyServer.HandleHost(rw, r) {
_, logoutSet := r.URL.Query()[application.LogoutSignature]
if ws.ProxyServer.HandleHost(rw, r) || oauthCallbackSet || logoutSet {
Requests.With(prometheus.Labels{ Requests.With(prometheus.Labels{
"dest": "embedded_outpost", "dest": "embedded_outpost",
}).Observe(float64(time.Since(before))) }).Observe(float64(time.Since(before)))