providers/proxy: fix routing based on signature in traefik and caddy

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2022-09-02 22:03:08 +02:00
parent 3987f8e371
commit 8e7a456f74

View file

@ -37,6 +37,15 @@ func (a *Application) forwardHandleTraefik(rw http.ResponseWriter, r *http.Reque
http.Error(rw, "configuration error", http.StatusInternalServerError)
return
}
if strings.EqualFold(fwd.Query().Get(CallbackSignature), "true") {
a.log.Debug("handling OAuth Callback from querystring signature")
a.handleAuthCallback(rw, r)
return
} else if strings.EqualFold(fwd.Query().Get(LogoutSignature), "true") {
a.log.Debug("handling OAuth Logout from querystring signature")
a.handleSignOut(rw, r)
return
}
// Check if we're authenticated, or the request path is on the allowlist
claims, err := a.getClaims(r)
if claims != nil && err == nil {
@ -79,6 +88,15 @@ func (a *Application) forwardHandleCaddy(rw http.ResponseWriter, r *http.Request
http.Error(rw, "configuration error", http.StatusInternalServerError)
return
}
if strings.EqualFold(fwd.Query().Get(CallbackSignature), "true") {
a.log.Debug("handling OAuth Callback from querystring signature")
a.handleAuthCallback(rw, r)
return
} else if strings.EqualFold(fwd.Query().Get(LogoutSignature), "true") {
a.log.Debug("handling OAuth Logout from querystring signature")
a.handleSignOut(rw, r)
return
}
// Check if we're authenticated, or the request path is on the allowlist
claims, err := a.getClaims(r)
if claims != nil && err == nil {