outposts/proxy: fix redirect URL error due to callback url not being joined correctly

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
2021-09-10 16:19:29 +02:00 · 2021-09-10 16:19:29 +02:00 · 9a79bab43d
parent e229eda96e
commit 9a79bab43d
2 changed files with 13 additions and 3 deletions
--- a/internal/outpost/proxyv2/application/application.go
+++ b/internal/outpost/proxyv2/application/application.go
@ -4,7 +4,6 @@ import (
 	"context"
 	"crypto/tls"
 	"encoding/gob"
-	"fmt"
 	"net/http"
 	"net/url"
 	"regexp"
@ -70,7 +69,7 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
 	oauth2Config := oauth2.Config{
 		ClientID:     *p.ClientId,
 		ClientSecret: *p.ClientSecret,
-		RedirectURL:  fmt.Sprintf("%s/akprox/callback", p.ExternalHost),
+		RedirectURL:  urlJoin(p.ExternalHost, "/akprox/callback"),
 		Endpoint:     endpoint.Endpoint,
 		Scopes:       []string{oidc.ScopeOpenID, "profile", "email", "ak_proxy"},
 	}
--- a/internal/outpost/proxyv2/application/utils.go
+++ b/internal/outpost/proxyv2/application/utils.go
@ -3,13 +3,24 @@ package application
 import (
 	"fmt"
 	"net/http"
+	"net/url"
+	"path"
 	"strconv"

 	"goauthentik.io/internal/outpost/proxyv2/constants"
 )

+func urlJoin(originalUrl string, newPath string) string {
+	u, err := url.Parse(originalUrl)
+	if err != nil {
+		return originalUrl
+	}
+	u.Path = path.Join(u.Path, newPath)
+	return u.String()
+}
+
 func (a *Application) redirectToStart(rw http.ResponseWriter, r *http.Request) {
-	authUrl := fmt.Sprintf("%s/akprox/start", a.proxyConfig.ExternalHost)
+	authUrl := urlJoin(a.proxyConfig.ExternalHost, "/akprox/start")
 	http.Redirect(rw, r, authUrl, http.StatusFound)
 }