outposts/proxy: make templates more re-usable
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
37ee555c8e
commit
cac5c7b3ea
|
@ -5,6 +5,7 @@ import (
|
|||
"crypto/tls"
|
||||
"encoding/gob"
|
||||
"fmt"
|
||||
"html/template"
|
||||
"net/http"
|
||||
"net/url"
|
||||
"regexp"
|
||||
|
@ -24,6 +25,7 @@ import (
|
|||
"goauthentik.io/internal/outpost/proxyv2/constants"
|
||||
"goauthentik.io/internal/outpost/proxyv2/hs256"
|
||||
"goauthentik.io/internal/outpost/proxyv2/metrics"
|
||||
"goauthentik.io/internal/outpost/proxyv2/templates"
|
||||
"goauthentik.io/internal/utils/web"
|
||||
"golang.org/x/oauth2"
|
||||
)
|
||||
|
@ -44,6 +46,8 @@ type Application struct {
|
|||
|
||||
log *log.Entry
|
||||
mux *mux.Router
|
||||
|
||||
errorTemplates *template.Template
|
||||
}
|
||||
|
||||
func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore, ak *ak.APIController) (*Application, error) {
|
||||
|
@ -79,15 +83,16 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
|
|||
}
|
||||
mux := mux.NewRouter()
|
||||
a := &Application{
|
||||
Host: externalHost.Host,
|
||||
log: log.WithField("logger", "authentik.outpost.proxy.bundle").WithField("provider", p.Name),
|
||||
outpostName: ak.Outpost.Name,
|
||||
endpint: endpoint,
|
||||
oauthConfig: oauth2Config,
|
||||
tokenVerifier: verifier,
|
||||
proxyConfig: p,
|
||||
httpClient: c,
|
||||
mux: mux,
|
||||
Host: externalHost.Host,
|
||||
log: log.WithField("logger", "authentik.outpost.proxy.bundle").WithField("provider", p.Name),
|
||||
outpostName: ak.Outpost.Name,
|
||||
endpint: endpoint,
|
||||
oauthConfig: oauth2Config,
|
||||
tokenVerifier: verifier,
|
||||
proxyConfig: p,
|
||||
httpClient: c,
|
||||
mux: mux,
|
||||
errorTemplates: templates.GetTemplates(),
|
||||
}
|
||||
a.sessions = a.getStore(p)
|
||||
mux.Use(web.NewLoggingHandler(muxLogger, func(l *log.Entry, r *http.Request) *log.Entry {
|
||||
|
|
|
@ -2,33 +2,38 @@ package application
|
|||
|
||||
import (
|
||||
"fmt"
|
||||
"html/template"
|
||||
"net/http"
|
||||
|
||||
log "github.com/sirupsen/logrus"
|
||||
)
|
||||
|
||||
// NewProxyErrorHandler creates a ProxyErrorHandler using the template given.
|
||||
func (a *Application) newProxyErrorHandler(errorTemplate *template.Template) func(http.ResponseWriter, *http.Request, error) {
|
||||
return func(rw http.ResponseWriter, req *http.Request, proxyErr error) {
|
||||
claims, _ := a.getClaims(req)
|
||||
log.WithError(proxyErr).Warning("Error proxying to upstream server")
|
||||
rw.WriteHeader(http.StatusBadGateway)
|
||||
data := struct {
|
||||
Title string
|
||||
Message string
|
||||
ProxyPrefix string
|
||||
}{
|
||||
Title: "Bad Gateway",
|
||||
Message: "Error proxying to upstream server",
|
||||
ProxyPrefix: "/akprox",
|
||||
}
|
||||
if claims != nil {
|
||||
data.Message = fmt.Sprintf("Error proxying to upstream server: %s", proxyErr.Error())
|
||||
}
|
||||
err := errorTemplate.Execute(rw, data)
|
||||
if err != nil {
|
||||
http.Error(rw, "Internal Server Error", http.StatusInternalServerError)
|
||||
}
|
||||
type ErrorPageData struct {
|
||||
Title string
|
||||
Message string
|
||||
ProxyPrefix string
|
||||
}
|
||||
|
||||
func (a *Application) ErrorPage(rw http.ResponseWriter, r *http.Request, err string) {
|
||||
claims, _ := a.getClaims(r)
|
||||
data := ErrorPageData{
|
||||
Title: "Bad Gateway",
|
||||
Message: "Error proxying to upstream server",
|
||||
ProxyPrefix: "/akprox",
|
||||
}
|
||||
if claims != nil && len(err) > 0 {
|
||||
data.Message = err
|
||||
}
|
||||
er := a.errorTemplates.Execute(rw, data)
|
||||
if er != nil {
|
||||
http.Error(rw, "Internal Server Error", http.StatusInternalServerError)
|
||||
}
|
||||
}
|
||||
|
||||
// NewProxyErrorHandler creates a ProxyErrorHandler using the template given.
|
||||
func (a *Application) newProxyErrorHandler() func(http.ResponseWriter, *http.Request, error) {
|
||||
return func(rw http.ResponseWriter, req *http.Request, proxyErr error) {
|
||||
log.WithError(proxyErr).Warning("Error proxying to upstream server")
|
||||
rw.WriteHeader(http.StatusBadGateway)
|
||||
a.ErrorPage(rw, req, fmt.Sprintf("Error proxying to upstream server: %s", proxyErr.Error()))
|
||||
}
|
||||
}
|
||||
|
|
|
@ -13,7 +13,6 @@ import (
|
|||
log "github.com/sirupsen/logrus"
|
||||
"goauthentik.io/internal/outpost/ak"
|
||||
"goauthentik.io/internal/outpost/proxyv2/metrics"
|
||||
"goauthentik.io/internal/outpost/proxyv2/templates"
|
||||
"goauthentik.io/internal/utils/web"
|
||||
)
|
||||
|
||||
|
@ -32,7 +31,7 @@ func (a *Application) configureProxy() error {
|
|||
rp := &httputil.ReverseProxy{Director: a.proxyModifyRequest(u)}
|
||||
rsp := sentry.StartSpan(context.TODO(), "authentik.outposts.proxy.application_transport")
|
||||
rp.Transport = ak.NewTracingTransport(rsp.Context(), a.getUpstreamTransport())
|
||||
rp.ErrorHandler = a.newProxyErrorHandler(templates.GetTemplates())
|
||||
rp.ErrorHandler = a.newProxyErrorHandler()
|
||||
rp.ModifyResponse = a.proxyModifyResponse
|
||||
a.mux.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
|
||||
claims, err := a.getClaims(r)
|
||||
|
|
|
@ -10,7 +10,7 @@ import (
|
|||
var ErrorTemplate string
|
||||
|
||||
func GetTemplates() *template.Template {
|
||||
t, err := template.New("foo").Parse(ErrorTemplate)
|
||||
t, err := template.New("authentik.outpost.proxy.errors").Parse(ErrorTemplate)
|
||||
if err != nil {
|
||||
log.Fatalf("failed parsing template %s", err)
|
||||
}
|
||||
|
|
Reference in a new issue