outposts/proxy: make templates more re-usable

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-12-20 22:20:23 +01:00
parent 37ee555c8e
commit cac5c7b3ea
4 changed files with 44 additions and 35 deletions

View file

@ -5,6 +5,7 @@ import (
"crypto/tls"
"encoding/gob"
"fmt"
"html/template"
"net/http"
"net/url"
"regexp"
@ -24,6 +25,7 @@ import (
"goauthentik.io/internal/outpost/proxyv2/constants"
"goauthentik.io/internal/outpost/proxyv2/hs256"
"goauthentik.io/internal/outpost/proxyv2/metrics"
"goauthentik.io/internal/outpost/proxyv2/templates"
"goauthentik.io/internal/utils/web"
"golang.org/x/oauth2"
)
@ -44,6 +46,8 @@ type Application struct {
log *log.Entry
mux *mux.Router
errorTemplates *template.Template
}
func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore, ak *ak.APIController) (*Application, error) {
@ -79,15 +83,16 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore
}
mux := mux.NewRouter()
a := &Application{
Host: externalHost.Host,
log: log.WithField("logger", "authentik.outpost.proxy.bundle").WithField("provider", p.Name),
outpostName: ak.Outpost.Name,
endpint: endpoint,
oauthConfig: oauth2Config,
tokenVerifier: verifier,
proxyConfig: p,
httpClient: c,
mux: mux,
Host: externalHost.Host,
log: log.WithField("logger", "authentik.outpost.proxy.bundle").WithField("provider", p.Name),
outpostName: ak.Outpost.Name,
endpint: endpoint,
oauthConfig: oauth2Config,
tokenVerifier: verifier,
proxyConfig: p,
httpClient: c,
mux: mux,
errorTemplates: templates.GetTemplates(),
}
a.sessions = a.getStore(p)
mux.Use(web.NewLoggingHandler(muxLogger, func(l *log.Entry, r *http.Request) *log.Entry {

View file

@ -2,33 +2,38 @@ package application
import (
"fmt"
"html/template"
"net/http"
log "github.com/sirupsen/logrus"
)
// NewProxyErrorHandler creates a ProxyErrorHandler using the template given.
func (a *Application) newProxyErrorHandler(errorTemplate *template.Template) func(http.ResponseWriter, *http.Request, error) {
return func(rw http.ResponseWriter, req *http.Request, proxyErr error) {
claims, _ := a.getClaims(req)
log.WithError(proxyErr).Warning("Error proxying to upstream server")
rw.WriteHeader(http.StatusBadGateway)
data := struct {
Title string
Message string
ProxyPrefix string
}{
Title: "Bad Gateway",
Message: "Error proxying to upstream server",
ProxyPrefix: "/akprox",
}
if claims != nil {
data.Message = fmt.Sprintf("Error proxying to upstream server: %s", proxyErr.Error())
}
err := errorTemplate.Execute(rw, data)
if err != nil {
http.Error(rw, "Internal Server Error", http.StatusInternalServerError)
}
type ErrorPageData struct {
Title string
Message string
ProxyPrefix string
}
func (a *Application) ErrorPage(rw http.ResponseWriter, r *http.Request, err string) {
claims, _ := a.getClaims(r)
data := ErrorPageData{
Title: "Bad Gateway",
Message: "Error proxying to upstream server",
ProxyPrefix: "/akprox",
}
if claims != nil && len(err) > 0 {
data.Message = err
}
er := a.errorTemplates.Execute(rw, data)
if er != nil {
http.Error(rw, "Internal Server Error", http.StatusInternalServerError)
}
}
// NewProxyErrorHandler creates a ProxyErrorHandler using the template given.
func (a *Application) newProxyErrorHandler() func(http.ResponseWriter, *http.Request, error) {
return func(rw http.ResponseWriter, req *http.Request, proxyErr error) {
log.WithError(proxyErr).Warning("Error proxying to upstream server")
rw.WriteHeader(http.StatusBadGateway)
a.ErrorPage(rw, req, fmt.Sprintf("Error proxying to upstream server: %s", proxyErr.Error()))
}
}

View file

@ -13,7 +13,6 @@ import (
log "github.com/sirupsen/logrus"
"goauthentik.io/internal/outpost/ak"
"goauthentik.io/internal/outpost/proxyv2/metrics"
"goauthentik.io/internal/outpost/proxyv2/templates"
"goauthentik.io/internal/utils/web"
)
@ -32,7 +31,7 @@ func (a *Application) configureProxy() error {
rp := &httputil.ReverseProxy{Director: a.proxyModifyRequest(u)}
rsp := sentry.StartSpan(context.TODO(), "authentik.outposts.proxy.application_transport")
rp.Transport = ak.NewTracingTransport(rsp.Context(), a.getUpstreamTransport())
rp.ErrorHandler = a.newProxyErrorHandler(templates.GetTemplates())
rp.ErrorHandler = a.newProxyErrorHandler()
rp.ModifyResponse = a.proxyModifyResponse
a.mux.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
claims, err := a.getClaims(r)

View file

@ -10,7 +10,7 @@ import (
var ErrorTemplate string
func GetTemplates() *template.Template {
t, err := template.New("foo").Parse(ErrorTemplate)
t, err := template.New("authentik.outpost.proxy.errors").Parse(ErrorTemplate)
if err != nil {
log.Fatalf("failed parsing template %s", err)
}