outpost/embedded: only send requests for non-akprox paths when we're doing proxy mode

Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer 2021-08-29 21:13:28 +02:00
parent 0c6e781e5b
commit cc2cd6919f
2 changed files with 12 additions and 4 deletions

View file

@ -25,6 +25,7 @@ type providerBundle struct {
Host string
endSessionUrl string
Mode *api.ProxyMode
cert *tls.Certificate
@ -49,6 +50,10 @@ func (pb *providerBundle) replaceLocal(url string) string {
}
func (pb *providerBundle) prepareOpts(provider api.ProxyOutpostConfig) *options.Options {
// We need to save the mode in the bundle
// Since for the embedded outpost we only switch for fully proxy providers
pb.Mode = provider.Mode
externalHost, err := url.Parse(provider.ExternalHost)
if err != nil {
log.WithError(err).Warning("Failed to parse URL, skipping provider")

View file

@ -6,6 +6,7 @@ import (
"net/http/httputil"
"net/url"
"goauthentik.io/api"
"goauthentik.io/internal/utils/web"
)
@ -36,10 +37,12 @@ func (ws *WebServer) configureProxy() {
ws.m.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) {
host := web.GetHost(r)
if ws.ProxyServer != nil {
if _, ok := ws.ProxyServer.Handlers[host]; ok {
ws.log.WithField("host", host).Trace("routing to proxy outpost")
ws.ProxyServer.Handler(rw, r)
return
if p, ok := ws.ProxyServer.Handlers[host]; ok {
if *p.Mode == api.PROXYMODE_PROXY {
ws.log.WithField("host", host).Trace("routing to proxy outpost")
ws.ProxyServer.Handler(rw, r)
return
}
}
}
ws.log.WithField("host", host).Trace("routing to application server")