outposts/proxy: handle redirect loop in start handler, show error message
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
parent
e53114a645
commit
f10b57ba0b
|
@ -60,11 +60,6 @@ func (a *Application) forwardHandleTraefik(rw http.ResponseWriter, r *http.Reque
|
|||
s.Values[constants.SessionLoopDetection] = 1
|
||||
} else {
|
||||
s.Values[constants.SessionLoopDetection] = val.(int) + 1
|
||||
if val.(int) > 10 {
|
||||
a.log.Error("Stopped redirect loop")
|
||||
rw.WriteHeader(http.StatusBadRequest)
|
||||
return
|
||||
}
|
||||
}
|
||||
}
|
||||
err = s.Save(r, rw)
|
||||
|
|
|
@ -16,6 +16,13 @@ func (a *Application) handleRedirect(rw http.ResponseWriter, r *http.Request) {
|
|||
if err != nil {
|
||||
a.log.WithError(err).Warning("failed to save session")
|
||||
}
|
||||
if loop, ok := s.Values[constants.SessionLoopDetection]; ok {
|
||||
if loop.(int) > 10 {
|
||||
rw.WriteHeader(http.StatusBadRequest)
|
||||
a.ErrorPage(rw, r, "Detected redirect loop, make sure /akprox is accessible without authentication.")
|
||||
return
|
||||
}
|
||||
}
|
||||
http.Redirect(rw, r, a.oauthConfig.AuthCodeURL(state), http.StatusFound)
|
||||
}
|
||||
|
||||
|
|
Reference in New Issue