shaba/traefik
1
0
Fork 0
mirror of https://github.com/containous/traefik.git synced 2025-01-13 13:17:51 +03:00
Code Releases Activity

Forward Authentication: add X-Forwarded-Uri

Browse Source
This commit is contained in:
Sebastian Bauer 2017-12-10 00:58:21 +01:00 committed by Ludovic Fernandez
parent c446c291d9
commit 328be161d6
2 changed files with 42 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

12
middlewares/auth/forward.go
View File

@ -12,6 +12,10 @@ import (
"github.com/vulcand/oxy/utils" "github.com/vulcand/oxy/utils"
) )
const (
xForwardedURI = "X-Forwarded-Uri"
)
// Forward the authentication to a external server // Forward the authentication to a external server
func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next http.HandlerFunc) { func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next http.HandlerFunc) {
@ -122,4 +126,12 @@ func writeHeader(req *http.Request, forwardReq *http.Request, trustForwardHeader
} else { } else {
forwardReq.Header.Del(forward.XForwardedHost) forwardReq.Header.Del(forward.XForwardedHost)
} }
if xfURI := req.Header.Get(xForwardedURI); xfURI != "" && trustForwardHeader {
forwardReq.Header.Set(xForwardedURI, xfURI)
} else if req.URL.RequestURI() != "" {
forwardReq.Header.Set(xForwardedURI, req.URL.RequestURI())
} else {
forwardReq.Header.Del(xForwardedURI)
}
} }

32
middlewares/auth/forward_test.go
View File

@ -215,12 +215,40 @@ func Test_writeHeader(t *testing.T) {
"X-Forwarded-Host": "", "X-Forwarded-Host": "",
}, },
}, },
{
name: "trust Forward Header with forwarded URI",
headers: map[string]string{
"Accept": "application/json",
"X-Forwarded-Host": "fii.bir",
"X-Forwarded-Uri": "/forward?q=1",
},
trustForwardHeader: true,
expectedHeaders: map[string]string{
"Accept": "application/json",
"X-Forwarded-Host": "fii.bir",
"X-Forwarded-Uri": "/forward?q=1",
},
},
{
name: "not trust Forward Header with forward requested URI",
headers: map[string]string{
"Accept": "application/json",
"X-Forwarded-Host": "fii.bir",
"X-Forwarded-Uri": "/forward?q=1",
},
trustForwardHeader: false,
expectedHeaders: map[string]string{
"Accept": "application/json",
"X-Forwarded-Host": "foo.bar",
"X-Forwarded-Uri": "/path?q=1",
},
},
} }
for _, test := range testCases { for _, test := range testCases {
t.Run(test.name, func(t *testing.T) { t.Run(test.name, func(t *testing.T) {
req := testhelpers.MustNewRequest(http.MethodGet, "http://foo.bar", nil) req := testhelpers.MustNewRequest(http.MethodGet, "http://foo.bar/path?q=1", nil)
for key, value := range test.headers { for key, value := range test.headers {
req.Header.Set(key, value) req.Header.Set(key, value)
} }
@ -229,7 +257,7 @@ func Test_writeHeader(t *testing.T) {
req.Host = "" req.Host = ""
} }
forwardReq := testhelpers.MustNewRequest(http.MethodGet, "http://foo.bar", nil) forwardReq := testhelpers.MustNewRequest(http.MethodGet, "http://foo.bar/path?q=1", nil)
writeHeader(req, forwardReq, test.trustForwardHeader) writeHeader(req, forwardReq, test.trustForwardHeader)