SW/traefik
2
0
Fork 1
forked from Ivasoft/traefik
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Forward all header values from forward auth response

Browse Source
This commit is contained in:
ctas582
2019-04-10 16:18:06 +01:00
committed by Traefiker Bot
parent edd8e36dcc
commit 07e8042192
2 changed files with 10 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
middlewares/auth/forward.go
View File

@@ -96,7 +96,11 @@ func Forward(config *types.Forward, w http.ResponseWriter, r *http.Request, next
}
for _, headerName := range config.AuthResponseHeaders {
r.Header.Set(headerName, forwardResponse.Header.Get(headerName))
headerKey := http.CanonicalHeaderKey(headerName)
r.Header.Del(headerKey)
if len(forwardResponse.Header[headerKey]) > 0 {
r.Header[headerKey] = append([]string(nil), forwardResponse.Header[headerKey]...)
}
}
r.RequestURI = r.URL.RequestURI()

6
middlewares/auth/forward_test.go
View File

@@ -50,6 +50,8 @@ func TestForwardAuthFail(t *testing.T) {
func TestForwardAuthSuccess(t *testing.T) {
server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Header().Set("X-Auth-User", "user@example.com")
w.Header().Add("X-Auth-Group", "group1")
w.Header().Add("X-Auth-Group", "group2")
w.Header().Set("X-Auth-Secret", "secret")
fmt.Fprintln(w, "Success")
}))
@@ -58,13 +60,14 @@ func TestForwardAuthSuccess(t *testing.T) {
middleware, err := NewAuthenticator(&types.Auth{
Forward: &types.Forward{
Address: server.URL,
AuthResponseHeaders: []string{"X-Auth-User"},
AuthResponseHeaders: []string{"X-Auth-User", "X-Auth-Group"},
},
}, &tracing.Tracing{})
assert.NoError(t, err, "there should be no error")
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
assert.Equal(t, "user@example.com", r.Header.Get("X-Auth-User"))
assert.Equal(t, []string{"group1", "group2"}, r.Header["X-Auth-Group"])
assert.Empty(t, r.Header.Get("X-Auth-Secret"))
fmt.Fprintln(w, "traefik")
})
@@ -74,6 +77,7 @@ func TestForwardAuthSuccess(t *testing.T) {
defer ts.Close()
req := testhelpers.MustNewRequest(http.MethodGet, ts.URL, nil)
req.Header.Set("X-Auth-Group", "admin_group")
res, err := http.DefaultClient.Do(req)
assert.NoError(t, err, "there should be no error")
assert.Equal(t, http.StatusOK, res.StatusCode, "they should be equal")