barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2026-03-13 18:22:02 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: make a x forwarded uri an non required header

Browse Source
This commit is contained in:
Stavros
2026-03-12 16:26:38 +02:00
parent 9eb2d33064
commit 016a954963
2 changed files with 14 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
internal/controller/proxy_controller.go
View File

@@ -90,10 +90,13 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
tlog.App.Debug().Msg("Request identified as (most likely) coming from a non-browser client")
}
uri, ok := controller.requireHeader(c, "x-forwarded-uri")
uri, ok := controller.getHeader(c, "x-forwarded-uri")
if !ok {
return
originalUri, ok := controller.getHeader(c, "x-original-uri")
if ok {
uri = originalUri
}
}
host, ok := controller.requireHeader(c, "x-forwarded-host")
@@ -334,8 +337,8 @@ func (controller *ProxyController) handleError(c *gin.Context, req Proxy, isBrow
}
func (controller *ProxyController) requireHeader(c *gin.Context, header string) (string, bool) {
val := c.Request.Header.Get(header)
if strings.TrimSpace(val) == "" {
val, ok := controller.getHeader(c, header)
if !ok {
tlog.App.Error().Str("header", header).Msg("Header not found")
c.JSON(400, gin.H{
"status": 400,
@@ -345,3 +348,8 @@ func (controller *ProxyController) requireHeader(c *gin.Context, header string)
}
return val, true
}
func (controller *ProxyController) getHeader(c *gin.Context, header string) (string, bool) {
val := c.Request.Header.Get(header)
return val, strings.TrimSpace(val) != ""
}

4
internal/controller/proxy_controller_test.go
View File

@@ -145,7 +145,7 @@ func TestProxyHandler(t *testing.T) {
req = httptest.NewRequest("GET", "/api/auth/nginx", nil)
req.Header.Set("X-Forwarded-Proto", "https")
req.Header.Set("X-Forwarded-Host", "example.com")
req.Header.Set("X-Forwarded-Uri", "/somepath")
// we won't set X-Forwarded-Uri to test that the controller can work without it
router.ServeHTTP(recorder, req)
assert.Equal(t, 401, recorder.Code)
@@ -171,7 +171,7 @@ func TestProxyHandler(t *testing.T) {
req = httptest.NewRequest("GET", "/api/auth/traefik", nil)
req.Header.Set("X-Forwarded-Proto", "https")
req.Header.Set("X-Forwarded-Host", "example.com")
req.Header.Set("X-Forwarded-Uri", "/somepath")
req.Header.Set("X-Original-Uri", "/somepath") // Test with original URI for kubernetes ingress
req.Header.Set("Accept", "text/html")
router.ServeHTTP(recorder, req)