barbercollie/tinyauth
1
0
Fork 1
mirror of https://github.com/steveiliop56/tinyauth.git synced 2025-10-28 04:35:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: avoid queries panic

Browse Source
This commit is contained in:
Stavros
2025-09-02 01:25:38 +03:00
parent 3feb5d3930
commit 78deffb3df
2 changed files with 14 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

26
internal/controller/proxy_controller.go
View File

@@ -78,7 +78,6 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
clientIP := c.ClientIP() clientIP := c.ClientIP()
if controller.auth.IsBypassedIP(labels.IP, clientIP) { if controller.auth.IsBypassedIP(labels.IP, clientIP) {
c.Header("Authorization", c.Request.Header.Get("Authorization"))
controller.setHeaders(c, labels) controller.setHeaders(c, labels)
c.JSON(200, gin.H{ c.JSON(200, gin.H{
"status": 200, "status": 200,
@@ -165,18 +164,18 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
Resource: strings.Split(host, ".")[0], Resource: strings.Split(host, ".")[0],
}) })
if userContext.OAuth {
queries.Set("username", userContext.Email)
} else {
queries.Set("username", userContext.Username)
}
if err != nil { if err != nil {
log.Error().Err(err).Msg("Failed to encode unauthorized query") log.Error().Err(err).Msg("Failed to encode unauthorized query")
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.config.AppURL)) c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.config.AppURL))
return return
} }
if userContext.OAuth {
queries.Set("username", userContext.Email)
} else {
queries.Set("username", userContext.Username)
}
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", controller.config.AppURL, queries.Encode())) c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", controller.config.AppURL, queries.Encode()))
return return
} }
@@ -200,24 +199,23 @@ func (controller *ProxyController) proxyHandler(c *gin.Context) {
GroupErr: true, GroupErr: true,
}) })
if userContext.OAuth {
queries.Set("username", userContext.Email)
} else {
queries.Set("username", userContext.Username)
}
if err != nil { if err != nil {
log.Error().Err(err).Msg("Failed to encode unauthorized query") log.Error().Err(err).Msg("Failed to encode unauthorized query")
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.config.AppURL)) c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/error", controller.config.AppURL))
return return
} }
if userContext.OAuth {
queries.Set("username", userContext.Email)
} else {
queries.Set("username", userContext.Username)
}
c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", controller.config.AppURL, queries.Encode())) c.Redirect(http.StatusTemporaryRedirect, fmt.Sprintf("%s/unauthorized?%s", controller.config.AppURL, queries.Encode()))
return return
} }
} }
c.Header("Authorization", c.Request.Header.Get("Authorization"))
c.Header("Remote-User", utils.SanitizeHeader(userContext.Username)) c.Header("Remote-User", utils.SanitizeHeader(userContext.Username))
c.Header("Remote-Name", utils.SanitizeHeader(userContext.Name)) c.Header("Remote-Name", utils.SanitizeHeader(userContext.Name))
c.Header("Remote-Email", utils.SanitizeHeader(userContext.Email)) c.Header("Remote-Email", utils.SanitizeHeader(userContext.Email))

4
internal/service/oauth_broker_service.go
View File

@@ -46,10 +46,10 @@ func (broker *OAuthBrokerService) Init() error {
for name, service := range broker.services { for name, service := range broker.services {
err := service.Init() err := service.Init()
if err != nil { if err != nil {
log.Error().Err(err).Msgf("Failed to initialize OAuth service: %s", name) log.Error().Err(err).Msgf("Failed to initialize OAuth service: %T", name)
return err return err
} }
log.Info().Msgf("Initialized OAuth service: %s", name) log.Info().Msgf("Initialized OAuth service: %T", name)
} }
return nil return nil