3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-10 23:57:34 +02:00
Code Issues Projects Releases Packages Wiki Activity

authorize: use opa for policy engine (#474)

Browse source 
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
Bobby DeSimone 2020-02-02 11:18:22 -08:00 committed by GitHub
parent 111aa8f4d5
commit 2f13488598
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
45 changed files with 1022 additions and 872 deletions
Download patch file Download diff file Expand all files Collapse all files

5
proxy/forward_auth.go
View file

@ -81,7 +81,7 @@ func (p *Proxy) Verify(verifyOnly bool) http.Handler {
return httputil.NewError(http.StatusBadRequest, err)
}
s, err := sessions.FromContext(r.Context())
s, _, err := sessions.FromContext(r.Context())
if errors.Is(err, sessions.ErrNoSessionFound) || errors.Is(err, sessions.ErrExpired) {
if verifyOnly {
return httputil.NewError(http.StatusUnauthorized, err)
@ -104,7 +104,8 @@ func (p *Proxy) Verify(verifyOnly bool) http.Handler {
return httputil.NewError(http.StatusUnauthorized, err)
}
p.addPomeriumHeaders(w, r)
if err := p.authorize(uri.Host, r); err != nil {
r.Host = uri.Host
if err := p.authorize(r); err != nil {
return err
}