3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-24 22:47:14 +02:00
Code Issues Projects Releases Packages Wiki Activity

core/authorize: result denied improvements (#4952)

Browse source 
* core/authorize: result denied improvements

* add authenticate robots.txt

* fix tests
This commit is contained in:
Caleb Doxsey 2024-02-01 16:16:33 -07:00 committed by GitHub
parent 61a9bd7c6b
commit 55eb2fa3dc
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
8 changed files with 19 additions and 91 deletions
Download patch file Download diff file Expand all files Collapse all files

17
authorize/check_response.go
View file

@ -136,6 +136,11 @@ func (a *Authorize) deniedResponse(
var respBody []byte
switch {
case getCheckRequestURL(in).Path == "/robots.txt":
code = 200
respBody = []byte("User-agent: *\nDisallow: /")
respHeader = append(respHeader,
mkHeader("Content-Type", "text/plain"))
case isJSONWebRequest(in):
respBody, _ = json.Marshal(map[string]any{
"error": reason,
@ -369,7 +374,11 @@ func isGRPCWebRequest(in *envoy_service_auth_v3.CheckRequest) bool {
return false
}
return accept.Acceptable("application/grpc-web-text")
mediaType, _ := accept.MostAcceptable([]string{
"text/html",
"application/grpc-web-text",
})
return mediaType == "application/grpc-web-text"
}
func isJSONWebRequest(in *envoy_service_auth_v3.CheckRequest) bool {
@ -388,7 +397,11 @@ func isJSONWebRequest(in *envoy_service_auth_v3.CheckRequest) bool {
return false
}
return accept.Acceptable("application/json")
mediaType, _ := accept.MostAcceptable([]string{
"text/html",
"application/json",
})
return mediaType == "application/json"
}
func getHeader(hdrs map[string]string, key string) string {