3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-06 10:21:05 +02:00
Code Issues Projects Releases Packages Wiki Activity

authorize: fix nginx infinite redirect (#2812)

Browse source
This commit is contained in:
Caleb Doxsey 2021-12-08 15:10:52 -07:00 committed by GitHub
parent 9eccefbece
commit 8778097bb9
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

8
authorize/grpc.go
View file

@ -76,15 +76,15 @@ func (a *Authorize) Check(ctx context.Context, in *envoy_service_auth_v3.CheckRe
return a.okResponse(res), nil return a.okResponse(res), nil
} }
if isForwardAuth && hreq.URL.Path == "/verify" {
return a.deniedResponse(ctx, in, http.StatusUnauthorized, "Unauthenticated", nil)
}
// if we're logged in, don't redirect, deny with forbidden // if we're logged in, don't redirect, deny with forbidden
if req.Session.ID != "" { if req.Session.ID != "" {
return a.deniedResponse(ctx, in, denyStatusCode, denyStatusText, nil) return a.deniedResponse(ctx, in, denyStatusCode, denyStatusText, nil)
} }
if isForwardAuth && hreq.URL.Path == "/verify" {
return a.deniedResponse(ctx, in, http.StatusUnauthorized, "Unauthenticated", nil)
}
return a.requireLoginResponse(ctx, in) return a.requireLoginResponse(ctx, in)
} }