3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-03 01:48:02 +02:00
Code Issues Projects Releases Packages Wiki Activity

authorize: add support for .pomerium and unauthenticated routes (#639)

Browse source 
* authorize: add support for .pomerium and unauthenticated routes
integration-tests: add test for forward auth dashboard urls

* proxy: fix ctx error test to return a 200 when authorize allows it
This commit is contained in:
Caleb Doxsey 2020-04-29 10:55:46 -06:00 committed by GitHub
parent e5c7c5b27e
commit b1d3bbaf56
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 158 additions and 69 deletions
Download patch file Download diff file Expand all files Collapse all files

15
authorize/grpc.go
View file

@ -8,6 +8,7 @@ import (
"github.com/pomerium/pomerium/authorize/evaluator"
"github.com/pomerium/pomerium/internal/grpc/authorize"
"github.com/pomerium/pomerium/internal/log"
"github.com/pomerium/pomerium/internal/telemetry/trace"
)
@ -25,7 +26,19 @@ func (a *Authorize) IsAuthorized(ctx context.Context, in *authorize.IsAuthorized
RemoteAddr: in.GetRequestRemoteAddr(),
URL: getFullURL(in.GetRequestUrl(), in.GetRequestHost()),
}
return a.pe.IsAuthorized(ctx, req)
reply, err := a.pe.IsAuthorized(ctx, req)
log.Info().
// request
Str("method", req.Method).
Str("url", req.URL).
// reply
Bool("allow", reply.Allow).
Strs("deny-reasons", reply.DenyReasons).
Str("user", reply.User).
Str("email", reply.Email).
Strs("groups", reply.Groups).
Msg("authorize.grpc.IsAuthorized")
return reply, err
}
type protoHeader map[string]*authorize.IsAuthorizedRequest_Headers