3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-25 14:08:09 +02:00
Code Issues Projects Releases Packages Wiki Activity

forward-auth: fix special character support for nginx (#1578)

Browse source
This commit is contained in:
bobby 2020-11-12 10:10:57 -08:00 committed by GitHub
parent eb19d6e125
commit c199909032
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 17 additions and 10 deletions
Download patch file Download diff file Expand all files Collapse all files

7
proxy/forward_auth.go
View file

@ -16,7 +16,6 @@ import (
// see : https://www.pomerium.io/configuration/#forward-auth
func (p *Proxy) registerFwdAuthHandlers() http.Handler {
r := httputil.NewRouter()
// NGNIX's forward-auth capabilities are split across two settings:
// `auth-url` and `auth-signin` which correspond to `verify` and `auth-url`
//
@ -46,9 +45,9 @@ func (p *Proxy) registerFwdAuthHandlers() http.Handler {
r.Handle("/", httputil.HandlerFunc(p.startAuthN)).
Queries(urlutil.QueryForwardAuthURI, "{uri}")
// nginx 2 / traefik 1: verify and then start authenticate flow
r.Handle("/", httputil.HandlerFunc(p.allowUpstream))
// otherwise, send a 200 OK for any other route.
// these routes do _not_ enforce authZ, they are helper routes.
r.NotFoundHandler = httputil.HandlerFunc(p.allowUpstream)
return r
}