3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-06 02:09:15 +02:00
Code Issues Projects Releases Packages Wiki Activity

authorize: show plain text error page for traefik and nginx (#3477)

Browse source
This commit is contained in:
Caleb Doxsey 2022-07-13 08:36:18 -06:00 committed by GitHub
parent d9274f0d19
commit ca8db7b619
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 23 deletions
Download patch file Download diff file Expand all files Collapse all files

55
authorize/check_response.go
View file

@ -93,32 +93,41 @@ func (a *Authorize) deniedResponse(
in *envoy_service_auth_v3.CheckRequest, in *envoy_service_auth_v3.CheckRequest,
code int32, reason string, headers map[string]string, code int32, reason string, headers map[string]string,
) (*envoy_service_auth_v3.CheckResponse, error) { ) (*envoy_service_auth_v3.CheckResponse, error) {
// create a http response writer recorder respBody := []byte(reason)
w := httptest.NewRecorder() respHeader := []*envoy_config_core_v3.HeaderValueOption{}
r := getHTTPRequestFromCheckRequest(in)
// build the user info / debug endpoint forwardAuthURL, _ := a.currentOptions.Load().GetForwardAuthURL()
debugEndpoint, _ := a.userInfoEndpointURL(in) // if there's an error, we just wont display it if forwardAuthURL == nil {
// create a http response writer recorder
w := httptest.NewRecorder()
r := getHTTPRequestFromCheckRequest(in)
// run the request through our go error handler // build the user info / debug endpoint
httpErr := httputil.HTTPError{ debugEndpoint, _ := a.userInfoEndpointURL(in) // if there's an error, we just wont display it
Status: int(code),
Err: errors.New(reason), // run the request through our go error handler
DebugURL: debugEndpoint, httpErr := httputil.HTTPError{
RequestID: requestid.FromContext(ctx), Status: int(code),
Err: errors.New(reason),
DebugURL: debugEndpoint,
RequestID: requestid.FromContext(ctx),
}
httpErr.ErrorResponse(w, r)
// transpose the go http response writer into a envoy response
resp := w.Result()
defer resp.Body.Close()
var err error
respBody, err = io.ReadAll(resp.Body)
if err != nil {
log.Error(ctx).Err(err).Msg("error executing error template")
return nil, err
}
// convert go headers to envoy headers
respHeader = append(respHeader, toEnvoyHeaders(resp.Header)...)
} else {
respHeader = append(respHeader, mkHeader("Content-Type", "text/plain", false))
} }
httpErr.ErrorResponse(w, r)
// transpose the go http response writer into a envoy response
resp := w.Result()
defer resp.Body.Close()
respBody, err := io.ReadAll(resp.Body)
if err != nil {
log.Error(ctx).Err(err).Msg("error executing error template")
return nil, err
}
// convert go headers to envoy headers
respHeader := toEnvoyHeaders(resp.Header)
// add any additional headers // add any additional headers
for k, v := range headers { for k, v := range headers {