3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-12 16:47:41 +02:00
Code Issues Projects Releases Packages Wiki Activity

envoy: forward claim and assertion headers (#739)

Browse source
This commit is contained in:
Caleb Doxsey 2020-05-20 10:02:12 -06:00 committed by GitHub
parent 2275bb8ad4
commit f40fb3d2ea
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
2 changed files with 5 additions and 2 deletions
Download patch file Download diff file Expand all files Collapse all files

2
proxy/forward_auth.go
View file

@ -117,7 +117,7 @@ func (p *Proxy) Verify(verifyOnly bool) http.Handler {
}
original := p.getOriginalRequest(r, uri)
authorized, err := p.isAuthorized(original)
authorized, err := p.isAuthorized(w, original)
if err != nil {
return httputil.NewError(http.StatusBadRequest, err)
}

5
proxy/middleware.go
View file

@ -45,7 +45,7 @@ func (p *Proxy) redirectToSignin(w http.ResponseWriter, r *http.Request) error {
return nil
}
func (p *Proxy) isAuthorized(r *http.Request) (bool, error) {
func (p *Proxy) isAuthorized(w http.ResponseWriter, r *http.Request) (bool, error) {
tm, err := ptypes.TimestampProto(time.Now())
if err != nil {
return false, httputil.NewError(http.StatusInternalServerError, fmt.Errorf("error creating protobuf timestamp from current time: %w", err))
@ -81,6 +81,9 @@ func (p *Proxy) isAuthorized(r *http.Request) (bool, error) {
switch res.HttpResponse.(type) {
case *envoy_service_auth_v2.CheckResponse_OkResponse:
for _, hdr := range res.GetOkResponse().GetHeaders() {
w.Header().Set(hdr.GetHeader().GetKey(), hdr.GetHeader().GetValue())
}
return true, nil
default:
return false, nil