oauth2-proxy/pkg/apis/middleware/scope.go

package middleware

import (
	"context"
	"net/http"

	"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions"
)

type scopeKey string

// RequestScopeKey uses a typed string to reduce likelihood of clashing
// with other context keys
const RequestScopeKey scopeKey = "request-scope"

// RequestScope contains information regarding the request that is being made.
// The RequestScope is used to pass information between different middlewares
// within the chain.
type RequestScope struct {
	// ReverseProxy tracks whether OAuth2-Proxy is operating in reverse proxy
	// mode and if request `X-Forwarded-*` headers should be trusted
	ReverseProxy bool

	// RequestID is set to the request's `X-Request-Id` header if set.
	// Otherwise a random UUID is set.
	RequestID string

	// Session details the authenticated users information (if it exists).
	Session *sessions.SessionState

	// SaveSession indicates whether the session storage should attempt to save
	// the session or not.
	SaveSession bool

	// ClearSession indicates whether the user should be logged out or not.
	ClearSession bool

	// SessionRevalidated indicates whether the session has been revalidated since
	// it was loaded or not.
	SessionRevalidated bool

	// Upstream tracks which upstream was used for this request
	Upstream string
}

// GetRequestScope returns the current request scope from the given request
func GetRequestScope(req *http.Request) *RequestScope {
	scope := req.Context().Value(RequestScopeKey)
	if scope == nil {
		return nil
	}

	return scope.(*RequestScope)
}

// AddRequestScope adds a RequestScope to a request
func AddRequestScope(req *http.Request, scope *RequestScope) *http.Request {
	ctx := context.WithValue(req.Context(), RequestScopeKey, scope)
	return req.WithContext(ctx)
}
Add request scope middleware 2020-07-04 18:41:58 +01:00			`package middleware`

			`import (`
Refactor organization of scope aware request utils Reorganized the structure of the Request Utils due to their widespread use resulting in circular imports issues (mostly because of middleware & logger). 2021-01-02 13:16:01 -08:00			`"context"`
			`"net/http"`

Fix import path for v7 (#800) * fix import path for v7 find ./ -name ".go" \| xargs sed -i -e 's\|"github.com/oauth2-proxy/oauth2-proxy\|"github.com/oauth2-proxy/oauth2-proxy/v7\|' fix module path * go mod tidy * fix installation docs * update CHANGELOG * Update CHANGELOG.md Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk> 2020-09-30 01:44:42 +09:00			`"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/sessions"`
Add request scope middleware 2020-07-04 18:41:58 +01:00			`)`

Refactor organization of scope aware request utils Reorganized the structure of the Request Utils due to their widespread use resulting in circular imports issues (mostly because of middleware & logger). 2021-01-02 13:16:01 -08:00			`type scopeKey string`

			`// RequestScopeKey uses a typed string to reduce likelihood of clashing`
			`// with other context keys`
			`const RequestScopeKey scopeKey = "request-scope"`

Add request scope middleware 2020-07-04 18:41:58 +01:00			`// RequestScope contains information regarding the request that is being made.`
			`// The RequestScope is used to pass information between different middlewares`
			`// within the chain.`
			`type RequestScope struct {`
Track the ReverseProxy option in the request Scope This allows for proper handling of reverse proxy based headers throughout the lifecycle of a request. 2020-12-23 17:42:02 -08:00			`// ReverseProxy tracks whether OAuth2-Proxy is operating in reverse proxy`
			// mode and if request `X-Forwarded-*` headers should be trusted
			`ReverseProxy bool`

Request ID Logging (#1087) * Add RequestID to the RequestScope * Expose RequestID to auth & request loggers * Use the RequestID in templated HTML pages * Allow customizing the RequestID header * Document new Request ID support * Add more cases to scope/requestID tests * Split Get vs Generate RequestID funtionality * Add {{.RequestID}} to the request logger tests * Move RequestID management to RequestScope * Use HTML escape instead of sanitization for Request ID rendering 2021-03-21 11:20:57 -07:00			// RequestID is set to the request's `X-Request-Id` header if set.
			`// Otherwise a random UUID is set.`
			`RequestID string`

Add request scope middleware 2020-07-04 18:41:58 +01:00			`// Session details the authenticated users information (if it exists).`
			`Session *sessions.SessionState`

			`// SaveSession indicates whether the session storage should attempt to save`
			`// the session or not.`
			`SaveSession bool`

			`// ClearSession indicates whether the user should be logged out or not.`
			`ClearSession bool`

			`// SessionRevalidated indicates whether the session has been revalidated since`
			`// it was loaded or not.`
			`SessionRevalidated bool`
Move Logging to Middleware Package (#1070) * Use a specialized ResponseWriter in middleware * Track User & Upstream in RequestScope * Wrap responses in our custom ResponseWriter * Add tests for logging middleware * Inject upstream metadata into request scope * Use custom ResponseWriter only in logging middleware * Assume RequestScope is never nil 2021-03-06 09:27:16 -08:00
			`// Upstream tracks which upstream was used for this request`
			`Upstream string`
Add request scope middleware 2020-07-04 18:41:58 +01:00			`}`
Refactor organization of scope aware request utils Reorganized the structure of the Request Utils due to their widespread use resulting in circular imports issues (mostly because of middleware & logger). 2021-01-02 13:16:01 -08:00
			`// GetRequestScope returns the current request scope from the given request`
			`func GetRequestScope(req http.Request) RequestScope {`
			`scope := req.Context().Value(RequestScopeKey)`
			`if scope == nil {`
			`return nil`
			`}`

			`return scope.(*RequestScope)`
			`}`

			`// AddRequestScope adds a RequestScope to a request`
			`func AddRequestScope(req http.Request, scope RequestScope) *http.Request {`
			`ctx := context.WithValue(req.Context(), RequestScopeKey, scope)`
			`return req.WithContext(ctx)`
			`}`