go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-03-25 22:00:56 +02:00
Code Issues Releases Activity

fix: do not add Cache-Control header to response from auth only endpoint

Browse Source 
fix 
related
This commit is contained in:
Mitsuo Heijo 2020-07-06 19:04:31 +09:00
parent 215aeec8b9
commit 4c1047866b
2 changed files with 62 additions and 11 deletions

2
oauthproxy.go

@ -679,7 +679,7 @@ func prepareNoCache(w http.ResponseWriter) {
} }
func (p *OAuthProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) { func (p *OAuthProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
if strings.HasPrefix(req.URL.Path, p.ProxyPrefix) { if req.URL.Path != p.AuthOnlyPath && strings.HasPrefix(req.URL.Path, p.ProxyPrefix) {
prepareNoCache(rw) prepareNoCache(rw)
} }

71
oauthproxy_test.go

@ -1805,7 +1805,7 @@ func Test_prepareNoCache(t *testing.T) {
} }
} }
func Test_noCacheHeadersDoesNotExistsInResponseHeadersFromUpstream(t *testing.T) { func Test_noCacheHeaders(t *testing.T) {
upstream := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { upstream := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
w.Write([]byte("upstream")) w.Write([]byte("upstream"))
})) }))
@ -1820,17 +1820,68 @@ func Test_noCacheHeadersDoesNotExistsInResponseHeadersFromUpstream(t *testing.T)
}) })
assert.NoError(t, err) assert.NoError(t, err)
rec := httptest.NewRecorder() t.Run("not exist in response from upstream", func(t *testing.T) {
req := httptest.NewRequest(http.MethodGet, "/upstream", nil) rec := httptest.NewRecorder()
proxy.ServeHTTP(rec, req) req := httptest.NewRequest(http.MethodGet, "/upstream", nil)
proxy.ServeHTTP(rec, req)
assert.Equal(t, http.StatusOK, rec.Code) assert.Equal(t, http.StatusOK, rec.Code)
assert.Equal(t, "upstream", rec.Body.String()) assert.Equal(t, "upstream", rec.Body.String())
// checking noCacheHeaders does not exists in response headers from upstream // checking noCacheHeaders does not exists in response headers from upstream
for k := range noCacheHeaders { for k := range noCacheHeaders {
assert.Equal(t, "", rec.Header().Get(k)) assert.Equal(t, "", rec.Header().Get(k))
} }
})
t.Run("has no-cache", func(t *testing.T) {
tests := []struct {
path string
hasNoCache bool
}{
{
path: "/oauth2/sign_in",
hasNoCache: true,
},
{
path: "/oauth2/sign_out",
hasNoCache: true,
},
{
path: "/oauth2/start",
hasNoCache: true,
},
{
path: "/oauth2/callback",
hasNoCache: true,
},
{
path: "/oauth2/auth",
hasNoCache: false,
},
{
path: "/oauth2/userinfo",
hasNoCache: true,
},
{
path: "/upstream",
hasNoCache: false,
},
}
for _, tt := range tests {
t.Run(tt.path, func(t *testing.T) {
rec := httptest.NewRecorder()
req := httptest.NewRequest(http.MethodGet, tt.path, nil)
proxy.ServeHTTP(rec, req)
cacheControl := rec.Result().Header.Get("Cache-Control")
if tt.hasNoCache != (strings.Contains(cacheControl, "no-cache")) {
t.Errorf(`unexpected "Cache-Control" header: %s`, cacheControl)
}
})
}
})
} }
func baseTestOptions() *options.Options { func baseTestOptions() *options.Options {