You've already forked oauth2-proxy
mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2025-06-15 00:15:00 +02:00
Support the PreferEmailToUser option on PassUserHeaders
Previously in #401, an option was added to support forwarding the email address as the username to the upstream service when the PassBasicAuth option is used. The PassBasicAuth option is not appropriate for all users, with PassUserHeaders allowing very similar functionality without specifying a basic auth headers. The PreferEmailToUser option has been expanded to support the PassUserHeaders option.
This commit is contained in:
Jordan Crawford
@ -959,12 +959,18 @@ func (p *OAuthProxy) addHeadersForProxying(rw http.ResponseWriter, req *http.Req
|
||||
}
|
||||
|
||||
if p.PassUserHeaders {
|
||||
req.Header["X-Forwarded-User"] = []string{session.User}
|
||||
if session.Email != "" {
|
||||
req.Header["X-Forwarded-Email"] = []string{session.Email}
|
||||
} else {
|
||||
if p.PreferEmailToUser && session.Email != "" {
|
||||
req.Header["X-Forwarded-User"] = []string{session.Email}
|
||||
req.Header.Del("X-Forwarded-Email")
|
||||
} else {
|
||||
req.Header["X-Forwarded-User"] = []string{session.User}
|
||||
if session.Email != "" {
|
||||
req.Header["X-Forwarded-Email"] = []string{session.Email}
|
||||
} else {
|
||||
req.Header.Del("X-Forwarded-Email")
|
||||
}
|
||||
}
|
||||
|
||||
if session.PreferredUsername != "" {
|
||||
req.Header["X-Forwarded-Preferred-Username"] = []string{session.PreferredUsername}
|
||||
} else {
|
||||
|
||||
Reference in New Issue
Block a user