go/oauth2-proxy
1
0
Fork 0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2025-04-21 12:17:22 +02:00
Code Issues Releases Activity

Merge pull request #746 from oauth2-proxy/fix-static

Browse Source 
Fix conversion of static responses in upstreams
This commit is contained in:
Joel Speed 2020-08-31 16:58:55 +01:00 committed by GitHub
commit 841bf77f7f
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
5 changed files with 39 additions and 19 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
CHANGELOG.md
View File

@ -9,6 +9,7 @@
## Changes since v6.1.0 ## Changes since v6.1.0
- [#729](https://github.com/oauth2-proxy/oauth2-proxy/pull/729) Use X-Forwarded-Host consistently when set (@NickMeves) - [#729](https://github.com/oauth2-proxy/oauth2-proxy/pull/729) Use X-Forwarded-Host consistently when set (@NickMeves)
- [#746](https://github.com/oauth2-proxy/oauth2-proxy/pull/746) Fix conversion of static responses in upstreams (@JoelSpeed)
# v6.1.0 # v6.1.0

12
pkg/apis/options/legacy_options.go
View File

@ -4,6 +4,7 @@ import (
"fmt" "fmt"
"net/url" "net/url"
"strconv" "strconv"
"strings"
"time" "time"
"github.com/oauth2-proxy/oauth2-proxy/pkg/logger" "github.com/oauth2-proxy/oauth2-proxy/pkg/logger"
@ -87,6 +88,8 @@ func (l *LegacyUpstreams) convert() (Upstreams, error) {
if u.Fragment != "" { if u.Fragment != "" {
upstream.ID = u.Fragment upstream.ID = u.Fragment
upstream.Path = u.Fragment upstream.Path = u.Fragment
// Trim the fragment from the end of the URI
upstream.URI = strings.SplitN(upstreamString, "#", 2)[0]
} }
case "static": case "static":
responseCode, err := strconv.Atoi(u.Host) responseCode, err := strconv.Atoi(u.Host)
@ -97,17 +100,18 @@ func (l *LegacyUpstreams) convert() (Upstreams, error) {
upstream.Static = true upstream.Static = true
upstream.StaticCode = &responseCode upstream.StaticCode = &responseCode
// These are not allowed to be empty and must be unique // This is not allowed to be empty and must be unique
upstream.ID = upstreamString upstream.ID = upstreamString
upstream.Path = upstreamString
// We only support the root path in the legacy config
upstream.Path = "/"
// Force defaults compatible with static responses // Force defaults compatible with static responses
upstream.URI = "" upstream.URI = ""
upstream.InsecureSkipTLSVerify = false upstream.InsecureSkipTLSVerify = false
upstream.PassHostHeader = nil upstream.PassHostHeader = nil
upstream.ProxyWebSockets = nil upstream.ProxyWebSockets = nil
flush := 1 * time.Second upstream.FlushInterval = nil
upstream.FlushInterval = &flush
} }
upstreams = append(upstreams, upstream) upstreams = append(upstreams, upstream)

30
pkg/apis/options/legacy_options_test.go
View File

@ -21,9 +21,10 @@ var _ = Describe("Legacy Options", func() {
legacyOpts.LegacyUpstreams.PassHostHeader = true legacyOpts.LegacyUpstreams.PassHostHeader = true
legacyOpts.LegacyUpstreams.ProxyWebSockets = true legacyOpts.LegacyUpstreams.ProxyWebSockets = true
legacyOpts.LegacyUpstreams.SSLUpstreamInsecureSkipVerify = true legacyOpts.LegacyUpstreams.SSLUpstreamInsecureSkipVerify = true
legacyOpts.LegacyUpstreams.Upstreams = []string{"http://foo.bar/baz", "file://var/lib/website#/bar"} legacyOpts.LegacyUpstreams.Upstreams = []string{"http://foo.bar/baz", "file:///var/lib/website#/bar", "static://204"}
truth := true truth := true
staticCode := 204
opts.UpstreamServers = Upstreams{ opts.UpstreamServers = Upstreams{
{ {
ID: "/baz", ID: "/baz",
@ -37,12 +38,23 @@ var _ = Describe("Legacy Options", func() {
{ {
ID: "/bar", ID: "/bar",
Path: "/bar", Path: "/bar",
URI: "file://var/lib/website#/bar", URI: "file:///var/lib/website",
FlushInterval: &flushInterval, FlushInterval: &flushInterval,
InsecureSkipTLSVerify: true, InsecureSkipTLSVerify: true,
PassHostHeader: &truth, PassHostHeader: &truth,
ProxyWebSockets: &truth, ProxyWebSockets: &truth,
}, },
{
ID: "static://204",
Path: "/",
URI: "",
Static: true,
StaticCode: &staticCode,
FlushInterval: nil,
InsecureSkipTLSVerify: false,
PassHostHeader: nil,
ProxyWebSockets: nil,
},
} }
converted, err := legacyOpts.ToOptions() converted, err := legacyOpts.ToOptions()
@ -58,8 +70,6 @@ var _ = Describe("Legacy Options", func() {
errMsg string errMsg string
} }
defaultFlushInterval := 1 * time.Second
// Non defaults for these options // Non defaults for these options
skipVerify := true skipVerify := true
passHostHeader := false passHostHeader := false
@ -90,11 +100,11 @@ var _ = Describe("Legacy Options", func() {
FlushInterval: &flushInterval, FlushInterval: &flushInterval,
} }
validFileWithFragment := "file://var/lib/website#/bar" validFileWithFragment := "file:///var/lib/website#/bar"
validFileWithFragmentUpstream := Upstream{ validFileWithFragmentUpstream := Upstream{
ID: "/bar", ID: "/bar",
Path: "/bar", Path: "/bar",
URI: validFileWithFragment, URI: "file:///var/lib/website",
InsecureSkipTLSVerify: skipVerify, InsecureSkipTLSVerify: skipVerify,
PassHostHeader: &passHostHeader, PassHostHeader: &passHostHeader,
ProxyWebSockets: &proxyWebSockets, ProxyWebSockets: &proxyWebSockets,
@ -105,28 +115,28 @@ var _ = Describe("Legacy Options", func() {
validStaticCode := 204 validStaticCode := 204
validStaticUpstream := Upstream{ validStaticUpstream := Upstream{
ID: validStatic, ID: validStatic,
Path: validStatic, Path: "/",
URI: "", URI: "",
Static: true, Static: true,
StaticCode: &validStaticCode, StaticCode: &validStaticCode,
InsecureSkipTLSVerify: false, InsecureSkipTLSVerify: false,
PassHostHeader: nil, PassHostHeader: nil,
ProxyWebSockets: nil, ProxyWebSockets: nil,
FlushInterval: &defaultFlushInterval, FlushInterval: nil,
} }
invalidStatic := "static://abc" invalidStatic := "static://abc"
invalidStaticCode := 200 invalidStaticCode := 200
invalidStaticUpstream := Upstream{ invalidStaticUpstream := Upstream{
ID: invalidStatic, ID: invalidStatic,
Path: invalidStatic, Path: "/",
URI: "", URI: "",
Static: true, Static: true,
StaticCode: &invalidStaticCode, StaticCode: &invalidStaticCode,
InsecureSkipTLSVerify: false, InsecureSkipTLSVerify: false,
PassHostHeader: nil, PassHostHeader: nil,
ProxyWebSockets: nil, ProxyWebSockets: nil,
FlushInterval: &defaultFlushInterval, FlushInterval: nil,
} }
invalidHTTP := ":foo" invalidHTTP := ":foo"

1
pkg/upstream/proxy.go
View File

@ -56,6 +56,7 @@ func (m *multiUpstreamProxy) ServeHTTP(rw http.ResponseWriter, req *http.Request
// registerStaticResponseHandler registers a static response handler with at the given path. // registerStaticResponseHandler registers a static response handler with at the given path.
func (m *multiUpstreamProxy) registerStaticResponseHandler(upstream options.Upstream) { func (m *multiUpstreamProxy) registerStaticResponseHandler(upstream options.Upstream) {
logger.Printf("mapping path %q => static response %d", upstream.Path, derefStaticCode(upstream.StaticCode))
m.serveMux.Handle(upstream.Path, newStaticResponseHandler(upstream.ID, upstream.StaticCode)) m.serveMux.Handle(upstream.Path, newStaticResponseHandler(upstream.ID, upstream.StaticCode))
} }

14
pkg/upstream/static.go
View File

@ -10,12 +10,8 @@ const defaultStaticResponseCode = 200
// newStaticResponseHandler creates a new staticResponseHandler that serves a // newStaticResponseHandler creates a new staticResponseHandler that serves a
// a static response code. // a static response code.
func newStaticResponseHandler(upstream string, code *int) http.Handler { func newStaticResponseHandler(upstream string, code *int) http.Handler {
if code == nil {
c := defaultStaticResponseCode
code = &c
}
return &staticResponseHandler{ return &staticResponseHandler{
code: *code, code: derefStaticCode(code),
upstream: upstream, upstream: upstream,
} }
} }
@ -32,3 +28,11 @@ func (s *staticResponseHandler) ServeHTTP(rw http.ResponseWriter, req *http.Requ
rw.WriteHeader(s.code) rw.WriteHeader(s.code)
fmt.Fprintf(rw, "Authenticated") fmt.Fprintf(rw, "Authenticated")
} }
// derefStaticCode returns the derefenced value, or the default if the value is nil
func derefStaticCode(code *int) int {
if code != nil {
return *code
}
return defaultStaticResponseCode
}