Use comma separated multiple values for header (#799)

* Use comma separated value for multiple claims * Fix lint error * Fix more tests * Fix one more test * Always flatten the headers * Ensure we test the real multi-groups * Only update map when necessary * Update CHANGELOG * Move to the right location of change log * Fix blank line
2025-06-15 00:15:00 +02:00 · 2021-01-22 00:48:34 -08:00
parent 8087de7a03
commit b541805dc1
4 changed files with 19 additions and 7 deletions
--- a/pkg/middleware/headers.go
+++ b/pkg/middleware/headers.go
@ -3,6 +3,7 @@ package middleware
 import (
 	"fmt"
 	"net/http"
+	"strings"

 	"github.com/justinas/alice"
 	middlewareapi "github.com/oauth2-proxy/oauth2-proxy/v7/pkg/apis/middleware"
@ -40,6 +41,14 @@ func newStripHeaders(headers []options.Header) alice.Constructor {
 	}
 }

+func flattenHeaders(headers http.Header) {
+	for name, values := range headers {
+		if len(values) > 1 {
+			headers.Set(name, strings.Join(values, ","))
+		}
+	}
+}
+
 func stripHeaders(headers []string, next http.Handler) http.Handler {
 	return http.HandlerFunc(func(rw http.ResponseWriter, req *http.Request) {
 		for _, header := range headers {
@ -67,6 +76,7 @@ func injectRequestHeaders(injector header.Injector, next http.Handler) http.Hand
 		// If scope is nil, this will panic.
 		// A scope should always be injected before this handler is called.
 		injector.Inject(req.Header, scope.Session)
+		flattenHeaders(req.Header)
 		next.ServeHTTP(rw, req)
 	})
 }
@ -98,6 +108,7 @@ func injectResponseHeaders(injector header.Injector, next http.Handler) http.Han
 		// If scope is nil, this will panic.
 		// A scope should always be injected before this handler is called.
 		injector.Inject(rw.Header(), scope.Session)
+		flattenHeaders(req.Header)
 		next.ServeHTTP(rw, req)
 	})
 }