More fully support X-Auth-Request-Redirect header
Docs showed that the X-Auth-Request-Redirect header can specify a redirect URI, but only the rd POST parameter was being honored This fixes that.
This commit is contained in:
parent
d00c14a2a7
commit
a209a52df1
@ -247,6 +247,8 @@ server {
|
|||||||
proxy_set_header X-Real-IP $remote_addr;
|
proxy_set_header X-Real-IP $remote_addr;
|
||||||
proxy_set_header X-Scheme $scheme;
|
proxy_set_header X-Scheme $scheme;
|
||||||
proxy_set_header X-Auth-Request-Redirect $request_uri;
|
proxy_set_header X-Auth-Request-Redirect $request_uri;
|
||||||
|
# or, if you are handling multiple domains:
|
||||||
|
# proxy_set_header X-Auth-Request-Redirect $scheme://$host$request_uri;
|
||||||
}
|
}
|
||||||
location = /oauth2/auth {
|
location = /oauth2/auth {
|
||||||
proxy_pass http://127.0.0.1:4180;
|
proxy_pass http://127.0.0.1:4180;
|
||||||
|
@ -480,7 +480,10 @@ func (p *OAuthProxy) GetRedirect(req *http.Request) (redirect string, err error)
|
|||||||
return
|
return
|
||||||
}
|
}
|
||||||
|
|
||||||
|
redirect = req.Header.Get("X-Auth-Request-Redirect")
|
||||||
|
if req.Form.Get("rd") != "" {
|
||||||
redirect = req.Form.Get("rd")
|
redirect = req.Form.Get("rd")
|
||||||
|
}
|
||||||
if !p.IsValidRedirect(redirect) {
|
if !p.IsValidRedirect(redirect) {
|
||||||
redirect = req.URL.Path
|
redirect = req.URL.Path
|
||||||
if strings.HasPrefix(redirect, p.ProxyPrefix) {
|
if strings.HasPrefix(redirect, p.ProxyPrefix) {
|
||||||
|
Loading…
Reference in New Issue
Block a user