Add static upstream

This commit is contained in:
Christian Groschupp 2019-09-18 22:40:33 +02:00
parent 82a3d5afdc
commit a7e3c3a7ef
No known key found for this signature in database
GPG Key ID: F164E00C6EDA908F
3 changed files with 13 additions and 2 deletions

View File

@ -105,7 +105,7 @@ An example [oauth2_proxy.cfg]({{ site.gitweb }}/contrib/oauth2_proxy.cfg.example
| `-standard-logging-format` | string | Template for standard log lines | see [Logging Configuration](#logging-configuration) | | `-standard-logging-format` | string | Template for standard log lines | see [Logging Configuration](#logging-configuration) |
| `-tls-cert-file` | string | path to certificate file | | | `-tls-cert-file` | string | path to certificate file | |
| `-tls-key-file` | string | path to private key file | | | `-tls-key-file` | string | path to private key file | |
| `-upstream` | string \| list | the http url(s) of the upstream endpoint or `file://` paths for static files. Routing is based on the path | | | `-upstream` | string \| list | the http url(s) of the upstream endpoint, file:// paths for static files or `static://<status_code>` for static response. Routing is based on the path | |
| `-validate-url` | string | Access token validation endpoint | | | `-validate-url` | string | Access token validation endpoint | |
| `-version` | n/a | print version string | | | `-version` | n/a | print version string | |
| `-whitelist-domain` | string \| list | allowed domains for redirection after authentication. Prefix domain with a `.` to allow subdomains (eg `.example.com`) | | | `-whitelist-domain` | string \| list | allowed domains for redirection after authentication. Prefix domain with a `.` to allow subdomains (eg `.example.com`) | |

View File

@ -36,7 +36,7 @@ func main() {
flagSet.String("tls-key-file", "", "path to private key file") flagSet.String("tls-key-file", "", "path to private key file")
flagSet.String("redirect-url", "", "the OAuth Redirect URL. ie: \"https://internalapp.yourcompany.com/oauth2/callback\"") flagSet.String("redirect-url", "", "the OAuth Redirect URL. ie: \"https://internalapp.yourcompany.com/oauth2/callback\"")
flagSet.Bool("set-xauthrequest", false, "set X-Auth-Request-User and X-Auth-Request-Email response headers (useful in Nginx auth_request mode)") flagSet.Bool("set-xauthrequest", false, "set X-Auth-Request-User and X-Auth-Request-Email response headers (useful in Nginx auth_request mode)")
flagSet.Var(&upstreams, "upstream", "the http url(s) of the upstream endpoint or file:// paths for static files. Routing is based on the path") flagSet.Var(&upstreams, "upstream", "the http url(s) of the upstream endpoint, file:// paths for static files or static://<status_code> for static response. Routing is based on the path")
flagSet.Bool("pass-basic-auth", true, "pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream") flagSet.Bool("pass-basic-auth", true, "pass HTTP Basic Auth, X-Forwarded-User and X-Forwarded-Email information to upstream")
flagSet.Bool("pass-user-headers", true, "pass X-Forwarded-User and X-Forwarded-Email information to upstream") flagSet.Bool("pass-user-headers", true, "pass X-Forwarded-User and X-Forwarded-Email information to upstream")
flagSet.String("basic-auth-password", "", "the password to set when passing the HTTP Basic Auth header") flagSet.String("basic-auth-password", "", "the password to set when passing the HTTP Basic Auth header")

View File

@ -12,6 +12,7 @@ import (
"net/http/httputil" "net/http/httputil"
"net/url" "net/url"
"regexp" "regexp"
"strconv"
"strings" "strings"
"time" "time"
@ -207,6 +208,16 @@ func NewOAuthProxy(opts *Options, validator func(string) bool) *OAuthProxy {
proxy := NewWebSocketOrRestReverseProxy(u, opts, auth) proxy := NewWebSocketOrRestReverseProxy(u, opts, auth)
serveMux.Handle(path, proxy) serveMux.Handle(path, proxy)
case "static":
serveMux.HandleFunc("/", func(rw http.ResponseWriter, req *http.Request) {
responseCode, err := strconv.Atoi(u.Host)
if err != nil {
logger.Printf("unable to convert %q to int, use default \"200\"", u.Host)
responseCode = 200
}
rw.WriteHeader(responseCode)
fmt.Fprintf(rw, "Authenticated")
})
case "file": case "file":
if u.Fragment != "" { if u.Fragment != "" {
path = u.Fragment path = u.Fragment