From f35c82bb0f7bb3877f7e60e6c2c62c5d1c7f9c99 Mon Sep 17 00:00:00 2001
From: Adam Eijdenberg <adam.eijdenberg@digital.gov.au>
Date: Fri, 7 Jun 2019 14:25:12 +1000
Subject: [PATCH] The AuthOnly path also needs the response headers set

---
 oauthproxy.go | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/oauthproxy.go b/oauthproxy.go
index dfc2086..687a9b2 100644
--- a/oauthproxy.go
+++ b/oauthproxy.go
@@ -645,9 +645,11 @@ func (p *OAuthProxy) OAuthCallback(rw http.ResponseWriter, req *http.Request) {
 
 // AuthenticateOnly checks whether the user is currently logged in
 func (p *OAuthProxy) AuthenticateOnly(rw http.ResponseWriter, req *http.Request) {
-	_, err := p.getAuthenticatedSession(rw, req)
+	session, err := p.getAuthenticatedSession(rw, req)
 	switch err {
 	case nil:
+		// we are authenticated
+		p.addHeadersForProxying(rw, req, session)
 		rw.WriteHeader(http.StatusAccepted)
 	default:
 		http.Error(rw, "unauthorized request", http.StatusUnauthorized)