lukaszraczylo/traefikoidc
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/traefikoidc.git synced 2026-06-05 22:44:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

Add debugging logging.

Browse Source
This commit is contained in:
Lukasz Raczylo
2024-07-24 16:00:32 +01:00
parent c26b18c8b7
commit 1649c72b9e
3 changed files with 22 additions and 4 deletions
Download Patch File Download Diff File Expand all files Collapse all files
helpers.go
+3 -2
View File
@@ -25,7 +25,8 @@ func generateNonce() (string, error) {
func assembleRedirectURL(scheme, host, path string) string { func assembleRedirectURL(scheme, host, path string) string {
if scheme == "" { if scheme == "" {
scheme = "http" // Default to http if scheme is empty // infoLogger.Println("Scheme is empty, defaulting to http")
scheme = "http"
} }
return scheme + "://" + host + path return scheme + "://" + host + path
} }
@@ -84,7 +85,7 @@ func (t *TraefikOidc) handleCallback(rw http.ResponseWriter, req *http.Request)
} }
code := req.URL.Query().Get("code") code := req.URL.Query().Get("code")
redirectURL := assembleRedirectURL(req.URL.Scheme, req.Host, t.redirURLPath) redirectURL := assembleRedirectURL(t.scheme, req.Host, t.redirURLPath)
oauth2Token, err := t.exchangeCodeForToken(ctx, code, redirectURL) oauth2Token, err := t.exchangeCodeForToken(ctx, code, redirectURL)
if err != nil { if err != nil {
// infoLogger.Printf("Failed to exchange token: %v", err) // infoLogger.Printf("Failed to exchange token: %v", err)
main.go
+18 -2
View File
@@ -36,6 +36,8 @@ type TraefikOidc struct {
tokenURL string tokenURL string
scopes []string scopes []string
limiter *rate.Limiter limiter *rate.Limiter
forceHTTPS bool
scheme string
} }
type ProviderMetadata struct { type ProviderMetadata struct {
@@ -71,6 +73,7 @@ func New(ctx context.Context, next http.Handler, config *Config, name string) (h
jwksURL: metadata.JWKSURL, jwksURL: metadata.JWKSURL,
clientID: config.ClientID, clientID: config.ClientID,
clientSecret: config.ClientSecret, clientSecret: config.ClientSecret,
forceHTTPS: config.ForceHTTPS,
authURL: metadata.AuthURL, authURL: metadata.AuthURL,
tokenURL: metadata.TokenURL, tokenURL: metadata.TokenURL,
scopes: config.Scopes, scopes: config.Scopes,
@@ -104,8 +107,17 @@ func (t *TraefikOidc) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
scheme = req.Header.Get("X-Forwarded-Proto") scheme = req.Header.Get("X-Forwarded-Proto")
} }
if scheme == "" { if scheme == "" {
scheme = "http" // Default to http if not set if req.TLS != nil {
scheme = "https"
} else {
scheme = "http"
}
} }
if t.forceHTTPS {
scheme = "https"
}
t.scheme = scheme
host := req.URL.Host host := req.URL.Host
if host == "" { if host == "" {
host = req.Header.Get("X-Forwarded-Host") host = req.Header.Get("X-Forwarded-Host")
@@ -114,7 +126,11 @@ func (t *TraefikOidc) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
host = req.Host host = req.Host
} }
redirectURL := assembleRedirectURL(scheme, host, t.redirURLPath) // infoLogger.Printf("Scheme: %s, Host: %s, Path: %s", scheme, host, t.redirURLPath)
// infoLogger.Printf("X-Forwarded-Proto: %s", req.Header.Get("X-Forwarded-Proto"))
// infoLogger.Printf("X-Forwarded-Host: %s", req.Header.Get("X-Forwarded-Host"))
redirectURL := assembleRedirectURL(t.scheme, host, t.redirURLPath)
// infoLogger.Printf("Final redirect URL: %s", redirectURL)
session, err := t.store.Get(req, cookie_name) session, err := t.store.Get(req, cookie_name)
if err != nil { if err != nil {
settings.go
+1
View File
@@ -15,6 +15,7 @@ type Config struct {
Scopes []string `json:"scopes"` Scopes []string `json:"scopes"`
LogLevel string `json:"logLevel"` LogLevel string `json:"logLevel"`
SessionEncryptionKey string `json:"sessionEncryptionKey"` SessionEncryptionKey string `json:"sessionEncryptionKey"`
ForceHTTPS bool `json:"forceHTTPS"`
} }
func CreateConfig() *Config { func CreateConfig() *Config {