Add authenticated user email to the header X-Forwarded-User

2026-06-05 22:44:17 +00:00 · 2024-08-15 13:22:33 +02:00
parent b1c0fc5583
commit 7e8b4ecea7
1 changed files with 16 additions and 0 deletions
@@ -282,6 +282,22 @@ func (t *TraefikOidc) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
 				return
 			}
 		}
+
+		idToken, ok := session.Values["id_token"].(string)
+		if !ok || idToken == "" {
+			return
+		}
+
+		claims, err := extractClaims(idToken)
+		if err != nil {
+			t.logger.Errorf("Failed to extract claims: %v", err)
+			return
+		}
+
+		// Add authenticated user email to the header X-Forwarded-User
+		email, _ := claims["email"].(string)
+		req.Header.Set("X-Forwarded-User", email)
+
 		t.next.ServeHTTP(rw, req)
 		return
 	}