mirror of
https://github.com/openfaas/faas.git
synced 2025-06-09 08:46:48 +00:00
This corrects an issue where the error body was being hidden for the external auth handler. It also adds the ca-certs into the runtime Docker image for when the gateway is calling an external plugin exposed over HTTPS. Tested with OAuth2 plugin. Signed-off-by: Alex Ellis <alexellis2@gmail.com>
48 lines
1.0 KiB
Go
48 lines
1.0 KiB
Go
package handlers
|
|
|
|
import (
|
|
"context"
|
|
"io"
|
|
"log"
|
|
"net/http"
|
|
"time"
|
|
)
|
|
|
|
// MakeExternalAuthHandler make an authentication proxy handler
|
|
func MakeExternalAuthHandler(next http.HandlerFunc, upstreamTimeout time.Duration, upstreamURL string, passBody bool) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
req, _ := http.NewRequest(http.MethodGet, upstreamURL, nil)
|
|
|
|
copyHeaders(req.Header, &r.Header)
|
|
|
|
deadlineContext, cancel := context.WithTimeout(
|
|
context.Background(),
|
|
upstreamTimeout)
|
|
|
|
defer cancel()
|
|
|
|
res, err := http.DefaultClient.Do(req.WithContext(deadlineContext))
|
|
if err != nil {
|
|
http.Error(w, err.Error(), http.StatusInternalServerError)
|
|
log.Printf("ExternalAuthHandler: %s", err.Error())
|
|
return
|
|
}
|
|
|
|
if res.Body != nil {
|
|
defer res.Body.Close()
|
|
}
|
|
|
|
if res.StatusCode == http.StatusOK {
|
|
next.ServeHTTP(w, r)
|
|
return
|
|
}
|
|
|
|
copyHeaders(w.Header(), &res.Header)
|
|
w.WriteHeader(res.StatusCode)
|
|
|
|
if res.Body != nil {
|
|
io.Copy(w, res.Body)
|
|
}
|
|
}
|
|
}
|