DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Lua: Extract external auth into file. (#12250)

Browse source 
Co-authored-by: Marco Ebert <marco_ebert@icloud.com>
This commit is contained in:
Ricardo Katz 2024-10-29 10:22:54 -03:00 committed by GitHub
parent 6608eb23b0
commit 7356c4f40f
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 40 additions and 28 deletions
Download patch file Download diff file Expand all files Collapse all files

30
rootfs/etc/nginx/lua/nginx/ngx_conf_external_auth.lua Normal file
View file

@ -0,0 +1,30 @@
local auth_path = ngx.var.auth_path
local auth_keepalive_share_vars = ngx.var.auth_keepalive_share_vars
local auth_response_headers = ngx.var.auth_response_headers
local ngx_re_split = require("ngx.re").split
local ipairs = ipairs
local ngx_log = ngx.log
local ngx_ERR = ngx.ERR
local res = ngx.location.capture(auth_path, {
method = ngx.HTTP_GET, body = '',
share_all_vars = auth_keepalive_share_vars })
if res.status == ngx.HTTP_OK then
local header_parts, err = ngx_re_split(auth_response_headers, ",")
if err then
ngx_log(ngx_ERR, err)
return
end
ngx.var.auth_cookie = res.header['Set-Cookie']
for i, header_name in ipairs(header_parts) do
local varname = "authHeader" .. tostring(i)
ngx.var[varname] = res.header[header_name]
end
return
end
if res.status == ngx.HTTP_UNAUTHORIZED or res.status == ngx.HTTP_FORBIDDEN then
ngx.exit(res.status)
end
ngx.exit(ngx.HTTP_INTERNAL_SERVER_ERROR)