DevFW-CICD/ingress-nginx-helm
6
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge pull request #6294 from ianbuss/auth-error-redirect-param

Browse source 
Allow customisation of redirect URL parameter in external auth redirects
This commit is contained in:
Kubernetes Prow Robot 2020-11-23 01:27:37 -08:00 committed by GitHub
commit e3a3ea8826
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 233 additions and 86 deletions
Download patch file Download diff file Expand all files Collapse all files

18
internal/ingress/controller/template/template.go
View file

@ -50,9 +50,10 @@ import (
)
const (
slash = "/"
nonIdempotent = "non_idempotent"
defBufferSize = 65535
slash = "/"
nonIdempotent = "non_idempotent"
defBufferSize = 65535
defAuthSigninRedirectParam = "rd"
)
// TemplateWriter is the interface to render a template
@ -910,18 +911,21 @@ func buildForwardedFor(input interface{}) string {
return fmt.Sprintf("$http_%v", ffh)
}
func buildAuthSignURL(authSignURL string) string {
func buildAuthSignURL(authSignURL, authRedirectParam string) string {
u, _ := url.Parse(authSignURL)
q := u.Query()
if authRedirectParam == "" {
authRedirectParam = defaultGlobalAuthRedirectParam
}
if len(q) == 0 {
return fmt.Sprintf("%v?rd=$pass_access_scheme://$http_host$escaped_request_uri", authSignURL)
return fmt.Sprintf("%v?%v=$pass_access_scheme://$http_host$escaped_request_uri", authSignURL, authRedirectParam)
}
if q.Get("rd") != "" {
if q.Get(authRedirectParam) != "" {
return authSignURL
}
return fmt.Sprintf("%v&rd=$pass_access_scheme://$http_host$escaped_request_uri", authSignURL)
return fmt.Sprintf("%v&%v=$pass_access_scheme://$http_host$escaped_request_uri", authSignURL, authRedirectParam)
}
func buildAuthSignURLLocation(location, authSignURL string) string {