outposts/proxy: set http code when no redirect header is set

Signed-off-by: Jens Langhammer <jens@goauthentik.io>
2023-01-14 22:20:52 +01:00 · 2023-01-14 22:20:52 +01:00 · 69d4719687
parent d31e566873
commit 69d4719687
2 changed files with 6 additions and 3 deletions
--- a/internal/outpost/proxyv2/application/auth_bearer.go
+++ b/internal/outpost/proxyv2/application/auth_bearer.go
@ -5,17 +5,19 @@ import (
 	"net/http"
 	"net/url"
 	"strings"
+
+	"goauthentik.io/internal/outpost/proxyv2/constants"
 )

 func (a *Application) checkAuthHeaderBearer(r *http.Request) string {
-	auth := r.Header.Get(HeaderAuthorization)
+	auth := r.Header.Get(constants.HeaderAuthorization)
 	if auth == "" {
 		return ""
 	}
-	if len(auth) < len(AuthBearer) || !strings.EqualFold(auth[:len(AuthBearer)], AuthBearer) {
+	if len(auth) < len(constants.AuthBearer) || !strings.EqualFold(auth[:len(constants.AuthBearer)], constants.AuthBearer) {
 		return ""
 	}
-	return auth[len(AuthBearer):]
+	return auth[len(constants.AuthBearer):]
 }

 type TokenIntrospectionResponse struct {
--- a/internal/outpost/proxyv2/application/utils.go
+++ b/internal/outpost/proxyv2/application/utils.go
@ -36,6 +36,7 @@ func (a *Application) redirectToStart(rw http.ResponseWriter, r *http.Request) {
 		a.log.WithError(err).Warning("failed to decode session")
 	}
 	if r.Header.Get(constants.HeaderNoRedirect) == "true" {
+		rw.WriteHeader(401)
 		er := a.errorTemplates.Execute(rw, ErrorPageData{
 			Title:       "Unauthenticated",
 			Message:     fmt.Sprintf("Due to '%s' being set, no redirect is performed.", constants.HeaderNoRedirect),