diff --git a/internal/outpost/proxyv2/application/application.go b/internal/outpost/proxyv2/application/application.go index 7ff9f207d..3d44e32e2 100644 --- a/internal/outpost/proxyv2/application/application.go +++ b/internal/outpost/proxyv2/application/application.go @@ -5,6 +5,7 @@ import ( "crypto/tls" "encoding/gob" "fmt" + "html/template" "net/http" "net/url" "regexp" @@ -24,6 +25,7 @@ import ( "goauthentik.io/internal/outpost/proxyv2/constants" "goauthentik.io/internal/outpost/proxyv2/hs256" "goauthentik.io/internal/outpost/proxyv2/metrics" + "goauthentik.io/internal/outpost/proxyv2/templates" "goauthentik.io/internal/utils/web" "golang.org/x/oauth2" ) @@ -44,6 +46,8 @@ type Application struct { log *log.Entry mux *mux.Router + + errorTemplates *template.Template } func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore, ak *ak.APIController) (*Application, error) { @@ -79,15 +83,16 @@ func NewApplication(p api.ProxyOutpostConfig, c *http.Client, cs *ak.CryptoStore } mux := mux.NewRouter() a := &Application{ - Host: externalHost.Host, - log: log.WithField("logger", "authentik.outpost.proxy.bundle").WithField("provider", p.Name), - outpostName: ak.Outpost.Name, - endpint: endpoint, - oauthConfig: oauth2Config, - tokenVerifier: verifier, - proxyConfig: p, - httpClient: c, - mux: mux, + Host: externalHost.Host, + log: log.WithField("logger", "authentik.outpost.proxy.bundle").WithField("provider", p.Name), + outpostName: ak.Outpost.Name, + endpint: endpoint, + oauthConfig: oauth2Config, + tokenVerifier: verifier, + proxyConfig: p, + httpClient: c, + mux: mux, + errorTemplates: templates.GetTemplates(), } a.sessions = a.getStore(p) mux.Use(web.NewLoggingHandler(muxLogger, func(l *log.Entry, r *http.Request) *log.Entry { diff --git a/internal/outpost/proxyv2/application/error.go b/internal/outpost/proxyv2/application/error.go index d2f50b8e4..ce01178c3 100644 --- a/internal/outpost/proxyv2/application/error.go +++ b/internal/outpost/proxyv2/application/error.go @@ -2,33 +2,38 @@ package application import ( "fmt" - "html/template" "net/http" log "github.com/sirupsen/logrus" ) -// NewProxyErrorHandler creates a ProxyErrorHandler using the template given. -func (a *Application) newProxyErrorHandler(errorTemplate *template.Template) func(http.ResponseWriter, *http.Request, error) { - return func(rw http.ResponseWriter, req *http.Request, proxyErr error) { - claims, _ := a.getClaims(req) - log.WithError(proxyErr).Warning("Error proxying to upstream server") - rw.WriteHeader(http.StatusBadGateway) - data := struct { - Title string - Message string - ProxyPrefix string - }{ - Title: "Bad Gateway", - Message: "Error proxying to upstream server", - ProxyPrefix: "/akprox", - } - if claims != nil { - data.Message = fmt.Sprintf("Error proxying to upstream server: %s", proxyErr.Error()) - } - err := errorTemplate.Execute(rw, data) - if err != nil { - http.Error(rw, "Internal Server Error", http.StatusInternalServerError) - } +type ErrorPageData struct { + Title string + Message string + ProxyPrefix string +} + +func (a *Application) ErrorPage(rw http.ResponseWriter, r *http.Request, err string) { + claims, _ := a.getClaims(r) + data := ErrorPageData{ + Title: "Bad Gateway", + Message: "Error proxying to upstream server", + ProxyPrefix: "/akprox", + } + if claims != nil && len(err) > 0 { + data.Message = err + } + er := a.errorTemplates.Execute(rw, data) + if er != nil { + http.Error(rw, "Internal Server Error", http.StatusInternalServerError) + } +} + +// NewProxyErrorHandler creates a ProxyErrorHandler using the template given. +func (a *Application) newProxyErrorHandler() func(http.ResponseWriter, *http.Request, error) { + return func(rw http.ResponseWriter, req *http.Request, proxyErr error) { + log.WithError(proxyErr).Warning("Error proxying to upstream server") + rw.WriteHeader(http.StatusBadGateway) + a.ErrorPage(rw, req, fmt.Sprintf("Error proxying to upstream server: %s", proxyErr.Error())) } } diff --git a/internal/outpost/proxyv2/application/mode_proxy.go b/internal/outpost/proxyv2/application/mode_proxy.go index 4630c2503..7cdb0c6bd 100644 --- a/internal/outpost/proxyv2/application/mode_proxy.go +++ b/internal/outpost/proxyv2/application/mode_proxy.go @@ -13,7 +13,6 @@ import ( log "github.com/sirupsen/logrus" "goauthentik.io/internal/outpost/ak" "goauthentik.io/internal/outpost/proxyv2/metrics" - "goauthentik.io/internal/outpost/proxyv2/templates" "goauthentik.io/internal/utils/web" ) @@ -32,7 +31,7 @@ func (a *Application) configureProxy() error { rp := &httputil.ReverseProxy{Director: a.proxyModifyRequest(u)} rsp := sentry.StartSpan(context.TODO(), "authentik.outposts.proxy.application_transport") rp.Transport = ak.NewTracingTransport(rsp.Context(), a.getUpstreamTransport()) - rp.ErrorHandler = a.newProxyErrorHandler(templates.GetTemplates()) + rp.ErrorHandler = a.newProxyErrorHandler() rp.ModifyResponse = a.proxyModifyResponse a.mux.PathPrefix("/").HandlerFunc(func(rw http.ResponseWriter, r *http.Request) { claims, err := a.getClaims(r) diff --git a/internal/outpost/proxyv2/templates/templates.go b/internal/outpost/proxyv2/templates/templates.go index 39cb23cc7..455bedfe3 100644 --- a/internal/outpost/proxyv2/templates/templates.go +++ b/internal/outpost/proxyv2/templates/templates.go @@ -10,7 +10,7 @@ import ( var ErrorTemplate string func GetTemplates() *template.Template { - t, err := template.New("foo").Parse(ErrorTemplate) + t, err := template.New("authentik.outpost.proxy.errors").Parse(ErrorTemplate) if err != nil { log.Fatalf("failed parsing template %s", err) }