mirror/opencloud
1
0
Fork 0
mirror of https://github.com/opencloud-eu/opencloud.git synced 2026-03-03 03:18:36 -06:00
Code Issues Packages Projects Releases Wiki Activity

whitelist depending on the URI

Browse Source
This commit is contained in:
A.Unger
2020-12-01 17:10:04 +01:00
parent 348c54f2e7
commit 28e8f75ebd
3 changed files with 21 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

12
proxy/pkg/middleware/basic_auth.go
View File

@@ -35,7 +35,11 @@ func BasicAuth(optionSetters ...Option) func(next http.Handler) http.Handler {
// if we want to prevent duplicated Www-Authenticate headers coming from Reva consider using w.Header().Del("Www-Authenticate")
// but this will require the proxy being aware of endpoints which authentication fallback to Reva.
if !h.isPublicLink(req) {
w.Header().Add("Www-Authenticate", fmt.Sprintf("%v realm=\"%s\", charset=\"UTF-8\"", "Basic", req.Host))
for i := 0; i < len(ProxyWwwAuthenticate); i++ {
if strings.Contains(req.RequestURI, fmt.Sprintf("/%v/", ProxyWwwAuthenticate[i])) {
w.Header().Add("Www-Authenticate", fmt.Sprintf("%v realm=\"%s\", charset=\"UTF-8\"", "Basic", req.Host))
}
}
}
next.ServeHTTP(w, req)
return
@@ -43,7 +47,11 @@ func BasicAuth(optionSetters ...Option) func(next http.Handler) http.Handler {
account, ok := h.getAccount(req)
if !ok {
w.Header().Add("Www-Authenticate", fmt.Sprintf("%v realm=\"%s\", charset=\"UTF-8\"", "Basic", req.Host))
for i := 0; i < len(ProxyWwwAuthenticate); i++ {
if strings.Contains(req.RequestURI, fmt.Sprintf("/%v/", ProxyWwwAuthenticate[i])) {
w.Header().Add("Www-Authenticate", fmt.Sprintf("%v realm=\"%s\", charset=\"UTF-8\"", "Basic", req.Host))
}
}
w.WriteHeader(http.StatusUnauthorized)
return
}