fix: websocket path rewrite (#2300)
This commit is contained in:
Reto Kupferschmid
GitHub
parent
96f0288a36
commit
64e736f668
|
|
@ -11,6 +11,7 @@
|
||||||
- [#2800](https://github.com/oauth2-proxy/oauth2-proxy/pull/2800) Add some opencontainer labels to docker image (@halkeye)
|
- [#2800](https://github.com/oauth2-proxy/oauth2-proxy/pull/2800) Add some opencontainer labels to docker image (@halkeye)
|
||||||
- [#2755](https://github.com/oauth2-proxy/oauth2-proxy/pull/2755) feat: add X-Envoy-External-Address as supported header (@bjencks)
|
- [#2755](https://github.com/oauth2-proxy/oauth2-proxy/pull/2755) feat: add X-Envoy-External-Address as supported header (@bjencks)
|
||||||
- [#1985](https://github.com/oauth2-proxy/oauth2-proxy/pull/1985) Add support for systemd socket (@isodude)
|
- [#1985](https://github.com/oauth2-proxy/oauth2-proxy/pull/1985) Add support for systemd socket (@isodude)
|
||||||
|
- [#2300](https://github.com/oauth2-proxy/oauth2-proxy/pull/2300) Add fix for websocket path rewrite (@rekup)
|
||||||
|
|
||||||
# V7.7.1
|
# V7.7.1
|
||||||
|
|
||||||
|
|
@ -59,7 +60,6 @@
|
||||||
- [#2790](https://github.com/oauth2-proxy/oauth2-proxy/pull/2790) chore(deps): update all golang dependencies (@tuunit)
|
- [#2790](https://github.com/oauth2-proxy/oauth2-proxy/pull/2790) chore(deps): update all golang dependencies (@tuunit)
|
||||||
- [#2607](https://github.com/oauth2-proxy/oauth2-proxy/pull/2607) fix(csrf): fix possible infinite loop (@Primexz)
|
- [#2607](https://github.com/oauth2-proxy/oauth2-proxy/pull/2607) fix(csrf): fix possible infinite loop (@Primexz)
|
||||||
|
|
||||||
|
|
||||||
# V7.6.0
|
# V7.6.0
|
||||||
|
|
||||||
## Release Highlights
|
## Release Highlights
|
||||||
|
|
|
||||||
|
|
@ -253,7 +253,7 @@ var _ = Describe("Proxy Suite", func() {
|
||||||
URL: "http://example.localhost/different/backend/path/1234",
|
URL: "http://example.localhost/different/backend/path/1234",
|
||||||
Header: map[string][]string{
|
Header: map[string][]string{
|
||||||
"Gap-Auth": {""},
|
"Gap-Auth": {""},
|
||||||
"Gap-Signature": {"sha256 jeAeM7wHSj2ab/l9YPvtTJ9l/8q1tpY2V/iwXF48bgw="},
|
"Gap-Signature": {"sha256 Pzy0fSFhzbhY0R9rj8vl5LCiIQaKVB0s6h9BADgIT4I="},
|
||||||
},
|
},
|
||||||
Body: []byte{},
|
Body: []byte{},
|
||||||
Host: "example.localhost",
|
Host: "example.localhost",
|
||||||
|
|
@ -274,7 +274,7 @@ var _ = Describe("Proxy Suite", func() {
|
||||||
URL: "http://example.localhost/different/backend/path/1234/abc",
|
URL: "http://example.localhost/different/backend/path/1234/abc",
|
||||||
Header: map[string][]string{
|
Header: map[string][]string{
|
||||||
"Gap-Auth": {""},
|
"Gap-Auth": {""},
|
||||||
"Gap-Signature": {"sha256 rAkAc9gp7EndoOppJuvbuPnYuBcqrTkBnQx6iPS8xTA="},
|
"Gap-Signature": {"sha256 uqIAxSgz+onqHDMMl/EAZWbwSw56PzM90iCocNUEqmw="},
|
||||||
},
|
},
|
||||||
Body: []byte{},
|
Body: []byte{},
|
||||||
Host: "example.localhost",
|
Host: "example.localhost",
|
||||||
|
|
@ -324,7 +324,7 @@ var _ = Describe("Proxy Suite", func() {
|
||||||
URL: "http://example.localhost/double-match/rewrite/foo",
|
URL: "http://example.localhost/double-match/rewrite/foo",
|
||||||
Header: map[string][]string{
|
Header: map[string][]string{
|
||||||
"Gap-Auth": {""},
|
"Gap-Auth": {""},
|
||||||
"Gap-Signature": {"sha256 eYyUNdsrTmnvFpavpP8AdHGUGzqJ39QEjqn0/3fQPHA="},
|
"Gap-Signature": {"sha256 Ii7wKYBkRkJH556gRUsVUwGPgF7IG7V7X4vhkiyzfQ0="},
|
||||||
},
|
},
|
||||||
Body: []byte{},
|
Body: []byte{},
|
||||||
Host: "example.localhost",
|
Host: "example.localhost",
|
||||||
|
|
|
||||||
|
|
@ -50,6 +50,7 @@ func rewritePath(rewriteRegExp *regexp.Regexp, rewriteTarget string, writer page
|
||||||
}
|
}
|
||||||
|
|
||||||
req.RequestURI = reqURL.String()
|
req.RequestURI = reqURL.String()
|
||||||
|
req.URL.Path = reqURL.Path // set path for websocket connections
|
||||||
next.ServeHTTP(rw, req)
|
next.ServeHTTP(rw, req)
|
||||||
})
|
})
|
||||||
}
|
}
|
||||||
|
|
|
||||||
|
|
@ -16,6 +16,7 @@ var _ = Describe("Rewrite", func() {
|
||||||
rewriteTarget string
|
rewriteTarget string
|
||||||
requestTarget string
|
requestTarget string
|
||||||
expectedRequestURI string
|
expectedRequestURI string
|
||||||
|
expectedURLPath string
|
||||||
}
|
}
|
||||||
|
|
||||||
DescribeTable("should rewrite the request path",
|
DescribeTable("should rewrite the request path",
|
||||||
|
|
@ -24,36 +25,43 @@ var _ = Describe("Rewrite", func() {
|
||||||
rw := httptest.NewRecorder()
|
rw := httptest.NewRecorder()
|
||||||
|
|
||||||
var gotRequestURI string
|
var gotRequestURI string
|
||||||
|
var gotRequestURLPath string
|
||||||
handler := newRewritePath(in.rewriteRegex, in.rewriteTarget, &pagewriter.WriterFuncs{})(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
handler := newRewritePath(in.rewriteRegex, in.rewriteTarget, &pagewriter.WriterFuncs{})(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
||||||
gotRequestURI = r.RequestURI
|
gotRequestURI = r.RequestURI
|
||||||
|
gotRequestURLPath = r.URL.Path
|
||||||
}))
|
}))
|
||||||
handler.ServeHTTP(rw, req)
|
handler.ServeHTTP(rw, req)
|
||||||
|
|
||||||
Expect(gotRequestURI).To(Equal(in.expectedRequestURI))
|
Expect(gotRequestURI).To(Equal(in.expectedRequestURI))
|
||||||
|
Expect(gotRequestURLPath).To(Equal(in.expectedURLPath))
|
||||||
},
|
},
|
||||||
Entry("when the path matches the regexp", rewritePathTableInput{
|
Entry("when the path matches the regexp", rewritePathTableInput{
|
||||||
rewriteRegex: regexp.MustCompile("^/http/(.*)"),
|
rewriteRegex: regexp.MustCompile("^/http/(.*)"),
|
||||||
rewriteTarget: "/$1",
|
rewriteTarget: "/$1",
|
||||||
requestTarget: "http://example.com/http/foo/bar",
|
requestTarget: "http://example.com/http/foo/bar",
|
||||||
expectedRequestURI: "http://example.com/foo/bar",
|
expectedRequestURI: "http://example.com/foo/bar",
|
||||||
|
expectedURLPath: "/foo/bar",
|
||||||
}),
|
}),
|
||||||
Entry("when the path does not match the regexp", rewritePathTableInput{
|
Entry("when the path does not match the regexp", rewritePathTableInput{
|
||||||
rewriteRegex: regexp.MustCompile("^/http/(.*)"),
|
rewriteRegex: regexp.MustCompile("^/http/(.*)"),
|
||||||
rewriteTarget: "/$1",
|
rewriteTarget: "/$1",
|
||||||
requestTarget: "https://example.com/https/foo/bar",
|
requestTarget: "https://example.com/https/foo/bar",
|
||||||
expectedRequestURI: "https://example.com/https/foo/bar",
|
expectedRequestURI: "https://example.com/https/foo/bar",
|
||||||
|
expectedURLPath: "/https/foo/bar",
|
||||||
}),
|
}),
|
||||||
Entry("when the regexp is not anchored", rewritePathTableInput{
|
Entry("when the regexp is not anchored", rewritePathTableInput{
|
||||||
rewriteRegex: regexp.MustCompile("/http/(.*)"),
|
rewriteRegex: regexp.MustCompile("/http/(.*)"),
|
||||||
rewriteTarget: "/$1",
|
rewriteTarget: "/$1",
|
||||||
requestTarget: "http://example.com/bar/http/foo/bar",
|
requestTarget: "http://example.com/bar/http/foo/bar",
|
||||||
expectedRequestURI: "http://example.com/bar/foo/bar",
|
expectedRequestURI: "http://example.com/bar/foo/bar",
|
||||||
|
expectedURLPath: "/bar/foo/bar",
|
||||||
}),
|
}),
|
||||||
Entry("when the regexp is rewriting to a query", rewritePathTableInput{
|
Entry("when the regexp is rewriting to a query", rewritePathTableInput{
|
||||||
rewriteRegex: regexp.MustCompile(`/articles/([a-z0-9\-]*)`),
|
rewriteRegex: regexp.MustCompile(`/articles/([a-z0-9\-]*)`),
|
||||||
rewriteTarget: "/article?id=$1",
|
rewriteTarget: "/article?id=$1",
|
||||||
requestTarget: "http://example.com/articles/blog-2021-01-01",
|
requestTarget: "http://example.com/articles/blog-2021-01-01",
|
||||||
expectedRequestURI: "http://example.com/article?id=blog-2021-01-01",
|
expectedRequestURI: "http://example.com/article?id=blog-2021-01-01",
|
||||||
|
expectedURLPath: "/article",
|
||||||
}),
|
}),
|
||||||
)
|
)
|
||||||
})
|
})
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue