More fully support X-Auth-Request-Redirect header

Docs showed that the X-Auth-Request-Redirect header can specify a redirect URI, but only the rd POST parameter was being honored This fixes that.
2019-08-17 15:50:37 -05:00 · 2019-08-17 15:50:37 -05:00 · a209a52df1
parent d00c14a2a7
commit a209a52df1
2 changed files with 6 additions and 1 deletions
--- a/docs/configuration/configuration.md
+++ b/docs/configuration/configuration.md
@ -247,6 +247,8 @@ server {
    proxy_set_header X-Real-IP               $remote_addr;
    proxy_set_header X-Scheme                $scheme;
    proxy_set_header X-Auth-Request-Redirect $request_uri;
+    # or, if you are handling multiple domains:
+    # proxy_set_header X-Auth-Request-Redirect $scheme://$host$request_uri;
  }
  location = /oauth2/auth {
    proxy_pass       http://127.0.0.1:4180;
--- a/oauthproxy.go
+++ b/oauthproxy.go
@ -480,7 +480,10 @@ func (p *OAuthProxy) GetRedirect(req *http.Request) (redirect string, err error)
 		return
 	}

-	redirect = req.Form.Get("rd")
+	redirect = req.Header.Get("X-Auth-Request-Redirect")
+	if req.Form.Get("rd") != "" {
+		redirect = req.Form.Get("rd")
+	}
 	if !p.IsValidRedirect(redirect) {
 		redirect = req.URL.Path
 		if strings.HasPrefix(redirect, p.ProxyPrefix) {