TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-06-02 09:52:34 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix(oidc): update login handler to set redirect header for frontend requests

Browse source
This commit is contained in:
yusing 2025-05-29 20:08:52 +08:00
parent ed07bf42ce
commit 24ba4c2a46
2 changed files with 17 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

8
internal/auth/oidc.go
View file

@ -193,7 +193,13 @@ func (auth *OIDCProvider) LoginHandler(w http.ResponseWriter, r *http.Request) {
state := generateState() state := generateState()
SetTokenCookie(w, r, CookieOauthState, state, 300*time.Second) SetTokenCookie(w, r, CookieOauthState, state, 300*time.Second)
// redirect user to Idp // redirect user to Idp
http.Redirect(w, r, auth.oauthConfig.AuthCodeURL(state, optRedirectPostAuth(r)), http.StatusFound) url := auth.oauthConfig.AuthCodeURL(state, optRedirectPostAuth(r))
if IsFrontend(r) {
w.Header().Set("X-Redirect-To", url)
w.WriteHeader(http.StatusForbidden)
} else {
http.Redirect(w, r, url, http.StatusFound)
}
} }
func parseClaims(idToken *oidc.IDToken) (*IDTokenClaims, error) { func parseClaims(idToken *oidc.IDToken) (*IDTokenClaims, error) {

11
internal/auth/utils.go
View file

@ -1,6 +1,7 @@
package auth package auth
import ( import (
"net"
"net/http" "net/http"
"time" "time"
@ -16,7 +17,15 @@ var (
) )
func IsFrontend(r *http.Request) bool { func IsFrontend(r *http.Request) bool {
return r.Host == common.APIHTTPAddr return requestRemoteIP(r) == "127.0.0.1"
}
func requestRemoteIP(r *http.Request) string {
ip, _, err := net.SplitHostPort(r.RemoteAddr)
if err != nil {
return ""
}
return ip
} }
func requestHost(r *http.Request) string { func requestHost(r *http.Request) string {