TyleoDvDelaware3217/GoDoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2025-05-20 04:42:33 +02:00
Code Issues Projects Releases Packages Wiki Activity Actions

fix OIDC not working when ISSUE_URL points to GoDoxy itself

Browse source
This commit is contained in:
yusing 2025-01-30 10:39:26 +08:00
parent bf7f6e99c5
commit 98443be80c
3 changed files with 45 additions and 4 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

9
cmd/main.go
View file

@ -127,11 +127,18 @@ func main() {
return return
} }
cfg.Start(&config.StartServersOptions{
Proxy: true,
Metrics: true,
})
if err := auth.Initialize(); err != nil { if err := auth.Initialize(); err != nil {
logging.Fatal().Err(err).Msg("failed to initialize authentication") logging.Fatal().Err(err).Msg("failed to initialize authentication")
} }
// API Handler needs to start after auth is initialized.
cfg.StartServers(&config.StartServersOptions{
API: true,
})
cfg.Start()
config.WatchChanges() config.WatchChanges()
sig := make(chan os.Signal, 1) sig := make(chan os.Signal, 1)

6
internal/config/config.go
View file

@ -150,10 +150,10 @@ func (cfg *Config) Context() context.Context {
return cfg.task.Context() return cfg.task.Context()
} }
func (cfg *Config) Start() { func (cfg *Config) Start(opts ...*StartServersOptions) {
cfg.StartAutoCert() cfg.StartAutoCert()
cfg.StartProxyProviders() cfg.StartProxyProviders()
cfg.StartServers() cfg.StartServers(opts...)
} }
func (cfg *Config) StartAutoCert() { func (cfg *Config) StartAutoCert() {
@ -187,7 +187,7 @@ type StartServersOptions struct {
func (cfg *Config) StartServers(opts ...*StartServersOptions) { func (cfg *Config) StartServers(opts ...*StartServersOptions) {
if len(opts) == 0 { if len(opts) == 0 {
opts = append(opts, &StartServersOptions{Proxy: true, API: true, Metrics: true}) opts = append(opts, &StartServersOptions{})
} }
opt := opts[0] opt := opts[0]
if opt.Proxy { if opt.Proxy {

34
internal/net/http/middleware/oidc.go
View file

@ -2,6 +2,8 @@ package middleware
import ( import (
"net/http" "net/http"
"sync"
"sync/atomic"
"github.com/yusing/go-proxy/internal/api/v1/auth" "github.com/yusing/go-proxy/internal/api/v1/auth"
E "github.com/yusing/go-proxy/internal/error" E "github.com/yusing/go-proxy/internal/error"
@ -13,6 +15,9 @@ type oidcMiddleware struct {
auth auth.Provider auth auth.Provider
authMux *http.ServeMux authMux *http.ServeMux
isInitialized int32
initMu sync.Mutex
} }
var OIDC = NewMiddleware[oidcMiddleware]() var OIDC = NewMiddleware[oidcMiddleware]()
@ -21,6 +26,29 @@ func (amw *oidcMiddleware) finalize() error {
if !auth.IsOIDCEnabled() { if !auth.IsOIDCEnabled() {
return E.New("OIDC not enabled but OIDC middleware is used") return E.New("OIDC not enabled but OIDC middleware is used")
} }
return nil
}
func (amw *oidcMiddleware) init() error {
if atomic.LoadInt32(&amw.isInitialized) == 1 {
return nil
}
return amw.initSlow()
}
func (amw *oidcMiddleware) initSlow() error {
amw.initMu.Lock()
if amw.isInitialized == 1 {
amw.initMu.Unlock()
return nil
}
defer func() {
amw.isInitialized = 1
amw.initMu.Unlock()
}()
authProvider, err := auth.NewOIDCProviderFromEnv() authProvider, err := auth.NewOIDCProviderFromEnv()
if err != nil { if err != nil {
return err return err
@ -45,6 +73,12 @@ func (amw *oidcMiddleware) finalize() error {
} }
func (amw *oidcMiddleware) before(w http.ResponseWriter, r *http.Request) (proceed bool) { func (amw *oidcMiddleware) before(w http.ResponseWriter, r *http.Request) (proceed bool) {
if err := amw.init(); err != nil {
// no need to log here, main OIDC may already failed and logged
http.Error(w, err.Error(), http.StatusInternalServerError)
return false
}
if err := amw.auth.CheckToken(r); err != nil { if err := amw.auth.CheckToken(r); err != nil {
amw.authMux.ServeHTTP(w, r) amw.authMux.ServeHTTP(w, r)
return false return false