Skip to content

Commit d8b34ef

Browse files
andrewheberleandrewheberle
committed
Seperate out authflow process
1 parent 3cda54b commit d8b34ef

File tree

1 file changed

+34
-29
lines changed

1 file changed

+34
-29
lines changed

pkg/sp/sp.go

Lines changed: 34 additions & 29 deletions
Original file line numberDiff line numberDiff line change
@@ -151,35 +151,8 @@ func (s *ServiceProvider) ForwardAuthHandler(w http.ResponseWriter, r *http.Requ
151151
"uri", r.Header.Get("X-Forwarded-URI"),
152152
"host", r.Header.Get("X-Forwarded-Host"))
153153

154-
// create new request reader and writer
155-
req, err := http.NewRequest(r.Header.Get("X-Forwarded-Method"), fmt.Sprintf("%s://%s%s", r.Header.Get("X-Forwarded-Proto"), r.Header.Get("X-Forwarded-Host"), r.Header.Get("X-Forwarded-URI")), nil)
156-
if err != nil {
157-
w.WriteHeader(http.StatusInternalServerError)
158-
slog.Error("error building request", "err", err)
159-
return
160-
}
161-
rr := httptest.NewRecorder()
162-
163-
// use current headers
164-
req.Header = r.Header
165-
slog.Debug("new request", "headers", req.Header)
166-
167-
// start auth flow
168-
s.mw.HandleStartAuthFlow(rr, req)
169-
170-
// transfer headers to response
171-
for header, v := range rr.Result().Header {
172-
for _, item := range v {
173-
if header == "Set-Cookie" {
174-
// add Domain to cookie if not set
175-
if !strings.Contains(item, "Domain=") {
176-
item = item + "; Domain=" + s.mw.Session.(samlsp.CookieSessionProvider).Domain
177-
}
178-
}
179-
w.Header().Add(header, item)
180-
}
181-
}
182-
w.WriteHeader(rr.Code)
154+
// do start of saml auth process to return redirect
155+
s.doAuthFlow(w, r)
183156

184157
slog.Debug("response", "headers", w.Header().Clone())
185158
return
@@ -331,6 +304,38 @@ func NewMux(s *ServiceProvider) *http.ServeMux {
331304
return mux
332305
}
333306

307+
func (s *ServiceProvider) doAuthFlow(w http.ResponseWriter, r *http.Request) {
308+
// create new request reader and writer
309+
req, err := http.NewRequest(r.Header.Get("X-Forwarded-Method"), fmt.Sprintf("%s://%s%s", r.Header.Get("X-Forwarded-Proto"), r.Header.Get("X-Forwarded-Host"), r.Header.Get("X-Forwarded-URI")), nil)
310+
if err != nil {
311+
w.WriteHeader(http.StatusInternalServerError)
312+
slog.Error("error building request", "err", err)
313+
return
314+
}
315+
rr := httptest.NewRecorder()
316+
317+
// use current headers
318+
req.Header = r.Header
319+
slog.Debug("new request", "headers", req.Header)
320+
321+
// start auth flow
322+
s.mw.HandleStartAuthFlow(rr, req)
323+
324+
// transfer headers to response
325+
for header, v := range rr.Result().Header {
326+
for _, item := range v {
327+
if header == "Set-Cookie" {
328+
// add Domain to cookie if not set
329+
if !strings.Contains(item, "Domain=") {
330+
item = item + "; Domain=" + s.mw.Session.(samlsp.CookieSessionProvider).Domain
331+
}
332+
}
333+
w.Header().Add(header, item)
334+
}
335+
}
336+
w.WriteHeader(rr.Code)
337+
}
338+
334339
func (s *ServiceProvider) checkHeaders(r *http.Request) error {
335340
missing := make([]string, 0)
336341

0 commit comments

Comments
 (0)