Skip to content
Snippets Groups Projects
Commit bfe20b84 authored by Rohith Jayawardene's avatar Rohith Jayawardene Committed by GitHub
Browse files

Abort On Request (#205)

- aborting on the requests to /oauth/
parent de270d18
No related branches found
No related tags found
No related merge requests found
...@@ -247,10 +247,6 @@ func TestAuthorizationURL(t *testing.T) { ...@@ -247,10 +247,6 @@ func TestAuthorizationURL(t *testing.T) {
ExpectedURL string ExpectedURL string
ExpectedCode int ExpectedCode int
}{ }{
{
URL: "/",
ExpectedCode: http.StatusOK,
},
{ {
URL: "/admin", URL: "/admin",
ExpectedURL: "/oauth/authorize?state=L2FkbWlu", ExpectedURL: "/oauth/authorize?state=L2FkbWlu",
...@@ -271,11 +267,20 @@ func TestAuthorizationURL(t *testing.T) { ...@@ -271,11 +267,20 @@ func TestAuthorizationURL(t *testing.T) {
ExpectedURL: "/oauth/authorize?state=L2FkbWluP3Rlc3Q9eWVzJnRlc3QxPXRlc3Q=", ExpectedURL: "/oauth/authorize?state=L2FkbWluP3Rlc3Q9eWVzJnRlc3QxPXRlc3Q=",
ExpectedCode: http.StatusTemporaryRedirect, ExpectedCode: http.StatusTemporaryRedirect,
}, },
{
URL: "/oauth/test",
ExpectedCode: http.StatusNotFound,
},
{
URL: "/oauth/callback/..//test",
ExpectedCode: http.StatusNotFound,
},
} }
for i, x := range cs { for i, x := range cs {
resp, _ := client.Get(u + x.URL) resp, _ := client.Get(u + x.URL)
assert.Equal(t, x.ExpectedCode, resp.StatusCode, "case %d, expect: %v, got: %s", i, x.ExpectedCode, resp.StatusCode) assert.Equal(t, x.ExpectedCode, resp.StatusCode, "case %d, expect: %v, got: %s", i, x.ExpectedCode, resp.StatusCode)
assert.Equal(t, x.ExpectedURL, resp.Header.Get("Location"), "case %d, expect: %v, got: %s", i, x.ExpectedURL, resp.Header.Get("Location")) assert.Equal(t, x.ExpectedURL, resp.Header.Get("Location"), "case %d, expect: %v, got: %s", i, x.ExpectedURL, resp.Header.Get("Location"))
assert.Empty(t, resp.Header.Get(testProxyAccepted))
} }
} }
......
...@@ -96,6 +96,7 @@ func (r *oauthProxy) entrypointMiddleware() gin.HandlerFunc { ...@@ -96,6 +96,7 @@ func (r *oauthProxy) entrypointMiddleware() gin.HandlerFunc {
return func(cx *gin.Context) { return func(cx *gin.Context) {
// step: we can skip if under oauth prefix // step: we can skip if under oauth prefix
if strings.HasPrefix(cx.Request.URL.Path, oauthURL) { if strings.HasPrefix(cx.Request.URL.Path, oauthURL) {
cx.Abort()
return return
} }
......
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please register or to comment