Commit bfe20b84 authored by Rohith Jayawardene's avatar Rohith Jayawardene Committed by GitHub
Browse files

Abort On Request (#205)

- aborting on the requests to /oauth/
parent de270d18
......@@ -247,10 +247,6 @@ func TestAuthorizationURL(t *testing.T) {
ExpectedURL string
ExpectedCode int
}{
{
URL: "/",
ExpectedCode: http.StatusOK,
},
{
URL: "/admin",
ExpectedURL: "/oauth/authorize?state=L2FkbWlu",
......@@ -271,11 +267,20 @@ func TestAuthorizationURL(t *testing.T) {
ExpectedURL: "/oauth/authorize?state=L2FkbWluP3Rlc3Q9eWVzJnRlc3QxPXRlc3Q=",
ExpectedCode: http.StatusTemporaryRedirect,
},
{
URL: "/oauth/test",
ExpectedCode: http.StatusNotFound,
},
{
URL: "/oauth/callback/..//test",
ExpectedCode: http.StatusNotFound,
},
}
for i, x := range cs {
resp, _ := client.Get(u + x.URL)
assert.Equal(t, x.ExpectedCode, resp.StatusCode, "case %d, expect: %v, got: %s", i, x.ExpectedCode, resp.StatusCode)
assert.Equal(t, x.ExpectedURL, resp.Header.Get("Location"), "case %d, expect: %v, got: %s", i, x.ExpectedURL, resp.Header.Get("Location"))
assert.Empty(t, resp.Header.Get(testProxyAccepted))
}
}
......
......@@ -96,6 +96,7 @@ func (r *oauthProxy) entrypointMiddleware() gin.HandlerFunc {
return func(cx *gin.Context) {
// step: we can skip if under oauth prefix
if strings.HasPrefix(cx.Request.URL.Path, oauthURL) {
cx.Abort()
return
}
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment