diff --git a/doc.go b/doc.go index 548b6b52c63e1c458caa783c8750f37eb2824741..f7a7c75891694d0eca84f88ab7710ad263d42510 100644 --- a/doc.go +++ b/doc.go @@ -143,6 +143,8 @@ type Resource struct { Methods []string `json:"methods" yaml:"methods"` // WhiteListed permits the prefix through WhiteListed bool `json:"white-listed" yaml:"white-listed"` + // WhiteListed permits the prefix through + OptionalLogin bool `json:"optional-login" yaml:"optional-login"` // RequireAnyRole indicates that ANY of the roles are required, the default is all RequireAnyRole bool `json:"require-any-role" yaml:"require-any-role"` // Roles the roles required to access this url diff --git a/server.go b/server.go index 9f1ba00d0891e6a4e084465704c3d1e149bbf151..2ff7ce1d0d6e6aa0e0ab10830954ddbc119f1a01 100644 --- a/server.go +++ b/server.go @@ -264,14 +264,16 @@ func (r *oauthProxy) createReverseProxy() error { r.admissionMiddleware(false, x), r.identityHeadersMiddleware(r.config.AddClaims)) - w := engine.With( + o := engine.With( r.authenticationMiddleware(true), r.admissionMiddleware(true, x), r.identityHeadersMiddleware(r.config.AddClaims)) for _, m := range x.Methods { - if x.WhiteListed { - w.MethodFunc(m, x.URL, emptyHandler) + if x.OptionalLogin { + o.MethodFunc(m, x.URL, emptyHandler) + } else if x.WhiteListed { + engine.MethodFunc(m, x.URL, emptyHandler) } else { e.MethodFunc(m, x.URL, emptyHandler) }