user-configured redirect URL clobbered in oauthproxy.go #9
Comments
|
This is now fixed since #10 has been merged |
|
Awesome, thanks. For planning/adoption purposes, might I ask how soon we could expect to see a new Release available with this fix? |
|
There are a couple of PRs open for optimizations and bug fixes that I would like to get merged before we make a new release, hopefully this should be within the next couple of weeks |
|
@JoelSpeed I went ahead and tested this change today and the behavior isn't what I expected. I thought this change would update oauth2_proxy so that it would simply hand out whatever redirect-url was configured. I expected this would allow me to configure oauth2_proxy with a redirect url independent of the proxyPrefix used for internal routing. For example, I am running oauth2_proxy with the default proxy path... receiving all traffic under the But in testing and then looking at the code more closely, this change affects both the path the oauth2_proxy gives out during the oauth dance and it also updates the internal path routing within the proxy itself... So the external path and internal routing are still forced to match. In my example, oauth2_proxy would hand out the path So it feels like we've ended up in a state where we have a proxy-path for only one route? Is this the expected behavior? |
|
Looking at the PR (https://github.com/pusher/oauth2_proxy/pull/10/files), I feel like the change to oauthproxy.go lines 186-188 are good because they fix the proxy to hand out whatever redirect-url was configured. But the change to oauthproxy.go line 223 is incorrect; that line should have been kept the same to keep oauth2_proxy's internal routing consistent based on the proxy path. |
|
@dt-rush Please see my comments above. What do you think? |
|
@JoelSpeed Can we re-open this issue? I really think that the PR which was merged is badly flawed. |
|
I suggest opening a PR with your suggested adjustment, and having further discussion there. |
don't use the redirect-url option path part as the callback handler path, use the normal oauth2_proxy prefix for that follow-up to 1ed776b inspired by oauth2-proxy/oauth2-proxy#9 (comment)
|
@Ghazgkull Please open a PR with your suggested change as @ploxiln has suggested and I will take a look |
|
@ploxiln @JoelSpeed Oh. Derp. I just opened PR 99, but I see you guys already made the change. Cheers. |
|
nope, sorry to cause confusion, that was related to my fork, which has diverged, the fix is not in this repo |
|
@ploxiln @Ghazgkull could you take a look at #101 and verify that this is the change we need to make here? |
Merge pull request oauth2-proxy#8 from Webjet/add_kubecfgapi
see line 155 of oauthproxy.go (link)
We literally overwrite whatever the value is with
fmt.Sprintf("%s/callback", opts.ProxyPrefix)even if the user provided a redirect URL they want to use.I have a PR for this which I tested and confirmed to resolve the issue. Will link.
The text was updated successfully, but these errors were encountered: