jiazhizhong/higress
1
0
Fork 0
mirror of https://github.com/alibaba/higress.git synced 2026-03-08 10:40:48 +08:00
Code Issues Packages Projects Releases Wiki Activity

use the body returned by the ext auth server when auth fails (#1510)

Browse Source
This commit is contained in:
澄潭
2024-11-14 18:50:33 +08:00
committed by GitHub
parent ebc5b2987e
commit f2a5df3949
2 changed files with 6 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
plugins/wasm-go/extensions/ext-auth/main.go
View File

@@ -120,7 +120,7 @@ func checkExtAuth(ctx wrapper.HttpContext, config ExtAuthConfig, body []byte, lo
defer proxywasm.ResumeHttpRequest()
if statusCode != http.StatusOK {
log.Errorf("failed to call ext auth server, status: %d", statusCode)
callExtAuthServerErrorHandler(config, statusCode, responseHeaders)
callExtAuthServerErrorHandler(config, statusCode, responseHeaders, responseBody)
return
}
@@ -137,13 +137,13 @@ func checkExtAuth(ctx wrapper.HttpContext, config ExtAuthConfig, body []byte, lo
if err != nil {
log.Errorf("failed to call ext auth server: %v", err)
// Since the handling logic for call errors and HTTP status code 500 is the same, we directly use 500 here.
callExtAuthServerErrorHandler(config, http.StatusInternalServerError, nil)
callExtAuthServerErrorHandler(config, http.StatusInternalServerError, nil, nil)
return types.ActionContinue
}
return pauseAction
}
func callExtAuthServerErrorHandler(config ExtAuthConfig, statusCode int, extAuthRespHeaders http.Header) {
func callExtAuthServerErrorHandler(config ExtAuthConfig, statusCode int, extAuthRespHeaders http.Header, responseBody []byte) {
if statusCode >= http.StatusInternalServerError && config.failureModeAllow {
if config.failureModeAllowHeaderAdd {
_ = proxywasm.ReplaceHttpRequestHeader(HeaderFailureModeAllow, "true")
@@ -167,5 +167,5 @@ func callExtAuthServerErrorHandler(config ExtAuthConfig, statusCode int, extAuth
if statusCode >= http.StatusInternalServerError {
statusToUse = int(config.statusOnError)
}
_ = sendResponse(uint32(statusToUse), "ext-auth.unauthorized", respHeaders)
_ = sendResponse(uint32(statusToUse), "ext-auth.unauthorized", respHeaders, responseBody)
}

4
plugins/wasm-go/extensions/ext-auth/utils.go
View File

@@ -8,8 +8,8 @@ import (
"github.com/higress-group/proxy-wasm-go-sdk/proxywasm"
)
func sendResponse(statusCode uint32, statusCodeDetailData string, headers http.Header) error {
return proxywasm.SendHttpResponseWithDetail(statusCode, statusCodeDetailData, reconvertHeaders(headers), nil, -1)
func sendResponse(statusCode uint32, statusCodeDetailData string, headers http.Header, body []byte) error {
return proxywasm.SendHttpResponseWithDetail(statusCode, statusCodeDetailData, reconvertHeaders(headers), body, -1)
}
func reconvertHeaders(headers http.Header) [][2]string {