starred/godoxy
1
0
Fork 0
mirror of https://github.com/yusing/godoxy.git synced 2026-04-25 10:18:59 +02:00
Code Issues 18 Packages Projects Releases 10 Wiki Activity

fix(oidc): correct behavior when working with bypass rules

Browse Source 
- Introduced a new handler for unknown paths in the OIDCProvider to prevent fallback to the default login page.
- Forced OIDC middleware to treat unknown path as logic path to redirect to login property when bypass rules is declared.
- Refactored OIDC path constants.
- Updated checkBypass middleware to enforce path prefixes for bypass rules, ensuring proper request handling.
This commit is contained in:
yusing
2025-11-13 15:13:20 +08:00
parent f6dcc8f118
commit 219eedf3c5
3 changed files with 49 additions and 7 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/net/gphttp/middleware/oidc.go
View File

@@ -74,6 +74,11 @@ func (amw *oidcMiddleware) initSlow() error {
}
// If no custom credentials, authProvider remains the global one
// Always trigger login on unknown paths.
// This prevents falling back to the default login page, which applies bypass rules.
// Without this, redirecting to the global login page could circumvent the intended route restrictions.
authProvider.SetOnUnknownPathHandler(authProvider.LoginHandler)
// Apply per-route user/group restrictions (these always override global)
if len(amw.AllowedUsers) > 0 {
authProvider.SetAllowedUsers(amw.AllowedUsers)