Add option to preserve request method in forwardAuth

2025-01-23 18:58:04 +05:30 · 2025-01-23 18:58:04 +05:30 · 2afa03b55c
commit 2afa03b55c
parent 2b6a04bc1d
15 changed files with 139 additions and 5 deletions
--- a/docs/content/middlewares/http/forwardauth.md
+++ b/docs/content/middlewares/http/forwardauth.md
@ -746,5 +746,45 @@ http:
  preserveLocationHeader = true
 ```

+### `preserveRequestMethod`
+
+_Optional, Default=false_
+
+`preserveRequestMethod` defines whether to preserve the original request method while forwarding the request to the authentication server. By default, when this option is set to `false`, incoming requests are always forwarded as `GET` requests to the authentication server.
+
+```yaml tab="Docker & Swarm"
+labels:
+  - "traefik.http.middlewares.test-auth.forwardauth.preserveRequestMethod=true"
+```
+
+```yaml tab="Kubernetes"
+apiVersion: traefik.io/v1alpha1
+kind: Middleware
+metadata:
+  name: test-auth
+spec:
+  forwardAuth:
+    # ...
+    preserveRequestMethod: true
+```
+
+```json tab="Consul Catalog"
+- "traefik.http.middlewares.test-auth.forwardauth.preserveRequestMethod=true"
+```
+
+```yaml tab="File (YAML)"
+http:
+  middlewares:
+    test-auth:
+      forwardAuth:
+        # ...
+        preserveRequestMethod: true
+```
+
+```toml tab="File (TOML)"
+[http.middlewares.test-auth.forwardAuth]
+  # ...
+  preserveRequestMethod = true
+```

 {!traefik-for-business-applications.md!}
--- a/docs/content/reference/dynamic-configuration/docker-labels.yml
+++ b/docs/content/reference/dynamic-configuration/docker-labels.yml
@ -42,6 +42,7 @@
 - "traefik.http.middlewares.middleware10.forwardauth.headerfield=foobar"
 - "traefik.http.middlewares.middleware10.forwardauth.maxbodysize=42"
 - "traefik.http.middlewares.middleware10.forwardauth.preservelocationheader=true"
+- "traefik.http.middlewares.middleware10.forwardauth.preserverequestmethod=true"
 - "traefik.http.middlewares.middleware10.forwardauth.tls.ca=foobar"
 - "traefik.http.middlewares.middleware10.forwardauth.tls.caoptional=true"
 - "traefik.http.middlewares.middleware10.forwardauth.tls.cert=foobar"
--- a/docs/content/reference/dynamic-configuration/file.toml
+++ b/docs/content/reference/dynamic-configuration/file.toml
@ -185,6 +185,7 @@
        forwardBody = true
        maxBodySize = 42
        preserveLocationHeader = true
+        preserveRequestMethod = true
        [http.middlewares.Middleware10.forwardAuth.tls]
          ca = "foobar"
          cert = "foobar"
--- a/docs/content/reference/dynamic-configuration/file.yaml
+++ b/docs/content/reference/dynamic-configuration/file.yaml
@ -212,6 +212,7 @@ http:
        forwardBody: true
        maxBodySize: 42
        preserveLocationHeader: true
+        preserveRequestMethod: true
    Middleware11:
      grpcWeb:
        allowOrigins:
--- a/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
+++ b/docs/content/reference/dynamic-configuration/kubernetes-crd-definition-v1.yml
@ -1248,6 +1248,11 @@ spec:
                      the Location header to the client as is or prefix it with the
                      domain name of the authentication server.
                    type: boolean
+                  preserveRequestMethod:
+                    description: PreserveRequestMethod defines whether to preserve
+                      the original request method while forwarding the request to
+                      the authentication server.
+                    type: boolean
                  tls:
                    description: TLS defines the configuration used to secure the
                      connection to the authentication server.
--- a/docs/content/reference/dynamic-configuration/kv-ref.md
+++ b/docs/content/reference/dynamic-configuration/kv-ref.md
@ -52,6 +52,7 @@ THIS FILE MUST NOT BE EDITED BY HAND
 | `traefik/http/middlewares/Middleware10/forwardAuth/headerField` | `foobar` |
 | `traefik/http/middlewares/Middleware10/forwardAuth/maxBodySize` | `42` |
 | `traefik/http/middlewares/Middleware10/forwardAuth/preserveLocationHeader` | `true` |
+| `traefik/http/middlewares/Middleware10/forwardAuth/preserveRequestMethod` | `true` |
 | `traefik/http/middlewares/Middleware10/forwardAuth/tls/ca` | `foobar` |
 | `traefik/http/middlewares/Middleware10/forwardAuth/tls/caOptional` | `true` |
 | `traefik/http/middlewares/Middleware10/forwardAuth/tls/cert` | `foobar` |
--- a/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml
+++ b/docs/content/reference/dynamic-configuration/traefik.io_middlewares.yaml
@ -506,6 +506,11 @@ spec:
                      the Location header to the client as is or prefix it with the
                      domain name of the authentication server.
                    type: boolean
+                  preserveRequestMethod:
+                    description: PreserveRequestMethod defines whether to preserve
+                      the original request method while forwarding the request to
+                      the authentication server.
+                    type: boolean
                  tls:
                    description: TLS defines the configuration used to secure the
                      connection to the authentication server.