Forward Proxy-Authorization header to authentication server

2021-01-21 18:34:04 +01:00 · 2021-01-21 18:34:04 +01:00 · f0d78471af
commit f0d78471af
parent a90b2a672e
2 changed files with 24 additions and 8 deletions
--- a/pkg/middlewares/auth/forward_test.go
+++ b/pkg/middlewares/auth/forward_test.go
@ -26,6 +26,7 @@ func TestForwardAuthFail(t *testing.T) {
 	})

 	server := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		w.Header().Set(forward.ProxyAuthenticate, "test")
 		http.Error(w, "Forbidden", http.StatusForbidden)
 	}))
 	t.Cleanup(server.Close)
@ -48,6 +49,7 @@ func TestForwardAuthFail(t *testing.T) {
 	err = res.Body.Close()
 	require.NoError(t, err)

+	assert.Equal(t, "test", res.Header.Get(forward.ProxyAuthenticate))
 	assert.Equal(t, "Forbidden\n", string(body))
 }

@ -142,7 +144,7 @@ func TestForwardAuthRedirect(t *testing.T) {
 func TestForwardAuthRemoveHopByHopHeaders(t *testing.T) {
 	authTs := httptest.NewServer(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 		headers := w.Header()
-		for _, header := range forward.HopHeaders {
+		for _, header := range hopHeaders {
 			if header == forward.TransferEncoding {
 				headers.Set(header, "chunked")
 			} else {
@ -367,11 +369,13 @@ func Test_writeHeader(t *testing.T) {
 			},
 			trustForwardHeader: false,
 			expectedHeaders: map[string]string{
-				"X-CustomHeader":     "CustomHeader",
-				"X-Forwarded-Proto":  "http",
-				"X-Forwarded-Host":   "foo.bar",
-				"X-Forwarded-Uri":    "/path?q=1",
-				"X-Forwarded-Method": "GET",
+				"X-CustomHeader":           "CustomHeader",
+				"X-Forwarded-Proto":        "http",
+				"X-Forwarded-Host":         "foo.bar",
+				"X-Forwarded-Uri":          "/path?q=1",
+				"X-Forwarded-Method":       "GET",
+				forward.ProxyAuthenticate:  "ProxyAuthenticate",
+				forward.ProxyAuthorization: "ProxyAuthorization",
 			},
 			checkForUnexpectedHeaders: true,
 		},