summaryrefslogtreecommitdiff
path: root/internal/handlers/handler_authz_builder.go
diff options
context:
space:
mode:
Diffstat (limited to 'internal/handlers/handler_authz_builder.go')
-rw-r--r--internal/handlers/handler_authz_builder.go56
1 files changed, 13 insertions, 43 deletions
diff --git a/internal/handlers/handler_authz_builder.go b/internal/handlers/handler_authz_builder.go
index 98aa39215..dffa91b34 100644
--- a/internal/handlers/handler_authz_builder.go
+++ b/internal/handlers/handler_authz_builder.go
@@ -1,9 +1,10 @@
package handlers
import (
- "fmt"
"time"
+ "github.com/valyala/fasthttp"
+
"github.com/authelia/authelia/v4/internal/configuration/schema"
"github.com/authelia/authelia/v4/internal/utils"
)
@@ -22,31 +23,10 @@ func (b *AuthzBuilder) WithStrategies(strategies ...AuthnStrategy) *AuthzBuilder
return b
}
-// WithStrategyCookie adds the Cookie header strategy to the strategies in this builder.
-func (b *AuthzBuilder) WithStrategyCookie(refreshInterval time.Duration) *AuthzBuilder {
- b.strategies = append(b.strategies, NewCookieSessionAuthnStrategy(refreshInterval))
-
- return b
-}
-
-// WithStrategyAuthorization adds the Authorization header strategy to the strategies in this builder.
-func (b *AuthzBuilder) WithStrategyAuthorization() *AuthzBuilder {
- b.strategies = append(b.strategies, NewHeaderAuthorizationAuthnStrategy())
-
- return b
-}
-
-// WithStrategyProxyAuthorization adds the Proxy-Authorization header strategy to the strategies in this builder.
-func (b *AuthzBuilder) WithStrategyProxyAuthorization() *AuthzBuilder {
- b.strategies = append(b.strategies, NewHeaderProxyAuthorizationAuthnStrategy())
-
- return b
-}
-
// WithImplementationLegacy configures this builder to output an Authz which is used with the Legacy
// implementation which is a mix of the other implementations and usually works with most proxies.
func (b *AuthzBuilder) WithImplementationLegacy() *AuthzBuilder {
- b.impl = AuthzImplLegacy
+ b.implementation = AuthzImplLegacy
return b
}
@@ -54,7 +34,7 @@ func (b *AuthzBuilder) WithImplementationLegacy() *AuthzBuilder {
// WithImplementationForwardAuth configures this builder to output an Authz which is used with the ForwardAuth
// implementation traditionally used by Traefik, Caddy, and Skipper.
func (b *AuthzBuilder) WithImplementationForwardAuth() *AuthzBuilder {
- b.impl = AuthzImplForwardAuth
+ b.implementation = AuthzImplForwardAuth
return b
}
@@ -62,7 +42,7 @@ func (b *AuthzBuilder) WithImplementationForwardAuth() *AuthzBuilder {
// WithImplementationAuthRequest configures this builder to output an Authz which is used with the AuthRequest
// implementation traditionally used by NGINX.
func (b *AuthzBuilder) WithImplementationAuthRequest() *AuthzBuilder {
- b.impl = AuthzImplAuthRequest
+ b.implementation = AuthzImplAuthRequest
return b
}
@@ -70,7 +50,7 @@ func (b *AuthzBuilder) WithImplementationAuthRequest() *AuthzBuilder {
// WithImplementationExtAuthz configures this builder to output an Authz which is used with the ExtAuthz
// implementation traditionally used by Envoy.
func (b *AuthzBuilder) WithImplementationExtAuthz() *AuthzBuilder {
- b.impl = AuthzImplExtAuthz
+ b.implementation = AuthzImplExtAuthz
return b
}
@@ -95,12 +75,6 @@ func (b *AuthzBuilder) WithConfig(config *schema.Configuration) *AuthzBuilder {
b.config = AuthzConfig{
RefreshInterval: refreshInterval,
- Domains: []AuthzDomain{
- {
- Name: fmt.Sprintf(".%s", config.Session.Domain),
- PortalURL: nil,
- },
- },
}
return b
@@ -140,24 +114,19 @@ func (b *AuthzBuilder) WithEndpointConfig(config schema.ServerAuthzEndpoint) *Au
return b
}
-// WithAuthzConfig allows configuring the Authz config by providing a AuthzConfig directly. Recommended this is only
-// used in testing and WithConfig is used instead.
-func (b *AuthzBuilder) WithAuthzConfig(config AuthzConfig) *AuthzBuilder {
- b.config = config
-
- return b
-}
-
// Build returns a new Authz from the currently configured options in this builder.
func (b *AuthzBuilder) Build() (authz *Authz) {
authz = &Authz{
config: b.config,
strategies: b.strategies,
handleAuthorized: handleAuthzAuthorizedStandard,
+ implementation: b.implementation,
}
+ authz.config.StatusCodeBadRequest = fasthttp.StatusBadRequest
+
if len(authz.strategies) == 0 {
- switch b.impl {
+ switch b.implementation {
case AuthzImplLegacy:
authz.strategies = []AuthnStrategy{NewHeaderLegacyAuthnStrategy(), NewCookieSessionAuthnStrategy(b.config.RefreshInterval)}
case AuthzImplAuthRequest:
@@ -167,9 +136,9 @@ func (b *AuthzBuilder) Build() (authz *Authz) {
}
}
- switch b.impl {
+ switch b.implementation {
case AuthzImplLegacy:
- authz.legacy = true
+ authz.config.StatusCodeBadRequest = fasthttp.StatusUnauthorized
authz.handleGetObject = handleAuthzGetObjectLegacy
authz.handleUnauthorized = handleAuthzUnauthorizedLegacy
authz.handleGetAutheliaURL = handleAuthzPortalURLLegacy
@@ -180,6 +149,7 @@ func (b *AuthzBuilder) Build() (authz *Authz) {
case AuthzImplAuthRequest:
authz.handleGetObject = handleAuthzGetObjectAuthRequest
authz.handleUnauthorized = handleAuthzUnauthorizedAuthRequest
+ authz.handleGetAutheliaURL = handleAuthzPortalURLFromQuery
case AuthzImplExtAuthz:
authz.handleGetObject = handleAuthzGetObjectExtAuthz
authz.handleUnauthorized = handleAuthzUnauthorizedExtAuthz