repo-mirrors/traefik-github-oauth-plugin
1
0
Fork 0
mirror of https://github.com/MuXiu1997/traefik-github-oauth-plugin synced 2025-12-17 18:31:27 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: set no cache headers

Browse Source
This commit is contained in:
MuXiu1997
2023-02-04 19:09:00 +08:00
parent 3c01f5c4fa
commit 316878f0d3
3 changed files with 21 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/app/traefik-github-oauth-server/router/oauth.go
View File

@@ -23,6 +23,7 @@ var (
func generateOAuthPageURL(app *server.App) gin.HandlerFunc {
return func(c *gin.Context) {
setNoCacheHeaders(c)
body := model.RequestGenerateOAuthPageURL{}
err := c.ShouldBindJSON(&body)
if err != nil {
@@ -69,6 +70,7 @@ func generateOAuthPageURL(app *server.App) gin.HandlerFunc {
func redirect(app *server.App) gin.HandlerFunc {
return func(c *gin.Context) {
setNoCacheHeaders(c)
query := model.RequestRedirect{}
err := c.BindQuery(&query)
if err != nil {
@@ -120,6 +122,7 @@ func redirect(app *server.App) gin.HandlerFunc {
func getAuthResult(app *server.App) gin.HandlerFunc {
return func(c *gin.Context) {
setNoCacheHeaders(c)
query := model.RequestGetAuthResult{}
err := c.ShouldBindQuery(&query)
if err != nil {
@@ -181,3 +184,9 @@ func buildRedirectURI(apiBaseUrl, rid string) (string, error) {
redirectURI.RawQuery = redirectURLQuery.Encode()
return redirectURI.String(), nil
}
func setNoCacheHeaders(c *gin.Context) {
c.Header(constant.HTTP_HEADER_CACHE_CONTROL, "no-cache, no-store, must-revalidate, private")
c.Header(constant.HTTP_HEADER_PRAGMA, "no-cache")
c.Header(constant.HTTP_HEADER_EXPIRES, "0")
}

3
internal/pkg/constant/constant.go
View File

@@ -15,6 +15,9 @@ const (
QUERY_KEY_REQUEST_ID = "rid"
HTTP_HEADER_AUTHORIZATION = "Authorization"
HTTP_HEADER_CACHE_CONTROL = "Cache-Control"
HTTP_HEADER_PRAGMA = "Pragma"
HTTP_HEADER_EXPIRES = "Expires"
AUTHORIZATION_PREFIX_TOKEN = "token"
)

9
middleware_plugin.go
View File

@@ -135,6 +135,7 @@ func (p *TraefikGithubOauthMiddleware) handleRequest(rw http.ResponseWriter, req
return
}
if !p.whitelistIdSet.Has(user.Id) && !p.whitelistLoginSet.Has(user.Login) {
setNoCacheHeaders(rw)
http.Error(rw, "not in whitelist", http.StatusForbidden)
return
}
@@ -143,6 +144,7 @@ func (p *TraefikGithubOauthMiddleware) handleRequest(rw http.ResponseWriter, req
// handleAuthRequest
func (p *TraefikGithubOauthMiddleware) handleAuthRequest(rw http.ResponseWriter, req *http.Request) {
setNoCacheHeaders(rw)
rid := req.URL.Query().Get(constant.QUERY_KEY_REQUEST_ID)
result, err := p.getAuthResult(rid)
if err != nil {
@@ -165,6 +167,7 @@ func (p *TraefikGithubOauthMiddleware) handleAuthRequest(rw http.ResponseWriter,
}
func (p *TraefikGithubOauthMiddleware) redirectToOAuthPage(rw http.ResponseWriter, req *http.Request) {
setNoCacheHeaders(rw)
oAuthPageURL, err := p.generateOAuthPageURL(getRawRequestUrl(req), p.getAuthURL(req))
if err != nil {
p.logger.Debugf("redirectToOAuthPage: generateOAuthPageURL: %s\n", err.Error())
@@ -243,6 +246,12 @@ func (p *TraefikGithubOauthMiddleware) getAuthURL(originalReq *http.Request) str
return builder.String()
}
func setNoCacheHeaders(rw http.ResponseWriter) {
rw.Header().Set(constant.HTTP_HEADER_CACHE_CONTROL, "no-cache, no-store, must-revalidate, private")
rw.Header().Set(constant.HTTP_HEADER_PRAGMA, "no-cache")
rw.Header().Set(constant.HTTP_HEADER_EXPIRES, "0")
}
func getRawRequestUrl(originalReq *http.Request) string {
var builder strings.Builder
scheme := "http"