Closed andrewkroh closed 7 months ago
The response sent to the client is receiving the X-Forwarded-User header, but it should be passed to the downstream service so that it can know the user.
X-Forwarded-User
https://github.com/andrewkroh/google-oidc-auth-middleware/blob/11cd35bece7812ed12ec2eac38be7d39727c0fd0/oidc.go#L178
diff --git a/oidc.go b/oidc.go index fb8fe6f..3fd8e2c 100644 --- a/oidc.go +++ b/oidc.go @@ -175,7 +175,7 @@ func (h *cookieAuthzHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) { if isAuthorized(ac.Email, ac.Domain, h.allowEmails, h.allowDomains) { h.debug.Printf("Received authorized request from user=%s of domain=%s at addr=%s for path=%s", ac.Email, ac.Domain, r.RemoteAddr, r.URL.Path) - w.Header().Set("X-Forwarded-User", ac.Email) + r.Header.Set("X-Forwarded-User", ac.Email) h.next.ServeHTTP(w, r) return } else {
The response sent to the client is receiving the
X-Forwarded-Userheader, but it should be passed to the downstream service so that it can know the user.https://github.com/andrewkroh/google-oidc-auth-middleware/blob/11cd35bece7812ed12ec2eac38be7d39727c0fd0/oidc.go#L178