fix(server): verify endpoint 405ing non-get/head reqs (#4607)
Fixes an issue specific to envoy that prevents the verify endpoint working with requests not using the GET or HEAD methods.pull/4608/head
James Elliott
GitHub
parent
45ea9efaa4
commit
3ba2eae20e
234
api/openapi.yml
234
api/openapi.yml
|
|
@ -175,6 +175,240 @@ paths:
|
|||
description: Unauthorized
|
||||
security:
|
||||
- authelia_auth: []
|
||||
options:
|
||||
tags:
|
||||
- Authentication
|
||||
summary: Verification
|
||||
description: >
|
||||
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||
domain.
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/originalURLParam'
|
||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||
- $ref: '#/components/parameters/authParam'
|
||||
responses:
|
||||
"200":
|
||||
description: Successful Operation
|
||||
headers:
|
||||
remote-user:
|
||||
description: Username
|
||||
schema:
|
||||
type: string
|
||||
example: john
|
||||
remote-name:
|
||||
description: Name
|
||||
schema:
|
||||
type: string
|
||||
example: John Doe
|
||||
remote-email:
|
||||
description: Email
|
||||
schema:
|
||||
type: string
|
||||
example: john.doe@authelia.com
|
||||
remote-groups:
|
||||
description: Comma separated list of Groups
|
||||
schema:
|
||||
type: string
|
||||
example: admin,devs
|
||||
"401":
|
||||
description: Unauthorized
|
||||
security:
|
||||
- authelia_auth: []
|
||||
post:
|
||||
tags:
|
||||
- Authentication
|
||||
summary: Verification
|
||||
description: >
|
||||
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||
domain.
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/originalURLParam'
|
||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||
- $ref: '#/components/parameters/authParam'
|
||||
responses:
|
||||
"200":
|
||||
description: Successful Operation
|
||||
headers:
|
||||
remote-user:
|
||||
description: Username
|
||||
schema:
|
||||
type: string
|
||||
example: john
|
||||
remote-name:
|
||||
description: Name
|
||||
schema:
|
||||
type: string
|
||||
example: John Doe
|
||||
remote-email:
|
||||
description: Email
|
||||
schema:
|
||||
type: string
|
||||
example: john.doe@authelia.com
|
||||
remote-groups:
|
||||
description: Comma separated list of Groups
|
||||
schema:
|
||||
type: string
|
||||
example: admin,devs
|
||||
"401":
|
||||
description: Unauthorized
|
||||
security:
|
||||
- authelia_auth: []
|
||||
put:
|
||||
tags:
|
||||
- Authentication
|
||||
summary: Verification
|
||||
description: >
|
||||
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||
domain.
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/originalURLParam'
|
||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||
- $ref: '#/components/parameters/authParam'
|
||||
responses:
|
||||
"200":
|
||||
description: Successful Operation
|
||||
headers:
|
||||
remote-user:
|
||||
description: Username
|
||||
schema:
|
||||
type: string
|
||||
example: john
|
||||
remote-name:
|
||||
description: Name
|
||||
schema:
|
||||
type: string
|
||||
example: John Doe
|
||||
remote-email:
|
||||
description: Email
|
||||
schema:
|
||||
type: string
|
||||
example: john.doe@authelia.com
|
||||
remote-groups:
|
||||
description: Comma separated list of Groups
|
||||
schema:
|
||||
type: string
|
||||
example: admin,devs
|
||||
"401":
|
||||
description: Unauthorized
|
||||
security:
|
||||
- authelia_auth: []
|
||||
patch:
|
||||
tags:
|
||||
- Authentication
|
||||
summary: Verification
|
||||
description: >
|
||||
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||
domain.
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/originalURLParam'
|
||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||
- $ref: '#/components/parameters/authParam'
|
||||
responses:
|
||||
"200":
|
||||
description: Successful Operation
|
||||
headers:
|
||||
remote-user:
|
||||
description: Username
|
||||
schema:
|
||||
type: string
|
||||
example: john
|
||||
remote-name:
|
||||
description: Name
|
||||
schema:
|
||||
type: string
|
||||
example: John Doe
|
||||
remote-email:
|
||||
description: Email
|
||||
schema:
|
||||
type: string
|
||||
example: john.doe@authelia.com
|
||||
remote-groups:
|
||||
description: Comma separated list of Groups
|
||||
schema:
|
||||
type: string
|
||||
example: admin,devs
|
||||
"401":
|
||||
description: Unauthorized
|
||||
security:
|
||||
- authelia_auth: []
|
||||
delete:
|
||||
tags:
|
||||
- Authentication
|
||||
summary: Verification
|
||||
description: >
|
||||
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||
domain.
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/originalURLParam'
|
||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||
- $ref: '#/components/parameters/authParam'
|
||||
responses:
|
||||
"200":
|
||||
description: Successful Operation
|
||||
headers:
|
||||
remote-user:
|
||||
description: Username
|
||||
schema:
|
||||
type: string
|
||||
example: john
|
||||
remote-name:
|
||||
description: Name
|
||||
schema:
|
||||
type: string
|
||||
example: John Doe
|
||||
remote-email:
|
||||
description: Email
|
||||
schema:
|
||||
type: string
|
||||
example: john.doe@authelia.com
|
||||
remote-groups:
|
||||
description: Comma separated list of Groups
|
||||
schema:
|
||||
type: string
|
||||
example: admin,devs
|
||||
"401":
|
||||
description: Unauthorized
|
||||
security:
|
||||
- authelia_auth: []
|
||||
trace:
|
||||
tags:
|
||||
- Authentication
|
||||
summary: Verification
|
||||
description: >
|
||||
The verify endpoint provides the ability to verify if a user has the necessary permissions to access a specified
|
||||
domain.
|
||||
parameters:
|
||||
- $ref: '#/components/parameters/originalURLParam'
|
||||
- $ref: '#/components/parameters/forwardedMethodParam'
|
||||
- $ref: '#/components/parameters/authParam'
|
||||
responses:
|
||||
"200":
|
||||
description: Successful Operation
|
||||
headers:
|
||||
remote-user:
|
||||
description: Username
|
||||
schema:
|
||||
type: string
|
||||
example: john
|
||||
remote-name:
|
||||
description: Name
|
||||
schema:
|
||||
type: string
|
||||
example: John Doe
|
||||
remote-email:
|
||||
description: Email
|
||||
schema:
|
||||
type: string
|
||||
example: john.doe@authelia.com
|
||||
remote-groups:
|
||||
description: Comma separated list of Groups
|
||||
schema:
|
||||
type: string
|
||||
example: admin,devs
|
||||
"401":
|
||||
description: Unauthorized
|
||||
security:
|
||||
- authelia_auth: []
|
||||
/api/firstfactor:
|
||||
post:
|
||||
tags:
|
||||
|
|
|
|||
|
|
@ -153,11 +153,8 @@ func handleRouter(config schema.Configuration, providers middlewares.Providers)
|
|||
|
||||
metricsVRMW := middlewares.NewMetricsVerifyRequest(providers.Metrics)
|
||||
|
||||
r.GET("/api/verify", middlewares.Wrap(metricsVRMW, middleware(handlers.VerifyGET(config.AuthenticationBackend))))
|
||||
r.HEAD("/api/verify", middlewares.Wrap(metricsVRMW, middleware(handlers.VerifyGET(config.AuthenticationBackend))))
|
||||
|
||||
r.GET("/api/verify/{path:*}", middlewares.Wrap(metricsVRMW, middleware(handlers.VerifyGET(config.AuthenticationBackend))))
|
||||
r.HEAD("/api/verify/{path:*}", middlewares.Wrap(metricsVRMW, middleware(handlers.VerifyGET(config.AuthenticationBackend))))
|
||||
r.ANY("/api/verify", middlewares.Wrap(metricsVRMW, middleware(handlers.VerifyGET(config.AuthenticationBackend))))
|
||||
r.ANY("/api/verify/{path:*}", middlewares.Wrap(metricsVRMW, middleware(handlers.VerifyGET(config.AuthenticationBackend))))
|
||||
|
||||
r.POST("/api/checks/safe-redirection", middlewareAPI(handlers.CheckSafeRedirectionPOST))
|
||||
|
||||
|
|
|
|||
Loading…
Reference in New Issue