habsi/authentik
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

outposts/proxy: fix securecookie: no codecs provided error with redis

Browse Source 
Signed-off-by: Jens Langhammer <jens.langhammer@beryju.org>
This commit is contained in:
Jens Langhammer
2021-09-09 10:23:46 +02:00
parent eb2540a3c8
commit 4c3a9e69f2
5 changed files with 20 additions and 8 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
internal/outpost/proxyv2/application/session.go
View File

@ -5,6 +5,7 @@ import (
"strconv"
"github.com/gorilla/sessions"
log "github.com/sirupsen/logrus"
"goauthentik.io/api"
"goauthentik.io/internal/config"
"gopkg.in/boj/redistore.v1"
@ -13,15 +14,17 @@ import (
func GetStore(p api.ProxyOutpostConfig) sessions.Store {
var store sessions.Store
if config.G.Redis.Host != "" {
rs, err := redistore.NewRediStoreWithDB(10, "tcp", fmt.Sprintf("%s:%d", config.G.Redis.Host, config.G.Redis.Port), config.G.Redis.Password, strconv.Itoa(config.G.Redis.OutpostSessionDB))
rs, err := redistore.NewRediStoreWithDB(10, "tcp", fmt.Sprintf("%s:%d", config.G.Redis.Host, config.G.Redis.Port), config.G.Redis.Password, strconv.Itoa(config.G.Redis.OutpostSessionDB), []byte(*p.CookieSecret))
if err != nil {
panic(err)
}
rs.Options.Domain = *p.CookieDomain
log.Info("using redis session backend")
store = rs
} else {
cs := sessions.NewCookieStore([]byte(*p.CookieSecret))
cs.Options.Domain = *p.CookieDomain
log.Info("using cookie session backend")
store = cs
}
return store

5
internal/outpost/proxyv2/proxyv2.go
View File

@ -14,7 +14,6 @@ import (
"github.com/pires/go-proxyproto"
log "github.com/sirupsen/logrus"
"goauthentik.io/api"
"goauthentik.io/internal/config"
"goauthentik.io/internal/crypto"
"goauthentik.io/internal/outpost/ak"
"goauthentik.io/internal/outpost/proxyv2/application"
@ -36,7 +35,7 @@ type ProxyServer struct {
akAPI *ak.APIController
}
func NewProxyServer(ac *ak.APIController) *ProxyServer {
func NewProxyServer(ac *ak.APIController, portOffset int) *ProxyServer {
l := log.WithField("logger", "authentik.outpost.proxyv2")
defaultCert, err := crypto.GenerateSelfSignedCert()
if err != nil {
@ -55,7 +54,7 @@ func NewProxyServer(ac *ak.APIController) *ProxyServer {
globalMux.Use(web.NewLoggingHandler(l.WithField("logger", "authentik.outpost.proxyv2.http"), nil))
s := &ProxyServer{
Listen: "0.0.0.0:%d",
PortOffset: config.G.Web.OutpostPortOffset,
PortOffset: portOffset,
cryptoStore: ak.NewCryptoStore(ac.Client.CryptoApi),
apps: make(map[string]*application.Application),