MCPcopy Index your code
hub / github.com/cloudflare/cloudflared / handleRedirects

Function handleRedirects

token/token.go:407–433  ·  view source on GitHub ↗
(req *http.Request, via []*http.Request, orgToken string)

Source from the content-addressed store, hash-verified

405}
406
407func handleRedirects(req *http.Request, via []*http.Request, orgToken string) error {
408 // attach org token to login request
409 if strings.Contains(req.URL.Path, AccessLoginWorkerPath) {
410 req.AddCookie(&http.Cookie{Name: tokenCookie, Value: orgToken}) //nolint: gosec
411 }
412
413 // attach app session cookie to authorized request
414 if strings.Contains(req.URL.Path, AccessAuthorizedWorkerPath) {
415 // We need to check and see if the CF_APP_SESSION cookie was set
416 for _, prevReq := range via {
417 if prevReq != nil && prevReq.Response != nil {
418 for _, c := range prevReq.Response.Cookies() {
419 if c.Name == appSessionCookie {
420 req.AddCookie(&http.Cookie{Name: appSessionCookie, Value: c.Value}) //nolint: gosec
421 return nil
422 }
423 }
424 }
425 }
426 }
427
428 // stop after hitting authorized endpoint since it will contain the app token
429 if len(via) > 0 && strings.Contains(via[len(via)-1].URL.Path, AccessAuthorizedWorkerPath) {
430 return http.ErrUseLastResponse
431 }
432 return nil
433}
434
435// exchangeOrgToken attaches an org token to a request to the appURL and returns an app token. This uses the Access SSO
436// flow to automatically generate and return an app token without the login page.

Calls

no outgoing calls