| 61 | } |
| 62 | |
| 63 | func (b *ProxyBackend) createBackendRequest(orig *http.Request) (*http.Request, error) { |
| 64 | req, err := http.NewRequest(orig.Method, orig.URL.String(), nil) |
| 65 | if err != nil { |
| 66 | return nil, err |
| 67 | } |
| 68 | |
| 69 | // Replace the endpoint with the backend one. |
| 70 | req.URL.Scheme = b.endpoint.Scheme |
| 71 | req.URL.Host = b.endpoint.Host |
| 72 | |
| 73 | // Prepend the endpoint path to the request path. |
| 74 | req.URL.Path = path.Join(b.endpoint.Path, req.URL.Path) |
| 75 | |
| 76 | // Replace the auth: |
| 77 | // - If the endpoint has user and password, use it. |
| 78 | // - If the endpoint has user only, keep it and use the request password (if any). |
| 79 | // - If the endpoint has no user and no password, use the request auth (if any). |
| 80 | clientUser, clientPass, clientAuth := orig.BasicAuth() |
| 81 | endpointUser := b.endpoint.User.Username() |
| 82 | endpointPass, _ := b.endpoint.User.Password() |
| 83 | |
| 84 | if endpointUser != "" && endpointPass != "" { |
| 85 | req.SetBasicAuth(endpointUser, endpointPass) |
| 86 | } else if endpointUser != "" { |
| 87 | req.SetBasicAuth(endpointUser, clientPass) |
| 88 | } else if clientAuth { |
| 89 | req.SetBasicAuth(clientUser, clientPass) |
| 90 | } |
| 91 | |
| 92 | // If there is X-Scope-OrgId header in the request, forward it. This is done even if there was username/password. |
| 93 | if orgID := orig.Header.Get(orgIDHeader); orgID != "" { |
| 94 | req.Header.Set(orgIDHeader, orgID) |
| 95 | } |
| 96 | |
| 97 | return req, nil |
| 98 | } |
| 99 | |
| 100 | func (b *ProxyBackend) doBackendRequest(req *http.Request) (int, []byte, error) { |
| 101 | // Honor the read timeout. |