Proxy proxies the user request if the user is authenticated else it prompts them to authenticate
(rw http.ResponseWriter, req *http.Request)
| 1039 | // Proxy proxies the user request if the user is authenticated else it prompts |
| 1040 | // them to authenticate |
| 1041 | func (p *OAuthProxy) Proxy(rw http.ResponseWriter, req *http.Request) { |
| 1042 | session, err := p.getAuthenticatedSession(rw, req) |
| 1043 | switch err { |
| 1044 | case nil: |
| 1045 | // Check against our authorization constraints and return forbidden |
| 1046 | // if this request fails to satisfy them. |
| 1047 | if !authOnlyAuthorize(req, session) { |
| 1048 | http.Error(rw, http.StatusText(http.StatusForbidden), http.StatusForbidden) |
| 1049 | return |
| 1050 | } |
| 1051 | |
| 1052 | // we are authenticated |
| 1053 | p.addHeadersForProxying(rw, session) |
| 1054 | p.headersChain.Then(p.upstreamProxy).ServeHTTP(rw, req) |
| 1055 | case ErrNeedsLogin: |
| 1056 | // we need to send the user to a login screen |
| 1057 | if p.forceJSONErrors || isAjax(req) || p.isAPIPath(req) { |
| 1058 | logger.Printf("No valid authentication in request. Access Denied.") |
| 1059 | // no point redirecting an AJAX request |
| 1060 | p.errorJSON(rw, http.StatusUnauthorized) |
| 1061 | return |
| 1062 | } |
| 1063 | |
| 1064 | logger.Printf("No valid authentication in request. Initiating login.") |
| 1065 | if p.SkipProviderButton { |
| 1066 | // start OAuth flow, but only with the default login URL params - do not |
| 1067 | // consider this request's query params as potential overrides, since |
| 1068 | // the user did not explicitly start the login flow |
| 1069 | p.doOAuthStart(rw, req, nil) |
| 1070 | } else { |
| 1071 | p.SignInPage(rw, req, http.StatusForbidden) |
| 1072 | } |
| 1073 | |
| 1074 | case ErrAccessDenied: |
| 1075 | if p.forceJSONErrors { |
| 1076 | p.errorJSON(rw, http.StatusForbidden) |
| 1077 | } else { |
| 1078 | p.ErrorPage(rw, req, http.StatusForbidden, "The session failed authorization checks") |
| 1079 | } |
| 1080 | |
| 1081 | default: |
| 1082 | // unknown error |
| 1083 | logger.Errorf("Unexpected internal error: %v", err) |
| 1084 | p.ErrorPage(rw, req, http.StatusInternalServerError, err.Error()) |
| 1085 | } |
| 1086 | } |
| 1087 | |
| 1088 | // See https://developers.google.com/web/fundamentals/performance/optimizing-content-efficiency/http-caching?hl=en |
| 1089 | var noCacheHeaders = map[string]string{ |
nothing calls this directly
no test coverage detected