Skip to content
This repository was archived by the owner on Feb 11, 2023. It is now read-only.

Rewrite default urls to ./index.html #61

Open
wants to merge 10 commits into
base: master
Choose a base branch
from
+76 −0
Open

Rewrite default urls to ./index.html #61

Changes from all commits
Commits
Show all changes
10 commits
Select commit Hold shift + click to select a range
008d7a6
redirect to ./index.html for trailing slash requests
jared-stehler Feb 27, 2020
b259996
intercept and rewrite default / urls before auth
jared-stehler Feb 27, 2020
5c7ff0d
only check html/png urls to avoid spamming github
jared-stehler Feb 27, 2020
dd33fd0
fix order of req handling
jared-stehler Feb 27, 2020
ecf21d4
another attempt at proper req handling order
jared-stehler Feb 27, 2020
73de833
update request.uri before any processing
jared-stehler Feb 27, 2020
045ebed
allow reqs from slackbot UA for unfurling
jaredstehler Sep 7, 2020
580835d
fix string search
jaredstehler Sep 7, 2020
9db023f
slackbot unfurl for openid authn
jaredstehler Jan 6, 2021
570b884
redirect to expected callback domain if not matching on host
Nov 9, 2021
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
19 changes: 19 additions & 0 deletions authn/github.index.js
View file
Original file line number Diff line number Diff line change
@@ -23,6 +23,17 @@ function mainProcess(event, context, callback) {
config.AUTH_REQUEST.redirect_uri = event.Records[0].cf.config.test + config.CALLBACK_PATH;
config.TOKEN_REQUEST.redirect_uri = event.Records[0].cf.config.test + config.CALLBACK_PATH;
}

if (request.uri.endsWith('/')) {
var requestUrl = request.uri;

// Match url ending with '/' and replace with /index.html
var redirectUrl = requestUrl.replace(/\/$/, '\/index.html');

// Replace the received URI with the URI that includes the index page
request.uri = redirectUrl;
}

if (request.uri.startsWith(config.CALLBACK_PATH)) {
console.log("Callback from GitHub received");
/** Verify code is in querystring */
@@ -124,6 +135,14 @@ function mainProcess(event, context, callback) {
auth.isAuthorized(decoded, request, callback, unauthorized, internalServerError, config);
}
});
} else if ("user-agent" in headers
&& headers["user-agent"].length > 0
&& headers["user-agent"][0].value
&& headers["user-agent"][0].value.includes("Slackbot-LinkExpanding")) {
// Request from slackbot for link unfurl
// TODO only serve up partial page?
console.log("Authorizing Slackbot for link unfurl.");
auth.isAuthorized(null, request, callback, unauthorized, internalServerError, config);
} else {
console.log("Redirecting to GitHub.");
redirect(request, headers, callback);
38 changes: 38 additions & 0 deletions authn/openid.index.js
View file
Original file line number Diff line number Diff line change
@@ -62,6 +62,36 @@ function mainProcess(event, context, callback) {
config.AUTH_REQUEST.redirect_uri = event.Records[0].cf.config.test + config.CALLBACK_PATH;
config.TOKEN_REQUEST.redirect_uri = event.Records[0].cf.config.test + config.CALLBACK_PATH;
}

const actualHost = headers['host'][0].value;
const expectedHost = new URL(config.AUTH_REQUEST.redirect_uri).host;

if (actualHost !== expectedHost) {
const response = {
"status": "308",
"statusDescription": "Found",
"body": "Redirecting to expected domain",
"headers": {
"location" : [{
"key": "Location",
"value": 'https://' + new URL(config.AUTH_REQUEST.redirect_uri).host + request.uri + '?' + request.querystring
}]
},
};
callback(null, response);
return;
}

if (request.uri.endsWith('/')) {
var requestUrl = request.uri;

// Match url ending with '/' and replace with /index.html
var redirectUrl = requestUrl.replace(/\/$/, '\/index.html');

// Replace the received URI with the URI that includes the index page
request.uri = redirectUrl;
}

if (request.uri.startsWith(config.CALLBACK_PATH)) {
console.log("Callback from OIDC provider received");

@@ -233,6 +263,14 @@ function mainProcess(event, context, callback) {
auth.isAuthorized(decoded, request, callback, unauthorized, internalServerError, config);
}
});
} else if ("user-agent" in headers
&& headers["user-agent"].length > 0
&& headers["user-agent"][0].value
&& headers["user-agent"][0].value.includes("Slackbot-LinkExpanding")) {
// Request from slackbot for link unfurl
// TODO only serve up partial page?
console.log("Authorizing Slackbot for link unfurl.");
auth.isAuthorized(null, request, callback, unauthorized, internalServerError, config);
} else {
console.log("Redirecting to OIDC provider.");
redirect(request, headers, callback);
19 changes: 19 additions & 0 deletions authn/pkce.index.js
View file
Original file line number Diff line number Diff line change
@@ -63,6 +63,17 @@ function mainProcess(event, context, callback) {
config.AUTH_REQUEST.redirect_uri = event.Records[0].cf.config.test + config.CALLBACK_PATH;
config.TOKEN_REQUEST.redirect_uri = event.Records[0].cf.config.test + config.CALLBACK_PATH;
}

if (request.uri.endsWith('/')) {
var requestUrl = request.uri;

// Match url ending with '/' and replace with /index.html
var redirectUrl = requestUrl.replace(/\/$/, '\/index.html');

// Replace the received URI with the URI that includes the index page
request.uri = redirectUrl;
}

if (request.uri.startsWith(config.CALLBACK_PATH)) {
console.log("Callback from OIDC provider received");

@@ -239,6 +250,14 @@ function mainProcess(event, context, callback) {
auth.isAuthorized(decoded, request, callback, unauthorized, internalServerError, config);
}
});
} else if ("user-agent" in headers
&& headers["user-agent"].length > 0
&& headers["user-agent"][0].value
&& headers["user-agent"][0].value.includes("Slackbot-LinkExpanding")) {
// Request from slackbot for link unfurl
// TODO only serve up partial page?
console.log("Authorizing Slackbot for link unfurl.");
auth.isAuthorized(null, request, callback, unauthorized, internalServerError, config);
} else {
console.log("Redirecting to OIDC provider.");
redirect(request, headers, callback);