44 "bytes"
55 "encoding/json"
66 "io"
7- "io/ioutil"
87 "net/http"
98 "net/url"
109
@@ -67,14 +66,6 @@ func (a *AuthenticatorRemoteJSON) Config(config json.RawMessage) (*Authenticator
6766 return nil , NewErrAuthenticatorMisconfigured (a , err )
6867 }
6968
70- if len (c .ExtraFrom ) == 0 {
71- c .ExtraFrom = "extra"
72- }
73-
74- if len (c .SubjectFrom ) == 0 {
75- c .SubjectFrom = "subject"
76- }
77-
7869 return & c , nil
7970}
8071
@@ -100,11 +91,19 @@ func (a *AuthenticatorRemoteJSON) Authenticate(r *http.Request, session *Authent
10091 )
10192
10293 if err = json .Unmarshal (subjectRaw , & subject ); err != nil {
103- return helper .ErrForbidden .WithReasonf ("The configured subject_from GJSON path returned an error on JSON output: %s" , err .Error ()).WithDebugf ("GJSON path: %s\n Body: %s\n Result: %s" , cfg .SubjectFrom , body , subjectRaw ).WithTrace (err )
94+ return helper .
95+ ErrForbidden .
96+ WithReasonf ("The configured subject_from GJSON path returned an error on JSON output: %s" , err .Error ()).
97+ WithDebugf ("GJSON path: %s\n Body: %s\n Result: %s" , cfg .SubjectFrom , body , subjectRaw ).
98+ WithTrace (err )
10499 }
105100
106101 if err = json .Unmarshal (extraRaw , & extra ); err != nil {
107- return helper .ErrForbidden .WithReasonf ("The configured extra_from GJSON path returned an error on JSON output: %s" , err .Error ()).WithDebugf ("GJSON path: %s\n Body: %s\n Result: %s" , cfg .ExtraFrom , body , extraRaw ).WithTrace (err )
102+ return helper .
103+ ErrForbidden .
104+ WithReasonf ("The configured extra_from GJSON path returned an error on JSON output: %s" , err .Error ()).
105+ WithDebugf ("GJSON path: %s\n Body: %s\n Result: %s" , cfg .ExtraFrom , body , extraRaw ).
106+ WithTrace (err )
108107 }
109108
110109 session .Subject = subject
@@ -127,7 +126,10 @@ func forwardMethod(r *http.Request, cfg *AuthenticatorRemoteJSONConfiguration) s
127126func forwardRequestToAuthenticator (r * http.Request , method string , serviceURL string , preservePath bool ) (json.RawMessage , error ) {
128127 reqUrl , err := url .Parse (serviceURL )
129128 if err != nil {
130- return nil , errors .WithStack (herodot .ErrInternalServerError .WithReasonf ("Unable to parse remote URL: %s" , err ))
129+ return nil , errors .WithStack (
130+ herodot .
131+ ErrInternalServerError .WithReasonf ("Unable to parse remote URL: %s" , err ),
132+ )
131133 }
132134
133135 if ! preservePath {
@@ -136,15 +138,24 @@ func forwardRequestToAuthenticator(r *http.Request, method string, serviceURL st
136138
137139 var forwardRequestBody io.ReadCloser = nil
138140 if r .Body != nil {
139- body , err := ioutil .ReadAll (r .Body )
141+ body , err := io .ReadAll (r .Body )
140142 if err != nil {
141143 return nil , helper .ErrBadRequest .WithReason (err .Error ()).WithTrace (err )
142144 }
143145
146+ err = r .Body .Close ()
147+ if err != nil {
148+ return nil , errors .WithStack (
149+ herodot .
150+ ErrInternalServerError .
151+ WithReasonf ("Could not close body reader: %s\n " , err ),
152+ )
153+ }
154+
144155 // Unfortunately the body reader needs to be read once to forward the request,
145156 // thus the upstream request will fail miserably without recreating a fresh ReaderCloser
146- forwardRequestBody = ioutil .NopCloser (bytes .NewReader (body ))
147- r .Body = ioutil .NopCloser (bytes .NewReader (body ))
157+ forwardRequestBody = io .NopCloser (bytes .NewReader (body ))
158+ r .Body = io .NopCloser (bytes .NewReader (body ))
148159 }
149160
150161 req := http.Request {
@@ -163,7 +174,7 @@ func forwardRequestToAuthenticator(r *http.Request, method string, serviceURL st
163174
164175func handleResponse (r * http.Response ) (json.RawMessage , error ) {
165176 if r .StatusCode == http .StatusOK {
166- body , err := ioutil .ReadAll (r .Body )
177+ body , err := io .ReadAll (r .Body )
167178 if err != nil {
168179 return json.RawMessage {}, errors .WithStack (herodot .ErrInternalServerError .WithReasonf ("Remote server returned error: %+v" , err ))
169180 }
0 commit comments