now setting user id to custom header after proxy oauthkeeper

2025-03-10 12:49:16 +03:00 · 2025-03-10 12:49:16 +03:00 · eb772811e1
commit eb772811e1
parent 35c5839575
4 changed files with 13 additions and 9 deletions
--- a/cmd/main.go
+++ b/cmd/main.go
@ -35,7 +35,7 @@ func main() {
 		if !ok {
 			return c.SendStatus(fiber.StatusUnauthorized)
 		}
-		return c.SendString("private content, token: " + token)
+		return c.SendString("private content, account id: " + token)
 	})

 	go func() {
--- a/config_oauthkeeper/oathkeeper.yml
+++ b/config_oauthkeeper/oathkeeper.yml
@ -36,5 +36,10 @@ mutators:
        {
          "session": {{ .Extra | toJson }}
        }
+  header:
+    enabled: true
+    config:
+      headers:
+        Pena-Account-ID: "{{ .Subject }}"
  noop:
    enabled: true
--- a/config_oauthkeeper/rules.json
+++ b/config_oauthkeeper/rules.json
@ -18,7 +18,7 @@
    },
    "mutators": [
      {
-        "handler": "id_token"
+        "handler": "header"
      }
    ]
  },
@ -41,7 +41,7 @@
    },
    "mutators": [
      {
-        "handler": "id_token"
+        "handler": "header"
      }
    ]
  }
--- a/middleware/middleware.go
+++ b/middleware/middleware.go
@ -4,10 +4,9 @@ import (
 	"fmt"
 	"github.com/gofiber/fiber/v2"
 	"github.com/ory/client-go"
-	"strings"
 )

-const CtxTokenKey = "token-key"
+const CtxTokenKey = "Pena-Account-Id"

 func KratosMiddleware(ory *client.APIClient) fiber.Handler {
 	return func(ctx *fiber.Ctx) error {
@ -45,12 +44,12 @@ func getSessionFromToken(ctx *fiber.Ctx, ory *client.APIClient, token string) (*

 func OauthKeeperMiddleware() fiber.Handler {
 	return func(ctx *fiber.Ctx) error {
-		token := strings.ReplaceAll(ctx.Get("Authorization"), "Bearer ", "")
-		if token == "" {
-			return fiber.NewError(fiber.StatusUnauthorized, "empty token")
+		accountID := ctx.Get(CtxTokenKey)
+		if accountID == "" {
+			return fiber.NewError(fiber.StatusUnauthorized, "empty account id")
 		}

-		ctx.Locals(CtxTokenKey, token)
+		ctx.Locals(CtxTokenKey, accountID)

 		return ctx.Next()
 	}