Add set cookie

andrewheberle · andrewheberle · commit 7ce8cbc6149f · 2023-12-05T11:01:32.000+08:00
diff --git a/README.md b/README.md
@@ -93,7 +93,7 @@ The following HAProxy configuration snippet shows this process:
 # a protected backend
 backend be_protected
         # set required headers
-        http-request set-header X-Forward-For %[src]
+        http-request set-header X-Forwarded-For %[src]
 	http-request set-header X-Forwarded-Proto %[ssl_fc,iif(https,http)]
 	http-request set-header X-Forwarded-Host %[req.hdr(Host)]
 	http-request set-header X-Forwarded-Uri %[capture.req.uri]
diff --git a/cmd/haproxy-auth-request/main.go b/cmd/haproxy-auth-request/main.go
@@ -15,7 +15,6 @@ import (
 )
 
 func main() {
-	// logging
 	// command line flags
 	pflag.String("listen", "127.0.0.1:3000", "Listen address")
 	pflag.String("url", "http://127.0.0.1:9091/api/authz/forward-auth", "URL to perform verification against")
diff --git a/examples/haproxy.cfg b/examples/haproxy.cfg
@@ -54,7 +54,7 @@ backend be_protected
 	mode http
 
 	# set required headers
-	http-request set-header X-Forward-For %[src]
+	http-request set-header X-Forwarded-For %[src]
 	http-request set-header X-Forwarded-Proto %[ssl_fc,iif(https,http)]
 	http-request set-header X-Forwarded-Host %[req.hdr(Host)]
 	http-request set-header X-Forwarded-Uri %[capture.req.uri]
diff --git a/pkg/auth/auth.go b/pkg/auth/auth.go
@@ -114,6 +114,14 @@ func (auth *AuthHandler) Handler(req *request.Request) {
 			}
 		}
 
+		// set cookie if present
+		if cookies := res.Cookies(); len(cookies) == 1 {
+			if v := cookies[0].String(); v != "" {
+				req.Actions.SetVar(action.ScopeRequest, "response_cookie.name", cookies[0].Name)
+				req.Actions.SetVar(action.ScopeRequest, "response_cookie.value", v)
+			}
+		}
+
 		logger.Info("message handled")
 		return
 	}

Original file line number	Diff line number	Diff line change
`@@ -15,7 +15,6 @@ import (`
`15`	`15`	`)`
`16`	`16`
`17`	`17`	`func main() {`
`18`		`- // logging`
`19`	`18`	`// command line flags`
`20`	`19`	`pflag.String("listen", "127.0.0.1:3000", "Listen address")`
`21`	`20`	`pflag.String("url", "http://127.0.0.1:9091/api/authz/forward-auth", "URL to perform verification against")`
Original file line number	Diff line number	Diff line change
`@@ -114,6 +114,14 @@ func (auth AuthHandler) Handler(req request.Request) {`
`114`	`114`	`}`
`115`	`115`	`}`
`116`	`116`
	`117`	`+ // set cookie if present`
	`118`	`+ if cookies := res.Cookies(); len(cookies) == 1 {`
	`119`	`+ if v := cookies[0].String(); v != "" {`
	`120`	`+ req.Actions.SetVar(action.ScopeRequest, "response_cookie.name", cookies[0].Name)`
	`121`	`+ req.Actions.SetVar(action.ScopeRequest, "response_cookie.value", v)`
	`122`	`+ }`
	`123`	`+ }`
	`124`	`+`
`117`	`125`	`logger.Info("message handled")`
`118`	`126`	`return`
`119`	`127`	`}`