Attempt to fix auth proxies by making redirects manual #1028

lua
Zef Hemel 2024-09-09 18:36:54 +02:00
parent 409b0df328
commit d6fb5e0c29
2 changed files with 30 additions and 17 deletions

View File

@ -34,33 +34,46 @@ export class HttpSpacePrimitives implements SpacePrimitives {
try { try {
options.signal = AbortSignal.timeout(fetchTimeout); options.signal = AbortSignal.timeout(fetchTimeout);
options.redirect = "manual";
const result = await fetch(url, options); const result = await fetch(url, options);
if (result.status === 503) { if (result.status === 503) {
throw new Error("Offline"); throw new Error("Offline");
} }
const redirectHeader = result.headers.get("location");
// console.log("Got response", result.status, result.statusText, result.url);
// Attempting to handle various authentication proxies // Attempting to handle various authentication proxies
if (result.redirected) { if (result.status >= 300 && result.status < 400) {
if (result.status === 401 || result.status === 403) { if (redirectHeader) {
// Got a redirect
alert("Received a redirect, redirecting to URL: " + redirectHeader);
location.href = redirectHeader;
throw new Error("Redirected");
} else {
console.error("Got a redirect status but no location header", result);
}
}
// Check for unauthorized status
if (result.status === 401 || result.status === 403) {
// If it came with a redirect header, we'll redirect to that URL
if (redirectHeader) {
console.log( console.log(
"Received unauthorized status and got a redirect via the API so will redirect to URL", "Received unauthorized status and got a redirect via the API so will redirect to URL",
result.url, result.url,
); );
alert("You are not authenticated, redirecting to: " + result.url); alert("You are not authenticated, redirecting to: " + redirectHeader);
location.href = result.url; location.href = redirectHeader;
throw new Error("Not authenticated"); throw new Error("Not authenticated");
} else { } else {
alert("Received a redirect, redirecting to URL: " + result.url); // If not, let's reload
location.href = result.url; alert(
throw new Error("Redirected"); "You are not authenticated, going to reload and hope that that kicks off authentication",
);
location.reload();
throw new Error("Not authenticated, got 401");
} }
} }
if (result.status === 401 || result.status === 403) {
alert(
"You are not authenticated, going to reload and hope that that kicks off authentication",
);
location.reload();
throw new Error("Not authenticated, got 401");
}
return result; return result;
} catch (e: any) { } catch (e: any) {
// Errors when there is no internet connection: // Errors when there is no internet connection:

View File

@ -370,7 +370,7 @@ export class HttpServer {
return c.redirect(typeof from === "string" ? from : "/"); return c.redirect(typeof from === "string" ? from : "/");
} else { } else {
console.error("Authentication failed, redirecting to auth page."); console.error("Authentication failed, redirecting to auth page.");
return c.redirect("/.auth?error=1"); return c.redirect("/.auth?error=1", 401);
} }
}, },
).all((c) => { ).all((c) => {
@ -389,9 +389,9 @@ export class HttpServer {
const redirectToAuth = () => { const redirectToAuth = () => {
// Try filtering api paths // Try filtering api paths
if (req.path.startsWith("/.") || req.path.endsWith(".md")) { if (req.path.startsWith("/.") || req.path.endsWith(".md")) {
return c.redirect("/.auth"); return c.redirect("/.auth", 401);
} else { } else {
return c.redirect(`/.auth?from=${req.path}`); return c.redirect(`/.auth?from=${req.path}`, 401);
} }
}; };
if (!excludedPaths.includes(url.pathname)) { if (!excludedPaths.includes(url.pathname)) {