47 lines
1.4 KiB
Go
47 lines
1.4 KiB
Go
package server
|
|
|
|
import (
|
|
"net/http"
|
|
"path"
|
|
)
|
|
|
|
func location(w http.ResponseWriter, self string) {
|
|
w.Header().Add("Location", self)
|
|
}
|
|
|
|
// hsts add HTTP Strict Transport Security header with a max-age of two years
|
|
// Inspired from https://blog.bracebin.com/achieving-perfect-ssl-labs-score-with-go
|
|
func hsts(next http.Handler) http.Handler {
|
|
return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Add("Strict-Transport-Security", "max-age=63072000; includeSubDomains")
|
|
next.ServeHTTP(w, r)
|
|
})
|
|
}
|
|
|
|
// version handler adds X-Chronograf-Version header to responses
|
|
func version(version string, h http.Handler) http.Handler {
|
|
fn := func(w http.ResponseWriter, r *http.Request) {
|
|
w.Header().Add("X-Chronograf-Version", version)
|
|
h.ServeHTTP(w, r)
|
|
}
|
|
return http.HandlerFunc(fn)
|
|
}
|
|
|
|
// logout chooses the correct provider logout route and redirects to it
|
|
func logout(nextURL, basepath string, routes AuthRoutes) http.HandlerFunc {
|
|
return func(w http.ResponseWriter, r *http.Request) {
|
|
ctx := r.Context()
|
|
principal, err := getPrincipal(ctx)
|
|
if err != nil {
|
|
http.Redirect(w, r, path.Join(basepath, nextURL), http.StatusTemporaryRedirect)
|
|
return
|
|
}
|
|
route, ok := routes.Lookup(principal.Issuer)
|
|
if !ok {
|
|
http.Redirect(w, r, path.Join(basepath, nextURL), http.StatusTemporaryRedirect)
|
|
return
|
|
}
|
|
http.Redirect(w, r, route.Logout, http.StatusTemporaryRedirect)
|
|
}
|
|
}
|