Cutlery/caddy
1
0
Fork 0
mirror of https://github.com/caddyserver/caddy.git synced 2025-12-30 16:50:38 -05:00
Code Issues Actions Packages Projects Releases Wiki Activity

spec: forward_auth handler

Browse Source 
Signed-off-by: Mohammed Al Sahaf <msaa1990@gmail.com>
This commit is contained in:
Mohammed Al Sahaf 2025-11-02 20:46:53 +03:00
parent 6d89bc3942
commit 336d514797
No known key found for this signature in database
1 changed files with 132 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

132
caddytest/spec/http/forward_auth/spec.hurl Normal file
View File

@ -0,0 +1,132 @@
# Configure Caddy with forward_auth directive
POST http://localhost:2019/load
Content-Type: text/caddyfile
```
{
skip_install_trust
http_port 9080
https_port 9443
local_certs
}
localhost {
forward_auth localhost:9080 {
uri /auth
}
respond "Protected content"
}
http://localhost:9080 {
handle /auth {
respond 200
}
}
```
# forward_auth allows request when auth endpoint returns 2xx
GET https://localhost:9443
[Options]
delay: 500ms
insecure: true
HTTP 200
[Asserts]
body == "Protected content"
# Configure Caddy with forward_auth rejecting
POST http://localhost:2019/load
Content-Type: text/caddyfile
```
{
skip_install_trust
http_port 9080
https_port 9443
local_certs
}
localhost {
forward_auth localhost:9080 {
uri /auth
}
respond "Protected content"
}
http://localhost:9080 {
handle /auth {
respond 401
}
}
```
# forward_auth blocks request when auth endpoint returns 4xx
GET https://localhost:9443
[Options]
delay: 500ms
insecure: true
HTTP 401
# Configure Caddy with forward_auth copying headers
POST http://localhost:2019/load
Content-Type: text/caddyfile
```
{
skip_install_trust
http_port 9080
https_port 9443
local_certs
}
localhost {
forward_auth localhost:9080 {
uri /auth
copy_headers X-User-ID X-User-Email
}
respond "User: {header.X-User-ID}, Email: {header.X-User-Email}"
}
http://localhost:9080 {
handle /auth {
header X-User-ID "user123"
header X-User-Email "user@example.com"
respond 200
}
}
```
# forward_auth copies specified headers from auth response
GET https://localhost:9443
[Options]
delay: 500ms
insecure: true
HTTP 200
[Asserts]
body == "User: user123, Email: user@example.com"
# Configure Caddy with forward_auth and custom headers
POST http://localhost:2019/load
Content-Type: text/caddyfile
```
{
skip_install_trust
http_port 9080
https_port 9443
local_certs
}
localhost {
forward_auth localhost:9080 {
uri /auth
header_up X-Original-URL {uri}
}
respond "OK"
}
http://localhost:9080 {
handle /auth {
respond "{header.X-Original-URL}"
}
}
```
# forward_auth can send custom headers to auth endpoint
GET https://localhost:9443/test/path
[Options]
delay: 500ms
insecure: true
HTTP 200
[Asserts]
body == "OK"