TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-07-02 04:08:33 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: check http methods on specific http2 routes (#3527)

Browse Source 
* fix: check headers lowercase

* Update .releaserc.js

* fix: check http methods on specific http2 routes
This commit is contained in:
Livio Amstutz 2022-04-27 13:10:44 +02:00 committed by GitHub
parent ab04655019
commit fd1150f628
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 32 additions and 26 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

58
internal/api/api.go
View File

@ -83,12 +83,15 @@ func (a *API) RegisterHandler(prefix string, handler http.Handler) {
} }
func (a *API) routeGRPC() { func (a *API) routeGRPC() {
http2Route := a.router.Methods(http.MethodPost). http2Route := a.router.
MatcherFunc(func(r *http.Request, _ *mux.RouteMatch) bool { MatcherFunc(func(r *http.Request, _ *mux.RouteMatch) bool {
return r.ProtoMajor == 2 return r.ProtoMajor == 2
}). }).
Subrouter() Subrouter()
http2Route.Headers("Content-Type", "application/grpc").Handler(a.grpcServer) http2Route.
Methods(http.MethodPost).
Headers("Content-Type", "application/grpc").
Handler(a.grpcServer)
if !a.externalSecure { if !a.externalSecure {
a.routeGRPCWeb(a.router) a.routeGRPCWeb(a.router)
@ -98,31 +101,34 @@ func (a *API) routeGRPC() {
} }
func (a *API) routeGRPCWeb(router *mux.Router) { func (a *API) routeGRPCWeb(router *mux.Router) {
router.NewRoute().MatcherFunc( router.NewRoute().
func(r *http.Request, _ *mux.RouteMatch) bool { Methods(http.MethodPost, http.MethodOptions).
if strings.Contains(r.Header.Get("content-type"), "application/grpc-web+") { MatcherFunc(
return true func(r *http.Request, _ *mux.RouteMatch) bool {
} if strings.Contains(strings.ToLower(r.Header.Get("content-type")), "application/grpc-web+") {
return strings.Contains(r.Header.Get("access-control-request-headers"), "x-grpc-web") return true
}).Handler( }
grpcweb.WrapServer(a.grpcServer, return strings.Contains(strings.ToLower(r.Header.Get("access-control-request-headers")), "x-grpc-web")
grpcweb.WithAllowedRequestHeaders( }).
[]string{ Handler(
http_util.Origin, grpcweb.WrapServer(a.grpcServer,
http_util.ContentType, grpcweb.WithAllowedRequestHeaders(
http_util.Accept, []string{
http_util.AcceptLanguage, http_util.Origin,
http_util.Authorization, http_util.ContentType,
http_util.ZitadelOrgID, http_util.Accept,
http_util.XUserAgent, http_util.AcceptLanguage,
http_util.XGrpcWeb, http_util.Authorization,
}, http_util.ZitadelOrgID,
http_util.XUserAgent,
http_util.XGrpcWeb,
},
),
grpcweb.WithOriginFunc(func(_ string) bool {
return true
}),
), ),
grpcweb.WithOriginFunc(func(_ string) bool { )
return true
}),
),
)
} }
func (a *API) healthHandler() http.Handler { func (a *API) healthHandler() http.Handler {