Mirror/k3s
1
0
Fork 0
mirror of https://github.com/k3s-io/k3s.git synced 2024-06-07 19:41:36 +00:00
Code Issues Packages Projects Releases Wiki Activity

Use appropriate response codes for authn/authz failures

Browse Source 
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
This commit is contained in:
Brad Davidson 2021-02-08 23:51:37 -08:00 committed by Brad Davidson
parent 374271e9a0
commit 6e768c301e
1 changed files with 2 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
pkg/server/auth.go
View File

@ -30,19 +30,17 @@ func doAuth(roles []string, serverConfig *config.Control, next http.Handler, rw
logrus.Errorf("Authenticate not initialized: serverConfig.Runtime.Authenticator is nil")
rw.WriteHeader(http.StatusUnauthorized)
return
default:
//
}
resp, ok, err := serverConfig.Runtime.Authenticator.AuthenticateRequest(req)
if err != nil {
logrus.Errorf("Failed to authenticate request from %s: %v", req.RemoteAddr, err)
rw.WriteHeader(http.StatusInternalServerError)
rw.WriteHeader(http.StatusUnauthorized)
return
}
if !ok || !hasRole(roles, resp.User.GetGroups()) {
rw.WriteHeader(http.StatusUnauthorized)
rw.WriteHeader(http.StatusForbidden)
return
}