mirror of
https://github.com/k3s-io/k3s.git
synced 2024-06-07 19:41:36 +00:00
Use appropriate response codes for authn/authz failures
Signed-off-by: Brad Davidson <brad.davidson@rancher.com>
This commit is contained in:
parent
374271e9a0
commit
6e768c301e
@ -30,19 +30,17 @@ func doAuth(roles []string, serverConfig *config.Control, next http.Handler, rw
|
||||
logrus.Errorf("Authenticate not initialized: serverConfig.Runtime.Authenticator is nil")
|
||||
rw.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
default:
|
||||
//
|
||||
}
|
||||
|
||||
resp, ok, err := serverConfig.Runtime.Authenticator.AuthenticateRequest(req)
|
||||
if err != nil {
|
||||
logrus.Errorf("Failed to authenticate request from %s: %v", req.RemoteAddr, err)
|
||||
rw.WriteHeader(http.StatusInternalServerError)
|
||||
rw.WriteHeader(http.StatusUnauthorized)
|
||||
return
|
||||
}
|
||||
|
||||
if !ok || !hasRole(roles, resp.User.GetGroups()) {
|
||||
rw.WriteHeader(http.StatusUnauthorized)
|
||||
rw.WriteHeader(http.StatusForbidden)
|
||||
return
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user