nginx auth_request: access original query paramete

2019-06-20 07:31发布

站内问答 / 后端开发
1184 2 4

I'm trying to figure out if it is possible to forward a query-parameter from the original URL to the auth_request handler/service?

Users should be able to add the API-token as a query-parameter like this: https://example.com/api/user?token=237263864823674238476

And not via header or cookie. Can I access the token parameter somehow in the auth-service? Or write the token query-parameter in a custom header with NGINX?
Tried this so far:

location = /api/user {
  auth_request /auth;
  proxy_set_header X-auth-token-from-query $arg_token;

  proxy_pass http://<url>;
}

/auth endpoint doesn't get the X-auth-token-from-query header but after returning a 200 the upstream-proxy does get the header.

2条回答
爷的心禁止访问
2楼-- · 2019-06-20 07:48

You'll very likely want to pass the url (the uri) to the auth-request endpoint as well. You can do this in one go:

location = /api/auth {
  proxy_set_header X-Original-URI $request_uri;
  proxy_set_header X-Original-METHOD $request_method;
  proxy_pass_request_body off;
  proxy_set_header Content-Length "";

  proxy_pass http://<url>;
}

Bonus: I also passed the method! :tada:

查看更多
0人赞 添加讨论(0) 举报
我想做一个坏孩纸
3楼-- · 2019-06-20 07:52

The following worked for me

        location = /auth {
          internal;
          set $query '';
          if ($request_uri ~* "[^\?]+\?(.*)$") {
              set $query $1;
          }
          proxy_pass                http://myauthpoint?$query;
          proxy_pass_request_body   off;
          proxy_set_header          Content-Length "";
        }
查看更多
0人赞 添加讨论(0) 举报
登录 后发表回答
相关问题
查看全部
相关文章
查看全部
收藏的人(4)