DMC/oauth2-authorization-server
0
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Take into account X-Forwarded-* headers in embedded mode.

Browse Source 
Useful if the container is used behind a proxy.
This commit is contained in:
Andreas Svanberg 2025-04-08 16:48:47 +02:00
parent c9559ca930
commit 1d81e3887a
Signed by: ansv7779
GPG Key ID: 2D081222BBEB56A3
1 changed files with 13 additions and 0 deletions

13
src/main/java/se/su/dsv/oauth2/EmbeddedConfiguration.java

@ -1,8 +1,11 @@
package se.su.dsv.oauth2;
import org.springframework.boot.web.servlet.FilterRegistrationBean;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.context.annotation.Profile;
import org.springframework.core.Ordered;
import org.springframework.web.filter.ForwardedHeaderFilter;
import se.su.dsv.oauth2.admin.repository.ClientRepository;
import se.su.dsv.oauth2.admin.repository.ClientRow;
@ -15,6 +18,16 @@ import java.util.Optional;
@Configuration
@Profile("embedded")
public class EmbeddedConfiguration {
/**
* This filter takes the `X-Forwarded-*` headers and updates the request to reflect the original HTTP request.
*/
@Bean
public FilterRegistrationBean<ForwardedHeaderFilter> forwardedHeaderFilter() {
var filterRegistrationBean = new FilterRegistrationBean<>(new ForwardedHeaderFilter());
filterRegistrationBean.setOrder(Ordered.HIGHEST_PRECEDENCE);
return filterRegistrationBean;
}
@Bean
public ClientRepository clientRepository() {
ArrayList<ClientRow> clients = new ArrayList<>();