1. The problem I’m having:
I’m trying to do a reverse- proxying to the output (url) of a forward_auth - check module. Beforehand, the oauth2- module is used to retrieve a token
2. Error messages and/or full log output:
The {return_url} (see below) - variable is never being set, I receive the error that this is not a valid url / missing the port
3. Caddy version:
2.8
4. How I installed and ran Caddy:
Canny is running within Docker Compose
a. System environment:
Docker- Environment
d. My complete Caddy config:
:8100 {
# define forward auth for any path under `/`, if not more specific defined
forward_auth / oauth2-check:4180 {
uri /oauth2/auth
copy_headers Authorization X-Auth-Request-User X-Auth-Request-Email X-Forwarded-Access-Token X-Auth-Request-Access-Token
@error status 401
handle_response @error {
redir * /oauth2/sign_in?rd={scheme}://{host}{uri} 302
}
}
# define `/oauth2/*` as specific endpoint, to avoid forward auth protection to be able to use service
reverse_proxy /oauth2/* oauth2-check:4180 {
header_up X-Real-IP {remote}
header_up X-Forwarded-Proto https
}
# test- authentication
forward_auth / test-check:4180 {
uri /api/v1/test-auth
copy_headers Authorization X-Auth-Request-User X-Auth-Request-Email X-Forwarded-Access-Token X-Auth-Request-Access-Token
@error status 401
handle_response @error {
respond "Invalid test" 401
}
}
reverse_proxy /api/v1/test-auth test-check:4181 {
header_up X-Real-IP {remote}
header_up X-Forwarded-Proto https
}
@missingTurl {
header return_url * # Match the presence of the "return_url" header
}
handle @missingTurl {
# If return_url header is missing, set a default url header
header return_url "default-backend.com:80"
}
# Reverse proxy using the value of the return_url header
reverse_proxy / {
to {return_url}
}
}