mirror of
https://github.com/YunoHost/SSOwat.git
synced 2024-09-03 20:06:27 +02:00
[enh] Add PCRE regex support
This commit is contained in:
parent
c354571337
commit
9cbe43862b
1 changed files with 18 additions and 9 deletions
27
access.lua
27
access.lua
|
@ -22,6 +22,9 @@ local conf = config.get_config()
|
||||||
-- Import helpers
|
-- Import helpers
|
||||||
local hlp = require "helpers"
|
local hlp = require "helpers"
|
||||||
|
|
||||||
|
-- Import Perl regular expressions library
|
||||||
|
local rex = require "rex_pcre"
|
||||||
|
|
||||||
-- Just a note for the client to know that he passed through the SSO
|
-- Just a note for the client to know that he passed through the SSO
|
||||||
ngx.header["X-SSO-WAT"] = "You've just been SSOed"
|
ngx.header["X-SSO-WAT"] = "You've just been SSOed"
|
||||||
|
|
||||||
|
@ -185,6 +188,12 @@ end
|
||||||
-- If the URL matches one of the `redirected_urls` in the configuration file,
|
-- If the URL matches one of the `redirected_urls` in the configuration file,
|
||||||
-- just redirect to the target URL/URI
|
-- just redirect to the target URL/URI
|
||||||
--
|
--
|
||||||
|
function match(s, regex)
|
||||||
|
if rex.match(s, regex) or string.match(s,regex) then
|
||||||
|
return true
|
||||||
|
end
|
||||||
|
return false
|
||||||
|
end
|
||||||
|
|
||||||
function detect_redirection(redirect_url)
|
function detect_redirection(redirect_url)
|
||||||
if hlp.string.starts(redirect_url, "http://")
|
if hlp.string.starts(redirect_url, "http://")
|
||||||
|
@ -209,9 +218,9 @@ end
|
||||||
|
|
||||||
if conf["redirected_regex"] then
|
if conf["redirected_regex"] then
|
||||||
for regex, redirect_url in pairs(conf["redirected_regex"]) do
|
for regex, redirect_url in pairs(conf["redirected_regex"]) do
|
||||||
if string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
if match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
||||||
or string.match(ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
or match(ngx.var.scheme.."://"..ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
||||||
or string.match(ngx.var.uri..hlp.uri_args_string(), regex) then
|
or match(ngx.var.uri..hlp.uri_args_string(), regex) then
|
||||||
detect_redirection(redirect_url)
|
detect_redirection(redirect_url)
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -242,8 +251,8 @@ function is_protected()
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
for _, regex in ipairs(conf["protected_regex"]) do
|
for _, regex in ipairs(conf["protected_regex"]) do
|
||||||
if string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
if match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
||||||
or string.match(ngx.var.uri..hlp.uri_args_string(), regex) then
|
or match(ngx.var.uri..hlp.uri_args_string(), regex) then
|
||||||
return true
|
return true
|
||||||
end
|
end
|
||||||
end
|
end
|
||||||
|
@ -272,8 +281,8 @@ end
|
||||||
|
|
||||||
if conf["skipped_regex"] then
|
if conf["skipped_regex"] then
|
||||||
for _, regex in ipairs(conf["skipped_regex"]) do
|
for _, regex in ipairs(conf["skipped_regex"]) do
|
||||||
if (string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
if (match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
||||||
or string.match(ngx.var.uri..hlp.uri_args_string(), regex))
|
or match(ngx.var.uri..hlp.uri_args_string(), regex))
|
||||||
and not is_protected() then
|
and not is_protected() then
|
||||||
return hlp.pass()
|
return hlp.pass()
|
||||||
end
|
end
|
||||||
|
@ -341,8 +350,8 @@ end
|
||||||
|
|
||||||
if conf["unprotected_regex"] then
|
if conf["unprotected_regex"] then
|
||||||
for _, regex in ipairs(conf["unprotected_regex"]) do
|
for _, regex in ipairs(conf["unprotected_regex"]) do
|
||||||
if (string.match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
if (match(ngx.var.host..ngx.var.uri..hlp.uri_args_string(), regex)
|
||||||
or string.match(ngx.var.uri..hlp.uri_args_string(), regex))
|
or match(ngx.var.uri..hlp.uri_args_string(), regex))
|
||||||
and not is_protected() then
|
and not is_protected() then
|
||||||
if hlp.is_logged_in() then
|
if hlp.is_logged_in() then
|
||||||
hlp.set_headers()
|
hlp.set_headers()
|
||||||
|
|
Loading…
Reference in a new issue