From 32bc4c697562370c16b210ffd139f0a1f1714840 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?F=C3=A9lix=20Pi=C3=A9dallu?= Date: Fri, 10 Mar 2023 13:34:59 +0100 Subject: [PATCH] Add a new setting to redirect unknown URLs to either the SSO portal or a 404 page --- README.md | 12 ++++++++++++ access.lua | 10 ++++++++-- conf.json.example | 4 +++- config.lua | 9 ++++++++- 4 files changed, 31 insertions(+), 4 deletions(-) diff --git a/README.md b/README.md index 21c3647..42f028f 100644 --- a/README.md +++ b/README.md @@ -100,6 +100,18 @@ Whether authentication should use secure connection or not (**default**: `https` --------------- +### err404_to_portal + +Wether to redirect unknown URLs to the portal or to a 404 page (**default**: `true`). + +--------------- + +### err404_path + +URI of the 404 page (**default**: `/404.html`). It uses the same scheme and domain as the portal. + +--------------- + ### domains List of handled domains (**default**: similar to `portal_domain`). diff --git a/access.lua b/access.lua index ea1021c..dfc991f 100644 --- a/access.lua +++ b/access.lua @@ -315,9 +315,15 @@ for permission_name, permission_infos in pairs(conf["permissions"]) do end end +--- +--- 5. REDIRECT TO 404 PAGE IF UNKNOWN URL -> PORTAL IS DISABLED +--- +if not conf["err404_to_portal"] and longest_url_match == "" then + hlp.redirect(conf.err404_url) +end --- ---- 5. CHECK CLIENT-PROVIDED AUTH HEADER (should almost never happen?) +--- 6. CHECK CLIENT-PROVIDED AUTH HEADER (should almost never happen?) --- if permission ~= nil then @@ -336,7 +342,7 @@ end -- -- --- 6. APPLY PERMISSION +-- 7. APPLY PERMISSION -- -- diff --git a/conf.json.example b/conf.json.example index aceaea9..9813122 100644 --- a/conf.json.example +++ b/conf.json.example @@ -62,8 +62,10 @@ }, "portal_domain": "example.tld", "portal_path": "/yunohost/sso/", + "err404_to_portal": true, + "err404_path": "/404.html", "redirected_regex": { "example.tld/yunohost[\\/]?$": "https://example.tld/yunohost/sso/" }, "redirected_urls": {} -} \ No newline at end of file +} diff --git a/config.lua b/config.lua index f574af0..95b1377 100644 --- a/config.lua +++ b/config.lua @@ -47,7 +47,7 @@ function get_config() -- If the timestamp of the modification or the size is different, reload the configuration. config_attributes = new_config_attributes config_persistent_attributes = new_config_persistent_attributes - + local conf_file = assert(io.open(conf_path, "r"), "Configuration file is missing") conf = json.decode(conf_file:read("*all")) conf_file:close() @@ -83,6 +83,8 @@ function get_config() default_conf = { portal_scheme = "https", portal_path = "/ssowat/", + err404_to_portal = true, + err404_path = "/404.html" local_portal_domain = "yunohost.local", domains = { conf["portal_domain"], "yunohost.local" }, session_timeout = 60 * 60 * 24, -- one day @@ -122,6 +124,11 @@ function get_config() conf["portal_domain"].. conf["portal_path"] + -- Build portal full 404 page URL out of the configuration values + conf.err404_url = conf["portal_scheme"].."://".. + conf["portal_domain"].. + conf["err404_path"] + -- Always skip the portal to avoid redirection looping. table.insert(conf["permissions"]["core_skipped"]["uris"], conf["portal_domain"]..conf["portal_path"])