From cbbf31a7ce803ecb7fffd6a39417fb250b5572d1 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Wed, 30 Sep 2020 10:26:18 +0200 Subject: [PATCH] end requesrt when basic auth fails MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- proxy/pkg/middleware/account_uuid.go | 5 ++++- 1 file changed, 4 insertions(+), 1 deletion(-) diff --git a/proxy/pkg/middleware/account_uuid.go b/proxy/pkg/middleware/account_uuid.go index 4d7b396bc7..0838f99e5c 100644 --- a/proxy/pkg/middleware/account_uuid.go +++ b/proxy/pkg/middleware/account_uuid.go @@ -93,7 +93,10 @@ func AccountUUID(opts ...Option) func(next http.Handler) http.Handler { if opt.EnableBasicAuth && ok { l.Warn().Msg("basic auth enabled, use only for testing or development") account, status = getAccount(l, opt.AccountsClient, fmt.Sprintf("login eq '%s' and password eq '%s'", strings.ReplaceAll(login, "'", "''"), strings.ReplaceAll(password, "'", "''"))) - // fake claims for the subsequent code flow + if status != 0 { + w.WriteHeader(status) + return + } // fake claims for the subsequent code flow claims = &oidc.StandardClaims{ Iss: opt.OIDCIss, }