Skip to content

Commit

Permalink
fix: return 400
Browse files Browse the repository at this point in the history
  • Loading branch information
liuyu committed Apr 8, 2024
1 parent 378b74e commit e6bb2f7
Show file tree
Hide file tree
Showing 2 changed files with 11 additions and 2 deletions.
7 changes: 6 additions & 1 deletion internal/handlers/handler_authz_impl_extauthz.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -6,6 +6,7 @@ import (

"github.com/valyala/fasthttp"

"github.com/authelia/authelia/v4/internal/authentication"
"github.com/authelia/authelia/v4/internal/authorization"
"github.com/authelia/authelia/v4/internal/middlewares"
)
Expand Down Expand Up @@ -57,7 +58,11 @@ func handleAuthzUnauthorizedExtAuthz(ctx *middlewares.AutheliaCtx, authn *Authn,
switch string(mode) {
case NonRedirectMode:
ctx.Logger.Infof("[ext_authz] Access to %s (method %s) is not authorized to user %s, responding with status code %d", authn.Object.URL.String(), authn.Method, authn.Username, statusCode)
ctx.ReplyUnauthorized()
if authn.Level == authentication.NotAuthenticated {
ctx.ReplyBadRequest()
} else {
ctx.ReplyUnauthorized()
}
default:
ctx.SpecialRedirect(redirectionURL.String(), statusCode)
}
Expand Down
6 changes: 5 additions & 1 deletion internal/handlers/handler_authz_impl_legacy.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -114,6 +114,10 @@ func handleAuthzUnauthorizedLegacy(ctx *middlewares.AutheliaCtx, authn *Authn, r
}
} else {
ctx.Logger.Infof("[legacy] Access to %s (method %s) is not authorized to user %s, responding with status code %d", authn.Object.URL.String(), authn.Method, authn.Username, statusCode)
ctx.ReplyUnauthorized()
if authn.Level == authentication.NotAuthenticated {
ctx.ReplyBadRequest()
} else {
ctx.ReplyUnauthorized()
}
}
}

0 comments on commit e6bb2f7

Please sign in to comment.