Changed getRoute function to work with route IDs to be more flexible

.github/workflows/build.yaml

@@ -23,7 +23,6 @@ jobs:
         id: buildx
         uses: docker/setup-buildx-action@v1
       - name: Login to Docker Hub
-        if: github.event_name != 'pull_request'
         uses: docker/login-action@v1
         with:
           username: rorylshanks

README.md

@@ -253,7 +253,7 @@ The Dynamic Backend Configuration feature is especially useful for scenarios tha
 
 - [ ] Add device-aware context
 - [ ] Add UI for debugging users
-- [ ] Fix getRouteForHostname to also match based on path
+- [x] Fix getRouteFromRequest to also match based on path
 - [ ] Add metrics for monitoring
 - [ ] Better logging
 

lib/sso.js

@@ -1,6 +1,6 @@
 import { Issuer } from 'openid-client';
 import { decodeJWT, createJWT } from '../util/jwt.js';
-import { getConfig, getRouteForHostname } from '../util/config.js';
+import { getConfig, getRouteFromRequest } from '../util/config.js';
 import { URL, URLSearchParams } from 'url';
 import log from '../util/logging.js'
 import authz from './authz.js'
@@ -30,7 +30,7 @@ async function verifyAuth(req, res) {
         var requestUrl = new URL(`${req.get("X-Forwarded-Proto")}://${req.get("X-Forwarded-Host")}${req.get("X-Forwarded-Path") || ""}`)
         var currentConfig = getConfig()
         // Then get the route-specific configuration for this hostname. Note that currently veriflow only supports per-host routes
-        var route = getRouteForHostname(requestUrl.hostname)
+        var route = getRouteFromRequest(req)
         if (!route) {
             log.warn({ message: "No route found for request", host: requestUrl })
             var html = await errorpages.renderErrorPage(404)

util/caddyModels.js

@@ -5,7 +5,7 @@ import axios from 'axios';
 import utils from './utils.js';
 import errorpage from './errorpage.js'
 
-function saturateRoute(proxyFrom, proxyTo, route, isSecure) {
+function saturateRoute(proxyFrom, proxyTo, route, isSecure, routeId) {
   var config = getConfig()
   var copyHeaders = {
     "X-Veriflow-User-Id": [
@@ -148,6 +148,9 @@ function saturateRoute(proxyFrom, proxyTo, route, isSecure) {
                       ],
                       "X-Forwarded-Uri": [
                         "{http.request.uri}"
+                      ],
+                      "X-Veriflow-Route-Id": [
+                        routeId
                       ]
                     }
                   }
@@ -197,9 +200,9 @@ function saturateRoute(proxyFrom, proxyTo, route, isSecure) {
 function saturateAllRoutesFromConfig(config) {
   var renderedRoutes = []
   var routes = config.policy
-  for (var route of routes) {
+  for (var routeId in routes) {
     try {
-
+      var route = routes[id]
       var fromURL = new URL(route.from)
       var toHostname = utils.urlToCaddyUpstream(route.to)
       var toURL = new URL(route.to)
@@ -211,7 +214,7 @@ function saturateAllRoutesFromConfig(config) {
         isSecure = true
       }
       var fromHostname = fromURL.hostname
-      var saturatedRoute = saturateRoute(fromHostname, toHostname, route, isSecure)
+      var saturatedRoute = saturateRoute(fromHostname, toHostname, route, isSecure, routeId)
       renderedRoutes.push(saturatedRoute)
       // log.debug({ "message": "Added route", route })
     } catch (error) {

util/config.js

@@ -43,9 +43,14 @@ function getConfig() {
     return currentConfig
 }
 
-function getRouteForHostname(hostname) {
+function getRouteFromRequest(req) {
     var config = getConfig()
-    var route = config.policy.find(element => element.from.includes(hostname))
+    var routeId = req.get("X-Veriflow-Route-Id")
+    if (!routeId) {
+        log.error({ message: "No route ID included in request", context: {route, hostname: hostname, numRoutes: config.policy.length}})
+        return null
+    }
+    var route = config.policy[routeId]
     if (route) {
         return route
     } else {
@@ -85,6 +90,6 @@ export {
     reloadConfig,
     getConfig,
     getIdpConfig,
-    getRouteForHostname,
+    getRouteFromRequest,
     getUserById
 };