AutheliaMultiDomainProxy/Controllers/RedirectController.cs

using System.Web;
using AutheliaMultiDomainProxy.Backend;
using Microsoft.AspNetCore.Mvc;

namespace AutheliaMultiDomainProxy.Controllers;

[Controller]
[Route("/api/redirect")]
public class RedirectController : Controller {
	public IActionResult Get([FromQuery] string tgt) {
		// Check if we are on an allowed domain
		if (Vars.PermittedDomains.All(p => Request.Host.Host != $"{Vars.AuthProxySubdomain}.{p}"))
			return StatusCode(StatusCodes.Status421MisdirectedRequest);

		var dstDomain = AuthHelpers.GetRootDomain(tgt);

		if (string.IsNullOrWhiteSpace(tgt) || !Vars.PermittedDomains.Contains(dstDomain)) {
			Response.StatusCode = StatusCodes.Status421MisdirectedRequest;
			return BadRequest("Bad request.");
		}

		var targetUrl =
			$"https://{Vars.AuthProxySubdomain}.{Vars.UpstreamPrimaryDomain}/api/cookieproxy_stage_one?tgt={HttpUtility.UrlEncode(tgt)}";
		Response.Redirect(targetUrl);
		return Content($"Redirecting... <a href=\"{targetUrl}\">Click here if you are not redirected automatically</a>", "text/html");
	}
}
Add redirect controller 2023-03-28 23:25:20 +02:00			`using System.Web;`
			`using AutheliaMultiDomainProxy.Backend;`
			`using Microsoft.AspNetCore.Mvc;`

			`namespace AutheliaMultiDomainProxy.Controllers;`

			`[Controller]`
			`[Route("/api/redirect")]`
			`public class RedirectController : Controller {`
Automatically extract dstDomain from tgt 2023-03-28 23:56:06 +02:00			`public IActionResult Get([FromQuery] string tgt) {`
Add redirect controller 2023-03-28 23:25:20 +02:00			`// Check if we are on an allowed domain`
Simplify host restriction 2023-04-05 20:17:44 +02:00			`if (Vars.PermittedDomains.All(p => Request.Host.Host != $"{Vars.AuthProxySubdomain}.{p}"))`
Add redirect controller 2023-03-28 23:25:20 +02:00			`return StatusCode(StatusCodes.Status421MisdirectedRequest);`

Automatically extract dstDomain from tgt 2023-03-28 23:56:06 +02:00			`var dstDomain = AuthHelpers.GetRootDomain(tgt);`

			`if (string.IsNullOrWhiteSpace(tgt) \|\| !Vars.PermittedDomains.Contains(dstDomain)) {`
Add redirect controller 2023-03-28 23:25:20 +02:00			`Response.StatusCode = StatusCodes.Status421MisdirectedRequest;`
			`return BadRequest("Bad request.");`
			`}`

			`var targetUrl =`
Fix url 2023-04-05 20:26:12 +02:00			`$"https://{Vars.AuthProxySubdomain}.{Vars.UpstreamPrimaryDomain}/api/cookieproxy_stage_one?tgt={HttpUtility.UrlEncode(tgt)}";`
Add redirect controller 2023-03-28 23:25:20 +02:00			`Response.Redirect(targetUrl);`
			`return Content($"Redirecting... <a href=\"{targetUrl}\">Click here if you are not redirected automatically</a>", "text/html");`
			`}`
			`}`