From 8dd564b8717c7787e25b35ac0ad4bd7a1c1b3228 Mon Sep 17 00:00:00 2001
From: GoEdgeLab <goedgecloud@gmail.com>
Date: Tue, 30 Aug 2022 11:24:23 +0800
Subject: [PATCH] =?UTF-8?q?=E4=BC=98=E5=8C=96=E9=89=B4=E6=9D=83?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 internal/nodes/http_request_auth.go | 36 ++++++++++++++++++-----------
 1 file changed, 23 insertions(+), 13 deletions(-)

diff --git a/internal/nodes/http_request_auth.go b/internal/nodes/http_request_auth.go
index 4fc9609..b3b0149 100644
--- a/internal/nodes/http_request_auth.go
+++ b/internal/nodes/http_request_auth.go
@@ -19,7 +19,10 @@ func (this *HTTPRequest) doAuth() (shouldStop bool) {
 		if !ref.IsOn || ref.AuthPolicy == nil || !ref.AuthPolicy.IsOn {
 			continue
 		}
-		b, err := ref.AuthPolicy.Filter(this.RawReq, func(subReq *http.Request) (status int, err error) {
+		if !ref.AuthPolicy.MatchRequest(this.RawReq) {
+			continue
+		}
+		ok, newURI, uriChanged, err := ref.AuthPolicy.Filter(this.RawReq, func(subReq *http.Request) (status int, err error) {
 			subReq.TLS = this.RawReq.TLS
 			subReq.RemoteAddr = this.RawReq.RemoteAddr
 			subReq.Host = this.RawReq.Host
@@ -36,24 +39,31 @@ func (this *HTTPRequest) doAuth() (shouldStop bool) {
 			this.write50x(err, http.StatusInternalServerError, "Failed to execute the AuthPolicy", "认证策略执行失败", false)
 			return
 		}
-		if b {
+		if ok {
+			if uriChanged {
+				this.uri = newURI
+			}
 			return
 		} else {
+			// Basic Auth比较特殊
 			if ref.AuthPolicy.Type == serverconfigs.HTTPAuthTypeBasicAuth {
-				var method = ref.AuthPolicy.Method().(*serverconfigs.HTTPAuthBasicMethod)
-				var headerValue = "Basic realm=\""
-				if len(method.Realm) > 0 {
-					headerValue += method.Realm
-				} else {
-					headerValue += this.ReqHost
+				method, ok := ref.AuthPolicy.Method().(*serverconfigs.HTTPAuthBasicMethod)
+				if ok {
+					var headerValue = "Basic realm=\""
+					if len(method.Realm) > 0 {
+						headerValue += method.Realm
+					} else {
+						headerValue += this.ReqHost
+					}
+					headerValue += "\""
+					if len(method.Charset) > 0 {
+						headerValue += ", charset=\"" + method.Charset + "\""
+					}
+					this.writer.Header()["WWW-Authenticate"] = []string{headerValue}
 				}
-				headerValue += "\""
-				if len(method.Charset) > 0 {
-					headerValue += ", charset=\"" + method.Charset + "\""
-				}
-				this.writer.Header()["WWW-Authenticate"] = []string{headerValue}
 			}
 			this.writer.WriteHeader(http.StatusUnauthorized)
+			this.tags = append(this.tags, ref.AuthPolicy.Type)
 			return true
 		}
 	}