Reputation: 837
nginx auth_request error handling (unset error_page?)
When using nginx auth_request, only 4 return codes are accepted: 2xx, 401, 403 and 500. Handling these requires setting error_page. This is fine for auth_request, but all downstream apps returning these codes will end up using the same error_page handling.
Example:
location /test {
auth_request /foo;
error_page 500 /its-broke.html;
proxy_pass http://bar;
}
If auth_request to /foo returns 500, the its-broke.html is shown. This is the behavior I want. However, if bar returns 500 its-broke.html is also shown. I don't want this. Instead, I want bar's 500 error response to be transmitted through to the browser.
auth_request will catch any 5xx and handle it as 500, so I can't just have foo return 520. That results in the following error and 500 is returned anyway:
auth request unexpected status: 520 while sending to client
Any ideas for getting around this? I can't find a way to un-set error_page before the proxy pass either.
Upvotes: 2
Views: 4639
Answers (1)
Reputation: 146630
You can do that with some effort though
events {
worker_connections 1024;
}
http {
server {
listen 80;
location @autherror {
return 500 "Auth returned 500";
}
location @proxy_api {
proxy_pass http://127.0.0.1:8081;
}
location / {
location /test {
auth_request /auth;
error_page 500 = @autherror;
try_files dummy_non_existing_url = @proxy_api;
}
}
location /auth {
return 200 "auth passed";
}
}
server {
listen 8081;
location / {
return 200 "You came to $uri";
}
location /test2 {
return 500 "Error from API";
}
}
}
Result from the API test is
$ curl localhost/test
You came to /test
$ curl localhost/test2
Error from API
Now if I change return 200 "auth passed"; to return 500 "auth failed"; to simulate authentication 500 error, i get
$ curl localhost/test
Auth returned 500
Upvotes: 2
Related Questions
- nginx: Is it possible to have an 'catch all' error_page?
- Disable direct access to nginx custom error page
- How to return no body / content for errors / error_page in nginx?
- nginx custom error page for all requests
- How to customize Auth0 error page when there's a callback URL mismatch error?
- nginx http auth request module will only return default error pages
- Nginx optional auth_request
- Nginx custom error_page not using the specified page?
- nginx configure default error pages
- Nginx set up global error_pages