diff --git a/.assets/icon.png b/.assets/icon.png
new file mode 100644
index 0000000..ceed7e5
Binary files /dev/null and b/.assets/icon.png differ
diff --git a/.github/DISCUSSION_TEMPLATE/feature-requests.yml b/.github/DISCUSSION_TEMPLATE/feature-requests.yml
new file mode 100644
index 0000000..03b580c
--- /dev/null
+++ b/.github/DISCUSSION_TEMPLATE/feature-requests.yml
@@ -0,0 +1,47 @@
+body:
+ - type: textarea
+ attributes:
+ label: Summary
+ description: A clear and concise summary of the requested feature.
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: Motivation
+ description: |
+ Why is this feature important?
+ Explain the problem this feature would solve or what use case it would enable.
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: Proposed Solution
+ description: |
+ How would you like to see this feature implemented?
+ Provide as much detail as possible about the desired behavior, configuration, or changes.
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: Alternatives Considered
+ description: Describe any alternative solutions or workarounds you've thought about.
+ validations:
+ required: false
+
+ - type: textarea
+ attributes:
+ label: Additional Context
+ description: Add any other context, mockups, or screenshots about the feature request here.
+ validations:
+ required: false
+
+ - type: markdown
+ attributes:
+ value: |
+ Before submitting, please:
+ - Check if there is an existing issue for this feature.
+ - Clearly explain the benefit and use case.
+ - Be as specific as possible to help contributors evaluate and implement.
diff --git a/.github/ISSUE_TEMPLATE/1.bug_report.yml b/.github/ISSUE_TEMPLATE/1.bug_report.yml
new file mode 100644
index 0000000..41dbe7b
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/1.bug_report.yml
@@ -0,0 +1,51 @@
+name: Bug Report
+description: Create a bug report
+labels: []
+body:
+ - type: textarea
+ attributes:
+ label: Describe the Bug
+ description: A clear and concise description of what the bug is.
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: Environment
+ description: Please fill out the relevant details below for your environment.
+ value: |
+ - OS Type & Version: (e.g., Ubuntu 22.04)
+ - Pangolin Version:
+ - Gerbil Version:
+ - Traefik Version:
+ - Newt Version:
+ - Olm Version: (if applicable)
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: To Reproduce
+ description: |
+ Steps to reproduce the behavior, please provide a clear description of how to reproduce the issue, based on the linked minimal reproduction. Screenshots can be provided in the issue body below.
+
+ If using code blocks, make sure syntax highlighting is correct and double-check that the rendered preview is not broken.
+ validations:
+ required: true
+
+ - type: textarea
+ attributes:
+ label: Expected Behavior
+ description: A clear and concise description of what you expected to happen.
+ validations:
+ required: true
+
+ - type: markdown
+ attributes:
+ value: |
+ Before posting the issue go through the steps you've written down to make sure the steps provided are detailed and clear.
+
+ - type: markdown
+ attributes:
+ value: |
+ Contributors should be able to follow the steps provided in order to reproduce the bug.
diff --git a/.github/ISSUE_TEMPLATE/config.yml b/.github/ISSUE_TEMPLATE/config.yml
new file mode 100644
index 0000000..a3739c4
--- /dev/null
+++ b/.github/ISSUE_TEMPLATE/config.yml
@@ -0,0 +1,8 @@
+blank_issues_enabled: false
+contact_links:
+ - name: Need help or have questions?
+ url: https://github.com/orgs/fosrl/discussions
+ about: Ask questions, get help, and discuss with other community members
+ - name: Request a Feature
+ url: https://github.com/orgs/fosrl/discussions/new?category=feature-requests
+ about: Feature requests should be opened as discussions so others can upvote and comment
diff --git a/.gitignore b/.gitignore
index 08cb523..40d8758 100644
--- a/.gitignore
+++ b/.gitignore
@@ -1 +1,2 @@
go.sum
+.DS_Store
diff --git a/.traefik.yml b/.traefik.yml
index cbcbc78..52e6ac8 100644
--- a/.traefik.yml
+++ b/.traefik.yml
@@ -1,5 +1,6 @@
-displayName: Fossorial Badger
+displayName: Pangolin (Badger)
type: middleware
+iconPath: .assets/icon.png
import: github.com/fosrl/badger
diff --git a/LICENSE b/LICENSE
index 0029d6d..560e225 100644
--- a/LICENSE
+++ b/LICENSE
@@ -1,6 +1,6 @@
MIT License
-Copyright (c) 2024 Fossorial LLC
+Copyright (c) 2025 Fossorial Inc
Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
diff --git a/README.md b/README.md
index b176014..7b9163c 100644
--- a/README.md
+++ b/README.md
@@ -10,7 +10,7 @@ Learn how to set up [Pangolin](https://github.com/fosrl/pangolin) and Badger in
## Configuration
-Badger requires the following configuration parameters to be specified in your [Traefik configuration file](https://doc.traefik.io/traefik/getting-started/configuration-overview/). These coincide with the separate [Pangolin](https://github.com/fosrl/pangolin) configuration file.
+Badger requires the following configuration parameters to be specified in your [Traefik configuration file](https://doc.traefik.io/traefik/getting-started/configuration-overview/). These coincide with the separate [Pangolin](https://github.com/fosrl/pangolin) configuration file. These options do not need to be configured unless you need to override the automatically provided config from Pangolin.
### Configuration Options
diff --git a/main.go b/main.go
index 2d0abe3..745adf5 100644
--- a/main.go
+++ b/main.go
@@ -38,13 +38,14 @@ type VerifyBody struct {
type VerifyResponse struct {
Data struct {
- Valid bool `json:"valid"`
- RedirectURL *string `json:"redirectUrl"`
- Username *string `json:"username,omitempty"`
- Email *string `json:"email,omitempty"`
- Name *string `json:"name,omitempty"`
- Role *string `json:"role,omitempty"`
- ResponseHeaders map[string]string `json:"responseHeaders,omitempty"`
+ HeaderAuthChallenged bool `json:"headerAuthChallenged"`
+ Valid bool `json:"valid"`
+ RedirectURL *string `json:"redirectUrl"`
+ Username *string `json:"username,omitempty"`
+ Email *string `json:"email,omitempty"`
+ Name *string `json:"name,omitempty"`
+ Role *string `json:"role,omitempty"`
+ ResponseHeaders map[string]string `json:"responseHeaders,omitempty"`
} `json:"data"`
}
@@ -195,12 +196,30 @@ func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
return
}
+ req.Header.Del("Remote-User")
+ req.Header.Del("Remote-Email")
+ req.Header.Del("Remote-Name")
+
if result.Data.ResponseHeaders != nil {
for key, value := range result.Data.ResponseHeaders {
rw.Header().Add(key, value)
}
}
+ if result.Data.HeaderAuthChallenged {
+ fmt.Println("Badger: challenging client for header authentication")
+ rw.Header().Add("WWW-Authenticate", "Basic realm=\"pangolin\"")
+
+ if result.Data.RedirectURL != nil && *result.Data.RedirectURL != "" {
+ rw.Header().Set("Content-Type", "text/html; charset=utf-8")
+ rw.WriteHeader(http.StatusUnauthorized)
+ rw.Write([]byte(p.renderRedirectPage(*result.Data.RedirectURL)))
+ } else {
+ http.Error(rw, "Unauthorized", http.StatusUnauthorized)
+ }
+ return
+ }
+
if result.Data.RedirectURL != nil && *result.Data.RedirectURL != "" {
fmt.Println("Badger: Redirecting to", *result.Data.RedirectURL)
http.Redirect(rw, req, *result.Data.RedirectURL, http.StatusFound)
@@ -255,3 +274,47 @@ func (p *Badger) getScheme(req *http.Request) string {
}
return "http"
}
+
+func (p *Badger) renderRedirectPage(redirectURL string) string {
+ return fmt.Sprintf(`
+
+
+
+ Redirecting...
+
+
+
+
+
Redirecting...
+
If you are not redirected automatically, click here.