feat(handler/reverseproxy): don't return json response after all

Expose fewer interfaces; less maintenance and documentation needed.
nais · Oct 4, 2023 · c1bdb90 · c1bdb90
1 parent 91cd58d
commit c1bdb90
Show file tree

Hide file tree

Showing 2 changed files with 2 additions and 24 deletions.
diff --git a/docs/usage.md b/docs/usage.md
@@ -36,16 +36,7 @@ A _top-level navigation_ request results in a HTTP 302 Found response with the `
 The `redirect` parameter in the login URL is automatically set to the URL for the original request, so that the user is redirected back to their intended location after login.
 
 Other requests are considered non-navigational requests, and they will result in a HTTP 401 Unauthorized response.
-The `Location` header is set as before, and a JSON response is included for convenience:
-
-```json
-{
-   "correlation_id": "388d19c6-d439-4ff3-a77f-0ac3421418b2",
-   "error": "unauthenticated",
-   "error_description": "request is not authenticated, please log in",
-   "login_url": "/oauth2/login?redirect=http%3A%2F%2Flocalhost%3A3000%2Fasdf"
-}
-```
+The `Location` header is set as described in the above case.
 
 The `redirect` parameter in the login URL is set to the value found in the `Referer` header, so that the user is redirected back to their intended location after login.
 If the `Referer` header is empty, the `redirect` parameter is set to the matching ingress path for the original request.

diff --git a/pkg/handler/reverseproxy.go b/pkg/handler/reverseproxy.go
@@ -2,15 +2,13 @@ package handler
 
 import (
 	"context"
-	"encoding/json"
 	"errors"
 	"log"
 	"net/http"
 	"net/http/httputil"
 	urllib "net/url"
 	"strings"
 
-	"github.com/go-chi/chi/v5/middleware"
 	"github.com/sirupsen/logrus"
 
 	"github.com/nais/wonderwall/pkg/handler/acr"
@@ -151,20 +149,9 @@ func handleAutologin(src ReverseProxySource, w http.ResponseWriter, r *http.Requ
 		target = path
 	}
 
-	location := loginURL(target, "non-navigation request detected; responding with 401")
+	location := loginURL(target, "non-navigation request detected; responding with 401 and Location header")
 	w.Header().Set("Location", location)
-	w.Header().Set("Content-Type", "application/json")
 	w.WriteHeader(http.StatusUnauthorized)
-	err := json.NewEncoder(w).Encode(map[string]string{
-		"error":             "unauthenticated",
-		"error_description": "request is not authenticated, please log in",
-		"login_url":         location,
-		"correlation_id":    middleware.GetReqID(r.Context()),
-	})
-	if err != nil {
-		logger.Warnf("default: unauthenticated: autologin: marshalling json response: %+v", err)
-		w.WriteHeader(http.StatusInternalServerError)
-	}
 }
 
 func isNavigationRequest(r *http.Request) bool {