Nginx – auth_request Setting URL After Rewrite

nginxrewrite

In my nginx configuration, I have this directive:

location /api/v2/compute {
    rewrite (?i)^/api/v2/compute(.*)$ /api/v2/internal$1 break;

    auth_request /enforce;

    proxy_pass http://vm-manager;
}

I want to have a /enforce endpoint that will forward (in a header) the URI after-rewrite:

location = /enforce {
    proxy_set_header X-Forwarded-Method $request_method;
    proxy_set_header X-Forwarded-Uri $request_uri;

    proxy_pass http://enforcer;
}

The problem is $request_uri contains the original URL, and not the URL after rewrite.
If I use proxy_set_header X-Forwarded-Uri $uri;, I get the currently-handled URL – /enforce.

I've tried to set $rewrite_uri $uri in the original location and to proxy_set_header X-Forwarded-Uri $rewrite_uri; in /enforce, but that doesn't work.

Do you know how can I set in auth_request the URL after the rewrite?

Best Answer

I was eventually able to solve it using ngx_headers_more module.

location /api/v2/compute {
    rewrite (?i)^/api/v2/compute(.*)$ /api/v2/internal$1 break;

    more_set_input_headers "X-Forwarded-Uri: $uri";
    auth_request /enforce;

    proxy_pass http://vm-manager;
}
Related Topic