Enhance SSO authentication middleware with robust HTTP client configuration

- Add timeout and TLS configuration to HTTP client in AuthMiddleware - Enable insecure TLS connection for SSO service requests - Log errors for failed SSO authentication requests - Improve error handling and network resilience in authentication process

Enhance SSO authentication middleware with robust HTTP client configuration
- Add timeout and TLS configuration to HTTP client in AuthMiddleware - Enable insecure TLS connection for SSO service requests - Log errors for failed SSO authentication requests - Improve error handling and network resilience in authentication process
eba4454a · qiuqunfeng · f4330099 · eba4454a
Commit eba4454a authored Mar 05, 2025 by qiuqunfeng
Hide whitespace changes
Inline Side-by-side

Showing with 11 additions and 1 deletion

internal/middleware/auth.go internal/middleware/auth.go +11 -1

No files found.
--- a/internal/middleware/auth.go
+++ b/internal/middleware/auth.go
 package middleware

 import (
+	"crypto/tls"
 	"encoding/json"
 	"io"
 	"net/http"
+	"time"

 	"github.com/gin-gonic/gin"
 	"github.com/rs/zerolog/log"
@@ -45,9 +47,17 @@ func AuthMiddleware(ssoUrl string) gin.HandlerFunc {
 		}

 		// Make request to SSO service
-		client := &http.Client{}
+		client := &http.Client{
+			Timeout: 10 * time.Second,
+			Transport: &http.Transport{
+				TLSClientConfig: &tls.Config{
+					InsecureSkipVerify: true,
+				},
+			},
+		}
 		resp, err := client.Do(req)
 		if err != nil {
+			log.Error().Err(err).Msg("failed to make sso request")
 			utils.AssembleResponse(c, nil, utils.ErrInternalServer)
 			c.Abort()
 			return