From 28890a97b64316ebdd3c683dd2753b6c052bf22a Mon Sep 17 00:00:00 2001
From: Bolke de Bruin <bolke@xs4all.nl>
Date: Fri, 26 Aug 2022 12:05:07 +0200
Subject: [PATCH] Fix username replacement

---
 cmd/rdpgw/api/basic.go      |  1 -
 cmd/rdpgw/security/basic.go | 10 ++++++++--
 2 files changed, 8 insertions(+), 3 deletions(-)

diff --git a/cmd/rdpgw/api/basic.go b/cmd/rdpgw/api/basic.go
index d2540ba..8085519 100644
--- a/cmd/rdpgw/api/basic.go
+++ b/cmd/rdpgw/api/basic.go
@@ -48,7 +48,6 @@ func (c *Config) BasicAuth(next http.HandlerFunc) http.HandlerFunc {
 				log.Printf("User %s is not authenticated for this service", username)
 			} else {
 				ctx := context.WithValue(r.Context(), "preferred_username", username)
-				ctx = context.WithValue(ctx, "access_token", "EMPTY")
 				next.ServeHTTP(w, r.WithContext(ctx))
 				return
 			}
diff --git a/cmd/rdpgw/security/basic.go b/cmd/rdpgw/security/basic.go
index c7e6f96..595fe81 100644
--- a/cmd/rdpgw/security/basic.go
+++ b/cmd/rdpgw/security/basic.go
@@ -21,13 +21,19 @@ func CheckHost(ctx context.Context, host string) (bool, error) {
 		// todo get from context?
 		return false, errors.New("cannot verify host in 'signed' mode as token data is missing")
 	case "roundrobin", "unsigned":
+		var username string
+
 		log.Printf("Checking host")
 		s := getSessionInfo(ctx)
 		if s == nil {
-			return false, errors.New("no valid session info found in context")
+			var ok bool
+			username, ok = ctx.Value("preferred_username").(string)
+			if !ok {
+				return false, errors.New("no valid session info or username found in context")
+			}
 		}
 		for _, h := range Hosts {
-			if s.UserName != "" {
+			if username != "" {
 				h = strings.Replace(h, "{{ preferred_username }}", s.UserName, 1)
 			}
 			if h == host {
-- 
GitLab