From e8878d795e00a30c3c280e1d81de5d85596cac64 Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <me@jonaskaninda.com>
Date: Thu, 14 Nov 2024 22:22:47 +0100
Subject: [PATCH 1/2] chore: disable error interceptor on websocket

---
 internal/middleware/error-interceptor.go | 14 ++++++++++----
 1 file changed, 10 insertions(+), 4 deletions(-)

diff --git a/internal/middleware/error-interceptor.go b/internal/middleware/error-interceptor.go
index 9c25127..36e2a5b 100644
--- a/internal/middleware/error-interceptor.go
+++ b/internal/middleware/error-interceptor.go
@@ -43,14 +43,17 @@ func (rec *responseRecorder) Write(data []byte) (int, error) {
 // ErrorInterceptor Middleware intercepts backend errors
 func (intercept InterceptErrors) ErrorInterceptor(next http.Handler) http.Handler {
 	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		// Check if the connection is a WebSocket
+		if isWebSocketRequest(r) {
+			next.ServeHTTP(w, r)
+			return
+		}
 		rec := newResponseRecorder(w)
 		next.ServeHTTP(rec, r)
-		w.Header().Set("Proxied-By", "Goma Gateway")
-		w.Header().Del("Server") //Delete server name
 		if canIntercept(rec.statusCode, intercept.Errors) {
-			logger.Debug("An error occurred in the backend, %d", rec.statusCode)
-			logger.Error("Backend error: %d", rec.statusCode)
+			logger.Error("Request to %s resulted in error with status code %d\n", r.URL.Path, rec.statusCode)
 			RespondWithError(w, rec.statusCode, http.StatusText(rec.statusCode))
+			return
 		} else {
 			// No error: write buffered response to client
 			w.WriteHeader(rec.statusCode)
@@ -63,6 +66,9 @@ func (intercept InterceptErrors) ErrorInterceptor(next http.Handler) http.Handle
 
 	})
 }
+func isWebSocketRequest(r *http.Request) bool {
+	return r.Header.Get("Upgrade") == "websocket" && r.Header.Get("Connection") == "Upgrade"
+}
 func canIntercept(code int, errors []int) bool {
 	return slices.Contains(errors, code)
 }

From 88c0be1b636580c8cce7db8bd010e4331446110a Mon Sep 17 00:00:00 2001
From: Jonas Kaninda <me@jonaskaninda.com>
Date: Thu, 14 Nov 2024 22:30:36 +0100
Subject: [PATCH 2/2] chore: add route backend skype tls verification

---
 internal/proxy.go | 6 ++++++
 internal/route.go | 2 ++
 internal/types.go | 6 ++++--
 3 files changed, 12 insertions(+), 2 deletions(-)

diff --git a/internal/proxy.go b/internal/proxy.go
index 6d6d352..e1dbf3d 100644
--- a/internal/proxy.go
+++ b/internal/proxy.go
@@ -16,6 +16,7 @@ See the License for the specific language governing permissions and
 limitations under the License.
 */
 import (
+	"crypto/tls"
 	"fmt"
 	"github.com/jkaninda/goma-gateway/internal/middleware"
 	"github.com/jkaninda/goma-gateway/pkg/logger"
@@ -85,6 +86,11 @@ func (proxyRoute ProxyRoute) ProxyHandler() http.HandlerFunc {
 				r.URL.Path = strings.Replace(r.URL.Path, fmt.Sprintf("%s/", proxyRoute.path), proxyRoute.rewrite, 1)
 			}
 		}
+		// Custom transport with InsecureSkipVerify
+		proxy.Transport = &http.Transport{TLSClientConfig: &tls.Config{
+			InsecureSkipVerify: proxyRoute.insecureSkipVerify,
+		},
+		}
 		w.Header().Set("Proxied-By", gatewayName) //Set Server name
 		w.Header().Del("Server")                  // Remove the Server header
 		// Custom error handler for proxy errors
diff --git a/internal/route.go b/internal/route.go
index f8f32c6..3c3655b 100644
--- a/internal/route.go
+++ b/internal/route.go
@@ -118,6 +118,7 @@ func (gatewayServer GatewayServer) Initialize() *mux.Router {
 								disableHostFording: route.DisableHostFording,
 								methods:            route.Methods,
 								cors:               route.Cors,
+								insecureSkipVerify: route.InsecureSkipVerify,
 							}
 							secureRouter := r.PathPrefix(util.ParseRoutePath(route.Path, midPath)).Subrouter()
 							//callBackRouter := r.PathPrefix(util.ParseRoutePath(route.Path, "/callback")).Subrouter()
@@ -225,6 +226,7 @@ func (gatewayServer GatewayServer) Initialize() *mux.Router {
 				methods:            route.Methods,
 				disableHostFording: route.DisableHostFording,
 				cors:               route.Cors,
+				insecureSkipVerify: route.InsecureSkipVerify,
 			}
 			// create route
 			router := r.PathPrefix(route.Path).Subrouter()
diff --git a/internal/types.go b/internal/types.go
index 2805d38..91a4df8 100644
--- a/internal/types.go
+++ b/internal/types.go
@@ -148,8 +148,9 @@ type Route struct {
 	// Methods allowed method
 	Methods []string `yaml:"methods"`
 	// Destination Defines backend URL
-	Destination string   `yaml:"destination"`
-	Backends    []string `yaml:"backends"`
+	Destination        string   `yaml:"destination"`
+	Backends           []string `yaml:"backends"`
+	InsecureSkipVerify bool     `yaml:"insecureSkipVerify"`
 	// HealthCheck Defines the backend is health
 	HealthCheck RouteHealthCheck `yaml:"healthCheck"`
 	// Cors contains the route cors headers
@@ -243,6 +244,7 @@ type ProxyRoute struct {
 	methods            []string
 	cors               Cors
 	disableHostFording bool
+	insecureSkipVerify bool
 }
 type RoutePath struct {
 	route       Route