feat: forward auth

This adds basic support for forwarded authentication similar to caddy and traefik. This replaces Authelia SSO as it effectively covers exactly the same use cases.

src/mod/auth/sso/forward/const.go

@@ -0,0 +1,44 @@
+package forward
+
+import "errors"
+
+const (
+	LogTitle = "Forward Auth"
+
+	DatabaseTable = "auth_sso_forward"
+
+	DatabaseKeyAddress                = "address"
+	DatabaseKeyResponseHeaders        = "responseHeaders"
+	DatabaseKeyRequestExcludedCookies = "requestExcludedCookies"
+
+	HeaderXForwardedProto  = "X-Forwarded-Proto"
+	HeaderXForwardedHost   = "X-Forwarded-Host"
+	HeaderXForwardedFor    = "X-Forwarded-For"
+	HeaderXForwardedURI    = "X-Forwarded-URI"
+	HeaderXForwardedMethod = "X-Forwarded-Method"
+
+	HeaderCookie = "Cookie"
+
+	HeaderUpgrade          = "Upgrade"
+	HeaderConnection       = "Connection"
+	HeaderTransferEncoding = "Transfer-Encoding"
+	HeaderTE               = "TE"
+	HeaderTrailers         = "Trailers"
+	HeaderKeepAlive        = "Keep-Alive"
+)
+
+var (
+	ErrInternalServerError = errors.New("internal server error")
+	ErrUnauthorized        = errors.New("unauthorized")
+)
+
+var (
+	doNotCopyHeaders = []string{
+		HeaderUpgrade,
+		HeaderConnection,
+		HeaderTransferEncoding,
+		HeaderTE,
+		HeaderTrailers,
+		HeaderKeepAlive,
+	}
+)