Fix context when using spnego

cmd/rdpgw/common/remote.go

@@ -2,6 +2,7 @@ package common
 
 import (
 	"context"
+	"github.com/jcmturner/goidentity/v6"
 	"log"
 	"net"
 	"net/http"
@@ -44,6 +45,18 @@ func EnrichContext(next http.Handler) http.Handler {
 	})
 }
 
+func FixKerberosContext(next http.Handler) http.Handler {
+	return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
+		ctx := r.Context()
+
+		id := goidentity.FromHTTPRequestContext(r)
+		if id != nil {
+			ctx = context.WithValue(ctx, UsernameCtx, id.UserName())
+		}
+		next.ServeHTTP(w, r.WithContext(ctx))
+	})
+}
+
 func GetClientIp(ctx context.Context) string {
 	s, ok := ctx.Value(ClientIPCtx).(string)
 	if !ok {

cmd/rdpgw/main.go

@@ -215,7 +215,7 @@ func main() {
 		}
 		http.Handle("/remoteDesktopGateway/", common.EnrichContext(
 			spnego.SPNEGOKRB5Authenticate(
-				http.HandlerFunc(gw.HandleGatewayProtocol),
+				common.FixKerberosContext(http.HandlerFunc(gw.HandleGatewayProtocol)),
 				keytab,
 				service.Logger(log.Default()))),
 		)

go.mod

@@ -11,6 +11,7 @@ require (
 	github.com/gorilla/sessions v1.2.1
 	github.com/gorilla/websocket v1.5.0
 	github.com/jcmturner/gofork v1.7.6
+	github.com/jcmturner/goidentity/v6 v6.0.1
 	github.com/knadh/koanf v1.4.2
 	github.com/msteinert/pam v1.0.0
 	github.com/patrickmn/go-cache v2.1.0+incompatible
@@ -31,7 +32,6 @@ require (
 	github.com/hashicorp/go-uuid v1.0.3 // indirect
 	github.com/jcmturner/aescts/v2 v2.0.0 // indirect
 	github.com/jcmturner/dnsutils/v2 v2.0.0 // indirect
-	github.com/jcmturner/goidentity/v6 v6.0.1 // indirect
 	github.com/jcmturner/rpc/v2 v2.0.3 // indirect
 	github.com/matttproud/golang_protobuf_extensions v1.0.1 // indirect
 	github.com/mitchellh/copystructure v1.2.0 // indirect