From 53fd499bea6754a89e692e5c0cb45685c731d201 Mon Sep 17 00:00:00 2001
From: Mia Wong <miawongdev@gmail.com>
Date: Fri, 1 Nov 2024 16:27:34 -0400
Subject: [PATCH] Fix 404 in Admin Console (#4980)

---
 .../{insecure.html => tls-warning.html}       |  0
 kurl_proxy/assets/welcome.html                |  2 +-
 kurl_proxy/cmd/main.go                        | 31 ++++++++++++++++---
 3 files changed, 28 insertions(+), 5 deletions(-)
 rename kurl_proxy/assets/{insecure.html => tls-warning.html} (100%)

diff --git a/kurl_proxy/assets/insecure.html b/kurl_proxy/assets/tls-warning.html
similarity index 100%
rename from kurl_proxy/assets/insecure.html
rename to kurl_proxy/assets/tls-warning.html
diff --git a/kurl_proxy/assets/welcome.html b/kurl_proxy/assets/welcome.html
index 5ecc7d848e..70d12f4243 100644
--- a/kurl_proxy/assets/welcome.html
+++ b/kurl_proxy/assets/welcome.html
@@ -19,7 +19,7 @@
       .replace(/\/$/, "");
     var httpsLink = "http:" + rawLink;
     var opensslLink = rawLink.substring(2).replace("/", "");
-    var insecureLink = httpsLink + "/insecure";
+    var insecureLink = httpsLink + "/tls-warning";
   </script>
   <body>
     <div class="u-minHeight--full u-width--full flex flex-column flex1">
diff --git a/kurl_proxy/cmd/main.go b/kurl_proxy/cmd/main.go
index 4e7810d75c..38df41263c 100644
--- a/kurl_proxy/cmd/main.go
+++ b/kurl_proxy/cmd/main.go
@@ -275,11 +275,34 @@ func getHttpServer(fingerprint string, acceptAnonymousUploads bool, assetsDir st
 		}
 
 		appIcon := template.URL(app.Spec.Icon)
-		htmlPage := "welcome.html"
-		if c.Request.URL.Path == "/insecure" {
-			htmlPage = "insecure.html"
+		c.HTML(http.StatusOK, "welcome.html", gin.H{
+			"fingerprintSHA1":   fingerprint,
+			"AppIcon":           appIcon,
+			"AppTitle":          app.Spec.Title,
+			"IsEmbeddedCluster": isEmbeddedCluster(),
+		})
+	})
+	r.GET("/tls-warning", func(c *gin.Context) {
+		if !acceptAnonymousUploads {
+			log.Println("TLS certs already uploaded, redirecting to https")
+			target := url.URL{
+				Scheme:   "https",
+				Host:     c.Request.Host,
+				Path:     c.Request.URL.Path,
+				RawQuery: c.Request.URL.RawQuery,
+			}
+			// Returns StatusFound (302) to avoid browser caching
+			c.Redirect(http.StatusFound, target.String())
+			return
+		}
+
+		app, err := kotsadmApplication()
+
+		if err != nil {
+			log.Printf("No kotsadm application metadata: %v", err) // continue
 		}
-		c.HTML(http.StatusOK, htmlPage, gin.H{
+		appIcon := template.URL(app.Spec.Icon)
+		c.HTML(http.StatusOK, "tls-warning.html", gin.H{
 			"fingerprintSHA1":   fingerprint,
 			"AppIcon":           appIcon,
 			"AppTitle":          app.Spec.Title,