3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-05 20:32:57 +02:00
Code Issues Projects Releases Packages Wiki Activity

authenticate: handle XHR redirect flow (#387)

Browse source 
- authenticate: add cors preflight check support for sign_in endpoint
- internal/httputil: indicate responses that originate from pomerium vs the app
- proxy: detect XHR requests and do not redirect on failure.
- authenticate: removed default session duration; should be maintained out of band with rpc.
This commit is contained in:
Bobby DeSimone 2019-11-14 19:37:31 -08:00 committed by GitHub
parent 9030bd32cb
commit 00c29f4e77
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 128 additions and 35 deletions
Download patch file Download diff file Expand all files Collapse all files

6
proxy/handlers.go
View file

@ -67,7 +67,7 @@ func (p *Proxy) SignOut(w http.ResponseWriter, r *http.Request) {
}
uri := urlutil.SignedRedirectURL(p.SharedKey, p.authenticateSignoutURL, redirectURL)
p.sessionStore.ClearSession(w, r)
http.Redirect(w, r, uri.String(), http.StatusFound)
httputil.Redirect(w, r, uri.String(), http.StatusFound)
}
// UserDashboard lets users investigate, and refresh their current session.
@ -117,7 +117,7 @@ func (p *Proxy) Impersonate(w http.ResponseWriter, r *http.Request) {
q.Add("impersonate_group", r.FormValue("group"))
redirectURL.RawQuery = q.Encode()
uri := urlutil.SignedRedirectURL(p.SharedKey, p.authenticateSigninURL, redirectURL).String()
http.Redirect(w, r, uri, http.StatusFound)
httputil.Redirect(w, r, uri, http.StatusFound)
}
func (p *Proxy) registerFwdAuthHandlers() http.Handler {
@ -198,7 +198,7 @@ func (p *Proxy) Callback(w http.ResponseWriter, r *http.Request) {
}
redirectURL.RawQuery = q.Encode()
http.Redirect(w, r, redirectURL.String(), http.StatusFound)
httputil.Redirect(w, r, redirectURL.String(), http.StatusFound)
}
// ProgrammaticLogin returns a signed url that can be used to login