3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-21 13:07:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

sessions: check idp id to detect provider changes to force session invalidation (#3707)

Browse source 
* sessions: check idp id to detect provider changes to force session invalidation

* remove dead code

* fix test
This commit is contained in:
Caleb Doxsey 2022-10-25 16:20:32 -06:00 committed by GitHub
parent 3f7a482815
commit 30bdae3d9e
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 265 additions and 193 deletions
Download patch file Download diff file Expand all files Collapse all files

4
authenticate/handlers.go
View file

@ -111,9 +111,9 @@ func (a *Authenticate) mountDashboard(r *mux.Router) {
cr.Path("/").Handler(a.requireValidSignature(a.Callback)).Methods(http.MethodGet)
}
// RetrieveSession is the middleware used retrieve session by the sessionLoaders
// RetrieveSession is the middleware used retrieve session by the sessionLoader
func (a *Authenticate) RetrieveSession(next http.Handler) http.Handler {
return sessions.RetrieveSession(a.state.Load().sessionLoaders...)(next)
return sessions.RetrieveSession(a.state.Load().sessionLoader)(next)
}
// VerifySession is the middleware used to enforce a valid authentication