3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-05 20:32:57 +02:00
Code Issues Projects Releases Packages Wiki Activity

core/authenticate: refactor identity authenticators to initiate redirect (#4858)

Browse source 
* core/authenticate: refactor identity authenticators to initiate redirect, use cookie for redirect url for cognito

* set secure and http only, update test
This commit is contained in:
Caleb Doxsey 2023-12-19 12:04:23 -07:00 committed by GitHub
parent 4c15b202d1
commit 3adbc65d37
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
14 changed files with 237 additions and 125 deletions
Download patch file Download diff file Expand all files Collapse all files

28
internal/httputil/signedout.go Normal file
View file

@ -0,0 +1,28 @@
package httputil
import "net/http"
const signedOutRedirectURICookieName = "_pomerium_signed_out_redirect_uri"
// GetSignedOutRedirectURICookie gets the redirect uri cookie for the signed-out page.
func GetSignedOutRedirectURICookie(w http.ResponseWriter, r *http.Request) (string, bool) {
cookie, err := r.Cookie(signedOutRedirectURICookieName)
if err != nil {
return "", false
}
cookie.MaxAge = -1
http.SetCookie(w, cookie)
return cookie.Value, true
}
// SetSignedOutRedirectURICookie sets the redirect uri cookie for the signed-out page.
func SetSignedOutRedirectURICookie(w http.ResponseWriter, redirectURI string) {
http.SetCookie(w, &http.Cookie{
Name: signedOutRedirectURICookieName,
Value: redirectURI,
MaxAge: 5 * 60,
HttpOnly: true,
Secure: true,
})
}