mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-28 00:17:34 +02:00
authenticate: make callback path configurable (#493)
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
parent
1901cb5ca0
commit
5716113c2a
6 changed files with 57 additions and 26 deletions
|
@ -31,8 +31,8 @@ func (a *Authenticate) Handler() http.Handler {
|
|||
a.cookieSecret,
|
||||
csrf.Secure(a.cookieOptions.Secure),
|
||||
csrf.Path("/"),
|
||||
csrf.UnsafePaths([]string{callbackPath}), // enforce CSRF on "safe" handler
|
||||
csrf.FormValueName("state"), // rfc6749 section-10.12
|
||||
csrf.UnsafePaths([]string{a.RedirectURL.Path}), // enforce CSRF on "safe" handler
|
||||
csrf.FormValueName("state"), // rfc6749 section-10.12
|
||||
csrf.CookieName(fmt.Sprintf("%s_csrf", a.cookieOptions.Name)),
|
||||
csrf.ErrorHandler(httputil.HandlerFunc(httputil.CSRFFailureHandler)),
|
||||
))
|
||||
|
|
Loading…
Add table
Add a link
Reference in a new issue