3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-06-27 23:18:13 +02:00
Code Issues Projects Releases Packages Wiki Activity

sessions: check idp id to detect provider changes to force session invalidation

Browse source
This commit is contained in:
Caleb Doxsey 2022-10-25 14:23:06 -06:00
parent 3f7a482815
commit 6ceba8ed72
12 changed files with 265 additions and 175 deletions
Download patch file Download diff file Expand all files Collapse all files

4
authenticate/state.go
View file

@ -42,7 +42,7 @@ type authenticateState struct {
sessionStore sessions.SessionStore
// sessionLoaders are a collection of session loaders to attempt to pull
// a user's session state from
sessionLoaders []sessions.SessionLoader
sessionLoader sessions.SessionLoader
jwk *jose.JSONWebKeySet
@ -120,7 +120,7 @@ func newAuthenticateStateFromConfig(cfg *config.Config) (*authenticateState, err
}
state.sessionStore = cookieStore
state.sessionLoaders = []sessions.SessionLoader{cookieStore}
state.sessionLoader = cookieStore
state.jwk = new(jose.JSONWebKeySet)
signingKey, err := cfg.Options.GetSigningKey()
if err != nil {