3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-17 11:07:18 +02:00
Code Issues Projects Releases Packages Wiki Activity

crypto: use actual bytes of shared secret, not the base64 encoded representation (#2075)

Browse source 
* crypto: use actual bytes of shared secret, not the base64 encoded representation

* return errors

* return errors
This commit is contained in:
Caleb Doxsey 2021-04-08 20:04:01 -06:00 committed by GitHub
parent 7a04b16163
commit 6d1d2bec54
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
7 changed files with 71 additions and 26 deletions
Download patch file Download diff file Expand all files Collapse all files

4
authenticate/middleware.go
View file

@ -13,7 +13,7 @@ import (
func (a *Authenticate) requireValidSignatureOnRedirect(next httputil.HandlerFunc) http.Handler {
return httputil.HandlerFunc(func(w http.ResponseWriter, r *http.Request) error {
if r.FormValue(urlutil.QueryRedirectURI) != "" || r.FormValue(urlutil.QueryHmacSignature) != "" {
err := middleware.ValidateRequestURL(r, []byte(a.options.Load().SharedKey))
err := middleware.ValidateRequestURL(r, a.state.Load().sharedKey)
if err != nil {
return httputil.NewError(http.StatusBadRequest, err)
}
@ -25,7 +25,7 @@ func (a *Authenticate) requireValidSignatureOnRedirect(next httputil.HandlerFunc
// requireValidSignature validates the pomerium_signature.
func (a *Authenticate) requireValidSignature(next httputil.HandlerFunc) http.Handler {
return httputil.HandlerFunc(func(w http.ResponseWriter, r *http.Request) error {
err := middleware.ValidateRequestURL(r, []byte(a.options.Load().SharedKey))
err := middleware.ValidateRequestURL(r, a.state.Load().sharedKey)
if err != nil {
return err
}