3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-09 23:27:43 +02:00
Code Issues Projects Releases Packages Wiki Activity

idp: delete sessions on refresh error, handle zero times in oauth/id tokens for refresh (#961)

Browse source
This commit is contained in:
Caleb Doxsey 2020-06-22 08:49:28 -06:00 committed by GitHub
parent 452c9be06d
commit b3ccdfe00f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
5 changed files with 82 additions and 41 deletions
Download patch file Download diff file Expand all files Collapse all files

6
authenticate/handlers.go
View file

@ -17,6 +17,7 @@ import (
"github.com/pomerium/csrf"
"github.com/rs/cors"
"golang.org/x/oauth2"
"google.golang.org/protobuf/types/known/timestamppb"
"github.com/pomerium/pomerium/internal/cryptutil"
"github.com/pomerium/pomerium/internal/grpc/databroker"
@ -491,7 +492,10 @@ func (a *Authenticate) saveSessionToDataBroker(ctx context.Context, sessionState
}
sessionExpiry, _ := ptypes.TimestampProto(time.Now().Add(time.Hour))
idTokenExpiry, _ := ptypes.TimestampProto(sessionState.Expiry.Time())
var idTokenExpiry *timestamppb.Timestamp
if sessionState.Expiry != nil {
idTokenExpiry, _ = ptypes.TimestampProto(sessionState.Expiry.Time())
}
idTokenIssuedAt, _ := ptypes.TimestampProto(sessionState.IssuedAt.Time())
oauthTokenExpiry, _ := ptypes.TimestampProto(accessToken.Expiry)