internal/sessions: fix cookie clear session (#376)

CookieStore's ClearSession now properly clears the user session cookie by setting MaxAge to -1.

internal/sessions: move encoder interface to encoding package, and rename to MarshalUnmarshaler.
internal/encoding: move mock to own package
authenticate: use INFO log level for authZ error.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
Bobby DeSimone 2019-11-09 10:49:24 -08:00 committed by GitHub
parent d3d60d1055
commit b9ab49c32c
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
19 changed files with 173 additions and 217 deletions

View file

@ -25,6 +25,10 @@
- Force refresh has been removed from the dashboard.
- Previous programmatic authentication endpoints (`/api/v1/token`) has been removed and is no longer supported.
### Fixed
- Fixed an issue where cookie sessions would not clear on error.[GH-376]
## v0.4.2
### Security
@ -338,3 +342,4 @@
[gh-332]: https://github.com/pomerium/pomerium/pull/332/
[gh-338]: https://github.com/pomerium/pomerium/issues/338
[gh-363]: https://github.com/pomerium/pomerium/issues/363
[gh-376]: https://github.com/pomerium/pomerium/pull/376/