3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-08-02 08:19:23 +02:00
Code Issues Projects Releases Packages Wiki Activity

config: add cookie_same_site option (#4148)

Browse source
This commit is contained in:
Caleb Doxsey 2023-05-03 14:36:42 -06:00 committed by GitHub
parent facf9ab093
commit be0104b842
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
22 changed files with 562 additions and 423 deletions
Download patch file Download diff file Expand all files Collapse all files

16
authenticate/identity_profile.go
View file

@ -61,7 +61,7 @@ func (a *Authenticate) buildIdentityProfile(
}, nil
}
func loadIdentityProfile(r *http.Request, aead cipher.AEAD) (*identitypb.Profile, error) {
func (a *Authenticate) loadIdentityProfile(r *http.Request, aead cipher.AEAD) (*identitypb.Profile, error) {
cookie, err := cookieChunker.LoadCookie(r, urlutil.QueryIdentityProfile)
if err != nil {
return nil, fmt.Errorf("authenticate: error loading identity profile cookie: %w", err)
@ -85,17 +85,19 @@ func loadIdentityProfile(r *http.Request, aead cipher.AEAD) (*identitypb.Profile
return &profile, nil
}
func storeIdentityProfile(w http.ResponseWriter, aead cipher.AEAD, profile *identitypb.Profile) {
func (a *Authenticate) storeIdentityProfile(w http.ResponseWriter, aead cipher.AEAD, profile *identitypb.Profile) {
options := a.options.Load()
decrypted, err := protojson.Marshal(profile)
if err != nil {
// this shouldn't happen
panic(fmt.Errorf("error marshaling message: %w", err))
}
encrypted := cryptutil.Encrypt(aead, decrypted, nil)
err = cookieChunker.SetCookie(w, &http.Cookie{
Name: urlutil.QueryIdentityProfile,
Value: base64.RawURLEncoding.EncodeToString(encrypted),
Path: "/",
})
cookie := options.NewCookie()
cookie.Name = urlutil.QueryIdentityProfile
cookie.Value = base64.RawURLEncoding.EncodeToString(encrypted)
cookie.Path = "/"
err = cookieChunker.SetCookie(w, cookie)
log.Error(context.Background()).Err(err).Send()
}