3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-23 22:17:14 +02:00
Code Issues Projects Releases Packages Wiki Activity

authenticate: validate origin of signout (#1876)

Browse source 
* authenticate: validate origin of signout

- add a debug task to kill envoy
- improve various function docs
- userinfo: return "error" page if user is logged out without redirect uri set
- remove front channel logout. There's little difference between it, and the signout function.

Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
This commit is contained in:
bobby 2021-02-11 21:37:54 -08:00 committed by GitHub
parent 9fd58f9b8a
commit c3e3ed9b50
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
11 changed files with 174 additions and 182 deletions
Download patch file Download diff file Expand all files Collapse all files

4
proxy/handlers_test.go
View file

@ -64,7 +64,7 @@ func TestProxy_Signout(t *testing.T) {
}
}
func TestProxy_UserDashboard(t *testing.T) {
func TestProxy_userInfo(t *testing.T) {
opts := testOptions(t)
err := ValidateOptions(opts)
if err != nil {
@ -76,7 +76,7 @@ func TestProxy_UserDashboard(t *testing.T) {
}
req := httptest.NewRequest(http.MethodGet, "/.pomerium/sign_out", nil)
rr := httptest.NewRecorder()
proxy.UserDashboard(rr, req)
proxy.userInfo(rr, req)
if status := rr.Code; status != http.StatusFound {
t.Errorf("handler returned wrong status code: got %v want %v", status, http.StatusFound)
}