3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-19 09:38:03 +02:00
Code Issues Projects Releases Packages Wiki Activity

webauthn: require session when accessing /.pomerium/webauthn (#3814)

Browse source 
* webauthn: require session when accessing /.pomerium/webauthn

* remove dead code

* remove unusued PomeriumDomains field
This commit is contained in:
Caleb Doxsey 2022-12-16 10:59:21 -07:00 committed by GitHub
parent 44a5c1b2fb
commit c86ca6f76f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
8 changed files with 67 additions and 78 deletions
Download patch file Download diff file Expand all files Collapse all files

11
config/policy_ppl_test.go
View file

@ -58,8 +58,19 @@ default allow = [false, set()]
default deny = [false, set()]
pomerium_routes_0 = [true, {"pomerium-route"}] {
session := get_session(input.session.id)
session.id != ""
contains(input.http.url, "/.pomerium/")
}
else = [true, {"pomerium-route"}] {
contains(input.http.url, "/.pomerium/")
not contains(input.http.url, "/.pomerium/jwt")
not contains(input.http.url, "/.pomerium/webauthn")
}
else = [false, {"user-unauthenticated"}] {
contains(input.http.url, "/.pomerium/")
}
else = [false, {"non-pomerium-route"}]