3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-05-24 22:47:14 +02:00
Code Issues Projects Releases Packages Wiki Activity

proxy: move properties to atomically updated state (#1280)

Browse source 
* authenticate: remove cookie options

* authenticate: remove shared key field

* authenticate: remove shared cipher property

* authenticate: move properties to separate state struct

* proxy: allow local state to be updated on configuration changes

* fix test

* return new connection

* use warn, collapse to single line

* address concerns, fix tests
This commit is contained in:
Caleb Doxsey 2020-08-14 11:44:58 -06:00 committed by GitHub
parent 23eea09ed0
commit d9a224a5e8
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
12 changed files with 305 additions and 147 deletions
Download patch file Download diff file Expand all files Collapse all files

26
proxy/middleware_test.go
View file

@ -57,13 +57,15 @@ func TestProxy_AuthenticateSession(t *testing.T) {
}
a := Proxy{
SharedKey: "80ldlrU2d7w+wVpKNfevk6fmb8otEx6CqOfshj2LwhQ=",
cookieSecret: []byte("80ldlrU2d7w+wVpKNfevk6fmb8otEx6CqOfshj2LwhQ="),
authenticateURL: uriParseHelper("https://authenticate.corp.example"),
authenticateSigninURL: uriParseHelper("https://authenticate.corp.example/sign_in"),
authenticateRefreshURL: uriParseHelper(rURL),
sessionStore: tt.session,
encoder: tt.encoder,
state: newAtomicProxyState(&proxyState{
sharedKey: "80ldlrU2d7w+wVpKNfevk6fmb8otEx6CqOfshj2LwhQ=",
cookieSecret: []byte("80ldlrU2d7w+wVpKNfevk6fmb8otEx6CqOfshj2LwhQ="),
authenticateURL: uriParseHelper("https://authenticate.corp.example"),
authenticateSigninURL: uriParseHelper("https://authenticate.corp.example/sign_in"),
authenticateRefreshURL: uriParseHelper(rURL),
sessionStore: tt.session,
encoder: tt.encoder,
}),
}
r := httptest.NewRequest(http.MethodGet, "/", nil)
state, _ := tt.session.LoadSession(r)
@ -95,10 +97,12 @@ func Test_jwtClaimMiddleware(t *testing.T) {
}
a := Proxy{
SharedKey: sharedKey,
cookieSecret: []byte("80ldlrU2d7w+wVpKNfevk6fmb8otEx6CqOfshj2LwhQ="),
encoder: encoder,
jwtClaimHeaders: claimHeaders,
state: newAtomicProxyState(&proxyState{
sharedKey: sharedKey,
cookieSecret: []byte("80ldlrU2d7w+wVpKNfevk6fmb8otEx6CqOfshj2LwhQ="),
encoder: encoder,
jwtClaimHeaders: claimHeaders,
}),
}
handler := http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {