authenticate/proxy: add backend refresh (#438)

2025-08-03 00:40:25 +02:00 · 2019-12-30 10:47:54 -08:00 · 2019-12-30 10:47:54 -08:00 · ec029c679b
commit ec029c679b
parent 9a330613aa
35 changed files with 1226 additions and 445 deletions
--- a/internal/sessions/query_store.go
+++ b/internal/sessions/query_store.go
@ -1,68 +0,0 @@
-package sessions // import "github.com/pomerium/pomerium/internal/sessions"
-
-import (
-	"net/http"
-
-	"github.com/pomerium/pomerium/internal/encoding"
-)
-
-const (
-	defaultQueryParamKey = "pomerium_session"
-)
-
-// QueryParamStore implements the load session store interface using http
-// query strings / query parameters.
-type QueryParamStore struct {
-	queryParamKey string
-	encoder       encoding.Marshaler
-	decoder       encoding.Unmarshaler
-}
-
-// NewQueryParamStore returns a new query param store for loading sessions from
-// query strings / query parameters.
-//
-// NOTA BENE: By default, most servers _DO_ log query params, the leaking or
-// accidental logging of which should be considered a security issue.
-func NewQueryParamStore(enc encoding.MarshalUnmarshaler, qp string) *QueryParamStore {
-	if qp == "" {
-		qp = defaultQueryParamKey
-	}
-	return &QueryParamStore{
-		queryParamKey: qp,
-		encoder:       enc,
-		decoder:       enc,
-	}
-}
-
-// LoadSession tries to retrieve the token string from URL query parameters.
-func (qp *QueryParamStore) LoadSession(r *http.Request) (*State, error) {
-	cipherText := r.URL.Query().Get(qp.queryParamKey)
-	if cipherText == "" {
-		return nil, ErrNoSessionFound
-	}
-	var session State
-	if err := qp.decoder.Unmarshal([]byte(cipherText), &session); err != nil {
-		return nil, ErrMalformed
-	}
-	return &session, nil
-}
-
-// ClearSession clears the session cookie from a request's query param key `pomerium_session`.
-func (qp *QueryParamStore) ClearSession(w http.ResponseWriter, r *http.Request) {
-	params := r.URL.Query()
-	params.Del(qp.queryParamKey)
-	r.URL.RawQuery = params.Encode()
-}
-
-// SaveSession sets a session to a request's query param key `pomerium_session`
-func (qp *QueryParamStore) SaveSession(w http.ResponseWriter, r *http.Request, x interface{}) error {
-	data, err := qp.encoder.Marshal(x)
-	if err != nil {
-		return err
-	}
-	r.URL.Query().Get(qp.queryParamKey)
-	params := r.URL.Query()
-	params.Set(qp.queryParamKey, string(data))
-	r.URL.RawQuery = params.Encode()
-	return nil
-}