3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-07-31 23:41:09 +02:00
Code Issues Projects Releases Packages Wiki Activity

authenticate: validate signature on /.pomerium, /.pomerium/sign_in and /.pomerium/sign_out (#347) (#2046)

Browse source 
Co-authored-by: Caleb Doxsey <cdoxsey@pomerium.com>
This commit is contained in:
Travis Groth 2021-03-31 12:47:40 -04:00 committed by GitHub
parent a879e5fd72
commit ec60fcd32f
No known key found for this signature in database
GPG key ID: 4AEE18F83AFDEB23
6 changed files with 106 additions and 18 deletions
Download patch file Download diff file Expand all files Collapse all files

5
proxy/handlers.go
View file

@ -82,12 +82,13 @@ func (p *Proxy) userInfo(w http.ResponseWriter, r *http.Request) {
redirectURL = ref
}
url := state.authenticateDashboardURL.ResolveReference(&url.URL{
uri := state.authenticateDashboardURL.ResolveReference(&url.URL{
RawQuery: url.Values{
urlutil.QueryRedirectURI: {redirectURL},
}.Encode(),
})
httputil.Redirect(w, r, url.String(), http.StatusFound)
uri = urlutil.NewSignedURL(state.sharedKey, uri).Sign()
httputil.Redirect(w, r, uri.String(), http.StatusFound)
}
// Callback handles the result of a successful call to the authenticate service