Add assertions for the redirect URL in the unit test for the stateful
authentication flow Callback() method. Remove a commented-out line of
debug logging.
The identity manager expects to be able to read session ID and user ID
from any deleted databroker session records. The session.Delete()
wrapper method is not compatible with this expectation, as it calls
Put() with a record containing an empty session. The stateful
authentication flow currently calls session.Delete() from its
RevokeSession() method.
The result is that the identity manager will not correctly track
sessions deleted by the the stateful authentication flow, and will still
try to use them during session refresh and user info refresh.
Instead, let's change the stateful authentication flow RevokeSession()
method to perform deletions in a way that is compatible with the current
identity manager code. That is, include the existing session data in the
Put() call to delete the revoked session.
* core/authenticate: refactor identity authenticators to initiate redirect, use cookie for redirect url for cognito
* set secure and http only, update test
Commit b7896b3153 moved events.go from the 'authenticate' package to
'internal/authenticateflow' in order to avoid an import cycle. However
this location is not actually suitable, as the hosted authenticate
service refers to AuthEvent and AuthEventFn.
Move events.go back out from under 'internal', to a new package
'authenticate/events'. This should still avoid an import cycle between
'authenticate' and 'internal/authenticateflow', while also allowing the
hosted authenticate service to use the events types.
Add a new Stateful type implementing the stateful authentication flow
from Pomerium v0.20 and earlier.
This consists mainly of logic from authenticate/handlers.go prior to
commits 57217af and 539fd51.
One significant change is to set the default IdP ID when an IdP ID is
not provided in the request URL (e.g. when signing in directly at the
authenticate service domain). Otherwise, if session state is stored with
an empty IdP ID, it won't be valid for any route.
Move the Stateless.logAuthenticateEvent() method into the main
stateless.go file.
(This was in events.go temporarily so that Git would track the file
history as a rename from authenticate/events.go.)
Consolidate all logic specific to the stateless authenticate flow into a
a new Stateless type in a new package internal/authenticateflow. This is
in preparation for adding a new Stateful type implementing the older
stateful authenticate flow (from Pomerium v0.20 and previous).
This change is intended as a pure refactoring of existing logic, with no
changes in functionality.
If a request is made to the Pomerium metrics endpoint with an Accept
header requesting the Prometheus protobuf exposition format, some
metrics will be missing from the response.
These missing metrics are obtained by replaying the incoming request to
an OpenCensus metrics exporter. This exporter honors the request for the
protobuf format, however Pomerium expects this response to be in the
text format.
We can avoid this mismatch by explicitly requesting the text format from
the OpenCensus exporter, regardless of the incoming request's Accept
header.
(Note: the Pomerium metrics endpoint always responds with text format
metrics, even if the protobuf format is requested.)
Currently the RunWithRestart() loop may not exit when execFn returns an
error unrelated to its context cancellation. Add an additional check for
this case.
Update the AccessTracker, WebAuthn handlers, and identity manager
refresh loop to perform their session record updates using the
databroker Patch() method.
This should prevent any of these updates from conflicting.
* core/config: refactor file watcher
* add comments
* updates
* only use the polling watcher
* fix test
* fix test
* try to fix test again
* remove batching
* dont rely on file modification timestamp
* remove benchmark
* try fix again
Add a Patch() method to the databroker gRPC service.
Update the storage.Backend interface to include the Patch() method now
that all the storage.Backend implementations include it.
Add a test to exercise the patch method under concurrent usage.
Remove the Redis databroker backend. According to
https://www.pomerium.com/docs/internals/data-storage#redis it has been
discouraged since Pomerium v0.18.
Update the config options validation to return an error if "redis" is
set as the databroker storage backend type.
* core/config: refactor change dispatcher
* update test
* close listener go routine when context is canceled
* use cancel cause
* use context
* add more time
* more time
