mirror of
https://github.com/pomerium/pomerium.git
synced 2025-05-01 11:26:29 +02:00
380d314404
- Rename SessionState to State to avoid stutter. - Simplified option validation to use a wrapper function for base64 secrets. - Removed authenticates grpc code. - Abstracted logic to load and validate a user's authenticate session. - Removed instances of url.Parse in favor of urlutil's version. - proxy: replaces grpc refresh logic with forced deadline advancement. - internal/sessions: remove rest store; parse authorize header as part of session store. - proxy: refactor request signer - sessions: remove extend deadline (fixes #294) - remove AuthenticateInternalAddr - remove AuthenticateInternalAddrString - omit type tag.Key from declaration of vars TagKey* it will be inferred from the right-hand side - remove compatibility package xerrors - use cloned http.DefaultTransport as base transport
26 lines
885 B
Go
26 lines
885 B
Go
package sessions // import "github.com/pomerium/pomerium/internal/sessions"
|
|
|
|
import (
|
|
"errors"
|
|
"net/http"
|
|
)
|
|
|
|
// ErrEmptySession is an error for an empty sessions.
|
|
var ErrEmptySession = errors.New("internal/sessions: empty session")
|
|
|
|
// ErrEmptyCSRF is an error for an empty sessions.
|
|
var ErrEmptyCSRF = errors.New("internal/sessions: empty csrf")
|
|
|
|
// CSRFStore has the functions for setting, getting, and clearing the CSRF cookie
|
|
type CSRFStore interface {
|
|
SetCSRF(http.ResponseWriter, *http.Request, string)
|
|
GetCSRF(*http.Request) (*http.Cookie, error)
|
|
ClearCSRF(http.ResponseWriter, *http.Request)
|
|
}
|
|
|
|
// SessionStore has the functions for setting, getting, and clearing the Session cookie
|
|
type SessionStore interface {
|
|
ClearSession(http.ResponseWriter, *http.Request)
|
|
LoadSession(*http.Request) (*State, error)
|
|
SaveSession(http.ResponseWriter, *http.Request, *State) error
|
|
}
|