mirror of
https://github.com/pomerium/pomerium.git
synced 2025-07-31 15:29:48 +02:00
8d1732582e
authenticate: unmarshal and verify state from jwt, instead of middleware
authorize: embed opa policy using statik
authorize: have IsAuthorized handle authorization for all routes
authorize: if no signing key is provided, one is generated
authorize: remove IsAdmin grpc endpoint
authorize/client: return authorize decision struct
cmd/pomerium: main logger no longer contains email and group
cryptutil: add ECDSA signing methods
dashboard: have impersonate form show up for all users, but have api gated by authz
docs: fix typo in signed jwt header
encoding/jws: remove unused es256 signer
frontend: namespace static web assets
internal/sessions: remove leeway to match authz policy
proxy: move signing functionality to authz
proxy: remove jwt attestation from proxy (authZ does now)
proxy: remove non-signed headers from headers
proxy: remove special handling of x-forwarded-host
sessions: do not verify state in middleware
sessions: remove leeway from state to match authz
sessions/{all}: store jwt directly instead of state
Signed-off-by: Bobby DeSimone <bobbydesimone@gmail.com>
41 lines
1.2 KiB
Go
41 lines
1.2 KiB
Go
// Package mock provides a mock implementation of session store and loader.
|
|
package mock // import "github.com/pomerium/pomerium/internal/sessions/mock"
|
|
|
|
import (
|
|
"net/http"
|
|
|
|
"github.com/pomerium/pomerium/internal/encoding"
|
|
"github.com/pomerium/pomerium/internal/encoding/jws"
|
|
"github.com/pomerium/pomerium/internal/sessions"
|
|
)
|
|
|
|
var _ sessions.SessionStore = &Store{}
|
|
var _ sessions.SessionLoader = &Store{}
|
|
|
|
// Store is a mock implementation of the SessionStore interface
|
|
type Store struct {
|
|
ResponseSession string
|
|
Session *sessions.State
|
|
SaveError error
|
|
LoadError error
|
|
Secret []byte
|
|
Encrypted bool
|
|
}
|
|
|
|
// ClearSession clears the ResponseSession
|
|
func (ms *Store) ClearSession(http.ResponseWriter, *http.Request) {
|
|
ms.ResponseSession = ""
|
|
}
|
|
|
|
// LoadSession returns the session and a error
|
|
func (ms Store) LoadSession(*http.Request) (string, error) {
|
|
var signer encoding.MarshalUnmarshaler
|
|
signer, _ = jws.NewHS256Signer(ms.Secret, "mock")
|
|
jwt, _ := signer.Marshal(ms.Session)
|
|
return string(jwt), ms.LoadError
|
|
}
|
|
|
|
// SaveSession returns a save error.
|
|
func (ms Store) SaveSession(http.ResponseWriter, *http.Request, interface{}) error {
|
|
return ms.SaveError
|
|
}
|