3pp-mirror/pomerium
1
0
Fork 0
mirror of https://github.com/pomerium/pomerium.git synced 2025-04-30 10:56:28 +02:00
Code Issues Projects Releases Packages Wiki Activity
pomerium/internal/urlutil/proxy.go
Caleb Doxsey d390e80b30
authenticate: add databroker versions to session cookie (#2709) 
* authenticate: add databroker versions to session cookie
authorize: wait for databroker synchronization on updated sessions

* fix test
2021-10-26 14:45:53 -06:00

51 lines
1.4 KiB
Go
Raw Blame History

package urlutil
import (
"errors"
"net/http"
"net/url"
)
// ErrMissingRedirectURI indicates the pomerium_redirect_uri was missing from the query string.
var ErrMissingRedirectURI = errors.New("missing " + QueryRedirectURI)
// GetCallbackURL gets the proxy's callback URL from a request and a base64url encoded + encrypted session state JWT.
func GetCallbackURL(r *http.Request, encodedSessionJWT string) (*url.URL, error) {
rawRedirectURI := r.FormValue(QueryRedirectURI)
if rawRedirectURI == "" {
return nil, ErrMissingRedirectURI
}
redirectURI, err := ParseAndValidateURL(rawRedirectURI)
if err != nil {
return nil, err
}
var callbackURI *url.URL
if callbackStr := r.FormValue(QueryCallbackURI); callbackStr != "" {
callbackURI, err = ParseAndValidateURL(callbackStr)
if err != nil {
return nil, err
}
} else {
// otherwise, assume callback is the same host as redirect
callbackURI, err = DeepCopy(redirectURI)
if err != nil {
return nil, err
}
callbackURI.Path = "/.pomerium/callback/"
callbackURI.RawQuery = ""
}
callbackParams := callbackURI.Query()
if r.FormValue(QueryIsProgrammatic) == "true" {
callbackParams.Set(QueryIsProgrammatic, "true")
}
// add our encoded and encrypted route-session JWT to a query param
callbackParams.Set(QuerySessionEncrypted, encodedSessionJWT)
callbackParams.Set(QueryRedirectURI, redirectURI.String())
callbackURI.RawQuery = callbackParams.Encode()
return callbackURI, nil
}
Reference in a new issue View git blame Copy permalink