2021-07-14 18:43:19 +00:00
|
|
|
package utils
|
|
|
|
|
|
|
|
|
|
import (
|
2021-07-22 00:54:15 +00:00
|
|
|
"net/http"
|
|
|
|
|
|
2021-07-23 16:27:44 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/constants"
|
2022-01-17 06:02:13 +00:00
|
|
|
"github.com/authorizerdev/authorizer/server/envstore"
|
2021-07-14 18:43:19 +00:00
|
|
|
"github.com/gin-gonic/gin"
|
|
|
|
|
)
|
|
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
// SetCookie sets the cookie in the response. It sets 2 cookies
|
|
|
|
|
// 1 COOKIE_NAME for the host (abc.com)
|
|
|
|
|
// 2 COOKIE_NAME-client for the domain (sub.abc.com).
|
|
|
|
|
// Note all sites don't allow 2nd type of cookie
|
2021-07-14 18:43:19 +00:00
|
|
|
func SetCookie(gc *gin.Context, token string) {
|
|
|
|
|
secure := true
|
|
|
|
|
httpOnly := true
|
2022-01-20 11:22:37 +00:00
|
|
|
host, _ := GetHostParts(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL))
|
|
|
|
|
domain := GetDomainName(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL))
|
2021-12-11 01:11:35 +00:00
|
|
|
if domain != "localhost" {
|
|
|
|
|
domain = "." + domain
|
|
|
|
|
}
|
2021-12-07 12:20:50 +00:00
|
|
|
|
2021-07-22 00:54:15 +00:00
|
|
|
gc.SetSameSite(http.SameSiteNoneMode)
|
2022-01-20 11:22:37 +00:00
|
|
|
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName), token, 3600, "/", host, secure, httpOnly)
|
|
|
|
|
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"-client", token, 3600, "/", domain, secure, httpOnly)
|
2021-07-14 18:43:19 +00:00
|
|
|
}
|
2021-07-15 09:43:00 +00:00
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
// GetCookie gets the cookie from the request
|
2021-07-27 12:16:02 +00:00
|
|
|
func GetCookie(gc *gin.Context) (string, error) {
|
2022-01-20 11:22:37 +00:00
|
|
|
cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName))
|
2021-07-27 12:16:02 +00:00
|
|
|
if err != nil {
|
2022-01-20 11:22:37 +00:00
|
|
|
cookie, err = gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName) + "-client")
|
2021-12-11 01:15:15 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
2021-07-27 12:16:02 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
return cookie.Value, nil
|
|
|
|
|
}
|
|
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
// DeleteCookie sets the cookie value as empty to make it expired
|
2021-07-15 09:43:00 +00:00
|
|
|
func DeleteCookie(gc *gin.Context) {
|
|
|
|
|
secure := true
|
|
|
|
|
httpOnly := true
|
|
|
|
|
|
2022-01-20 11:22:37 +00:00
|
|
|
host, _ := GetHostParts(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL))
|
|
|
|
|
domain := GetDomainName(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL))
|
2021-12-11 01:11:35 +00:00
|
|
|
if domain != "localhost" {
|
|
|
|
|
domain = "." + domain
|
|
|
|
|
}
|
2021-12-07 12:20:50 +00:00
|
|
|
|
2021-07-22 00:54:15 +00:00
|
|
|
gc.SetSameSite(http.SameSiteNoneMode)
|
2022-01-20 11:22:37 +00:00
|
|
|
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName), "", -1, "/", host, secure, httpOnly)
|
|
|
|
|
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyCookieName)+"-client", "", -1, "/", domain, secure, httpOnly)
|
2021-07-15 09:43:00 +00:00
|
|
|
}
|
2021-12-30 04:31:51 +00:00
|
|
|
|
2022-01-17 06:02:13 +00:00
|
|
|
// SetAdminCookie sets the admin cookie in the response
|
2021-12-30 04:31:51 +00:00
|
|
|
func SetAdminCookie(gc *gin.Context, token string) {
|
|
|
|
|
secure := true
|
|
|
|
|
httpOnly := true
|
2022-01-20 11:22:37 +00:00
|
|
|
host, _ := GetHostParts(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL))
|
2021-12-30 04:31:51 +00:00
|
|
|
|
2022-01-20 11:22:37 +00:00
|
|
|
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), token, 3600, "/", host, secure, httpOnly)
|
2021-12-31 08:22:10 +00:00
|
|
|
}
|
|
|
|
|
|
|
|
|
|
func GetAdminCookie(gc *gin.Context) (string, error) {
|
2022-01-20 11:22:37 +00:00
|
|
|
cookie, err := gc.Request.Cookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName))
|
2021-12-31 08:22:10 +00:00
|
|
|
if err != nil {
|
|
|
|
|
return "", err
|
|
|
|
|
}
|
|
|
|
|
return cookie.Value, nil
|
2021-12-30 04:31:51 +00:00
|
|
|
}
|
|
|
|
|
|
2021-12-31 17:36:06 +00:00
|
|
|
func DeleteAdminCookie(gc *gin.Context) {
|
2021-12-30 04:31:51 +00:00
|
|
|
secure := true
|
|
|
|
|
httpOnly := true
|
2022-01-20 11:22:37 +00:00
|
|
|
host, _ := GetHostParts(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAuthorizerURL))
|
2021-12-30 04:31:51 +00:00
|
|
|
|
2022-01-20 11:22:37 +00:00
|
|
|
gc.SetCookie(envstore.EnvInMemoryStoreObj.GetStringStoreEnvVariable(constants.EnvKeyAdminCookieName), "", -1, "/", host, secure, httpOnly)
|
2021-12-30 04:31:51 +00:00
|
|
|
}
|
