devstack/authorizer
4
0
Fork 0
Code Pull Requests Actions Activity

feat: set & delete client cookie (#73)

Browse Source 
Resolves: #71
This commit is contained in:
Lakhan Samani
2021-12-08 01:04:18 +05:30
committed by GitHub
parent 23e2bcadd8
commit cc2e03815c
2 changed files with 11 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
server/handlers/oauthCallback.go
View File

@@ -179,6 +179,8 @@ func OAuthCallbackHandler() gin.HandlerFunc {
inputRoles := strings.Split(sessionSplit[2], ",") inputRoles := strings.Split(sessionSplit[2], ",")
redirectURL := sessionSplit[1] redirectURL := sessionSplit[1]
c.Request.Header.Set("Origin", redirectURL)
var err error var err error
user := db.User{} user := db.User{}
code := c.Request.FormValue("code") code := c.Request.FormValue("code")

10
server/utils/cookie.go
View File

@@ -11,11 +11,16 @@ import (
func SetCookie(gc *gin.Context, token string) { func SetCookie(gc *gin.Context, token string) {
secure := true secure := true
httpOnly := true httpOnly := true
origin := gc.Request.Header.Get("Origin")
host := GetHostName(constants.AUTHORIZER_URL) host := GetHostName(constants.AUTHORIZER_URL)
log.Println("=> cookie host", host) originHost := GetHostName(origin)
log.Println("=> cookie host", host, origin)
gc.SetSameSite(http.SameSiteNoneMode) gc.SetSameSite(http.SameSiteNoneMode)
gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", host, secure, httpOnly) gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", host, secure, httpOnly)
gc.SetCookie(constants.COOKIE_NAME+"-client", token, 3600, "/", originHost, secure, httpOnly)
} }
func GetCookie(gc *gin.Context) (string, error) { func GetCookie(gc *gin.Context) (string, error) {
@@ -30,12 +35,15 @@ func GetCookie(gc *gin.Context) (string, error) {
func DeleteCookie(gc *gin.Context) { func DeleteCookie(gc *gin.Context) {
secure := true secure := true
httpOnly := true httpOnly := true
origin := gc.Request.Header.Get("Origin")
if !constants.IS_PROD { if !constants.IS_PROD {
secure = false secure = false
} }
host := GetHostName(constants.AUTHORIZER_URL) host := GetHostName(constants.AUTHORIZER_URL)
originHost := GetHostName(origin)
gc.SetSameSite(http.SameSiteNoneMode) gc.SetSameSite(http.SameSiteNoneMode)
gc.SetCookie(constants.COOKIE_NAME, "", -1, "/", host, secure, httpOnly) gc.SetCookie(constants.COOKIE_NAME, "", -1, "/", host, secure, httpOnly)
gc.SetCookie(constants.COOKIE_NAME+"-client", "", -1, "/", originHost, secure, httpOnly)
} }