Check cookie error and doc on cookie handling

This commit is contained in:
Brian Van Klaveren 2019-05-13 11:54:06 -07:00 committed by Joel Speed
parent 1f0cb4ae44
commit 89a06a0104
No known key found for this signature in database
GPG Key ID: 6E80578D6751DEFB

View File

@ -20,7 +20,7 @@ import (
"github.com/pusher/oauth2_proxy/pkg/sessions/utils" "github.com/pusher/oauth2_proxy/pkg/sessions/utils"
) )
// TicketData is a structure representing a used in server session storage // TicketData is a structure representing the ticket used in server session storage
type TicketData struct { type TicketData struct {
TicketID string TicketID string
Secret []byte Secret []byte
@ -77,6 +77,8 @@ func NewRedisSessionStore(opts options.RedisStoreOptions, cookieOpts *options.Co
// Save takes a sessions.SessionState and stores the information from it // Save takes a sessions.SessionState and stores the information from it
// to redies, and adds a new ticket cookie on the HTTP response writer // to redies, and adds a new ticket cookie on the HTTP response writer
func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *sessions.SessionState) error { func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *sessions.SessionState) error {
// Old sessions that we are refreshing would have a request cookie
// New sessions don't, so we ignore the error. storeValue will check requestCookie
requestCookie, _ := req.Cookie(store.CookieName) requestCookie, _ := req.Cookie(store.CookieName)
value, err := s.EncodeSessionState(store.CookieCipher) value, err := s.EncodeSessionState(store.CookieCipher)
if err != nil { if err != nil {
@ -106,7 +108,10 @@ func (store *SessionStore) Save(rw http.ResponseWriter, req *http.Request, s *se
// Load reads sessions.SessionState information from a ticket // Load reads sessions.SessionState information from a ticket
// cookie within the HTTP request object // cookie within the HTTP request object
func (store *SessionStore) Load(req *http.Request) (*sessions.SessionState, error) { func (store *SessionStore) Load(req *http.Request) (*sessions.SessionState, error) {
requestCookie, _ := req.Cookie(store.CookieName) requestCookie, err := req.Cookie(store.CookieName)
if err != nil {
return nil, fmt.Errorf("error loading session: %s", err)
}
// No cookie validation necessary // No cookie validation necessary
session, err := store.LoadSessionFromString(requestCookie.Value) session, err := store.LoadSessionFromString(requestCookie.Value)
if err != nil { if err != nil {