public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Fix - Refresh Session not working for multiple cookies (#1209) (#1227) 

* Fix - Refresh Session not working for multiple cookies (#1209)

* added comments for flattenheaders fix

Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>

* Updated Changelog.md

Co-authored-by: Rishi Kambil <rishi.kambil@lntinfotech.com>
Co-authored-by: Joel Speed <Joel.speed@hotmail.co.uk>
This commit is contained in:
Rishi Kambil 2021-06-09 14:52:33 +05:30 committed by GitHub
parent cfd82daaf0
commit 41cd418a5d
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
3 changed files with 39 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
CHANGELOG.md
View File

@ -7,7 +7,7 @@
## Breaking Changes ## Breaking Changes
## Changes since v7.1.3 ## Changes since v7.1.3
- [#1227](https://github.com/oauth2-proxy/oauth2-proxy/pull/1227) Fix Refresh Session not working for multiple cookies (@rishi1111)
- [#1063](https://github.com/oauth2-proxy/oauth2-proxy/pull/1063) Add Redis lock feature to lock persistent sessions (@Bibob7) - [#1063](https://github.com/oauth2-proxy/oauth2-proxy/pull/1063) Add Redis lock feature to lock persistent sessions (@Bibob7)
- [#1108](https://github.com/oauth2-proxy/oauth2-proxy/pull/1108) Add alternative ways to generate cookie secrets to docs (@JoelSpeed) - [#1108](https://github.com/oauth2-proxy/oauth2-proxy/pull/1108) Add alternative ways to generate cookie secrets to docs (@JoelSpeed)
- [#1142](https://github.com/oauth2-proxy/oauth2-proxy/pull/1142) Add pagewriter to upstream proxy (@JoelSpeed) - [#1142](https://github.com/oauth2-proxy/oauth2-proxy/pull/1142) Add pagewriter to upstream proxy (@JoelSpeed)

3
pkg/middleware/headers.go
View File

@ -43,7 +43,8 @@ func newStripHeaders(headers []options.Header) alice.Constructor {
func flattenHeaders(headers http.Header) { func flattenHeaders(headers http.Header) {
for name, values := range headers { for name, values := range headers {
if len(values) > 1 { // Set-Cookie should not be flattened, ref: https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Set-Cookie
if len(values) > 1 && name != "Set-Cookie" {
headers.Set(name, strings.Join(values, ",")) headers.Set(name, strings.Join(values, ","))
} }
} }

36
pkg/middleware/headers_test.go
View File

@ -253,6 +253,42 @@ var _ = Describe("Headers Suite", func() {
}, },
expectedErr: "", expectedErr: "",
}), }),
Entry("with flattenHeaders (set-cookie and any other)", headersTableInput{
headers: []options.Header{
{
Name: "Set-Cookie",
Values: []options.HeaderValue{
{
SecretSource: &options.SecretSource{
Value: []byte("_oauth2_proxy=ey123123123"),
},
},
},
},
{
Name: "X-Auth-User",
Values: []options.HeaderValue{
{
SecretSource: &options.SecretSource{
Value: []byte("oauth_user"),
},
},
},
},
},
initialHeaders: http.Header{
"Set-Cookie": []string{"cookie1=value1", "cookie2=value2"},
"X-Auth-User": []string{"oauth_user_1"},
},
expectedHeaders: http.Header{
"Set-Cookie": []string{"cookie1=value1", "cookie2=value2", "_oauth2_proxy=ey123123123"},
"X-Auth-User": []string{"oauth_user_1,oauth_user"},
},
expectedErr: "",
}),
Entry("with a claim valued header", headersTableInput{ Entry("with a claim valued header", headersTableInput{
headers: []options.Header{ headers: []options.Header{
{ {