public_git
/
oauth2-proxy
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Added cookie settings

This commit is contained in:
Igor Dolgiy 2014-06-19 18:50:43 +04:00 committed by Jehiah Czebotar
parent 23a89b06de
commit 6cdf05e7f2
2 changed files with 18 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
main.go
View File

@ -23,6 +23,8 @@ var (
htpasswdFile = flag.String("htpasswd-file", "", "additionally authenticate against a htpasswd file. Entries must be created with \"htpasswd -s\" for SHA encryption") htpasswdFile = flag.String("htpasswd-file", "", "additionally authenticate against a htpasswd file. Entries must be created with \"htpasswd -s\" for SHA encryption")
cookieSecret = flag.String("cookie-secret", "", "the seed string for secure cookies") cookieSecret = flag.String("cookie-secret", "", "the seed string for secure cookies")
cookieDomain = flag.String("cookie-domain", "", "an optional cookie domain to force cookies to") cookieDomain = flag.String("cookie-domain", "", "an optional cookie domain to force cookies to")
cookieExpire = flag.Int("cookie-expire", 168 * 60, "expire time for cookie")
cookieSecure = flag.Bool("cookie-secure", false, "HTTPS only cookie")
authenticatedEmailsFile = flag.String("authenticated-emails-file", "", "authenticate against emails via file (one per line)") authenticatedEmailsFile = flag.String("authenticated-emails-file", "", "authenticate against emails via file (one per line)")
googleAppsDomains = StringArray{} googleAppsDomains = StringArray{}
upstreams = StringArray{} upstreams = StringArray{}

19
oauthproxy.go
View File

@ -184,14 +184,27 @@ func (p *OauthProxy) SetCookie(rw http.ResponseWriter, req *http.Request, val st
if *cookieDomain != "" && strings.HasSuffix(domain, *cookieDomain) { if *cookieDomain != "" && strings.HasSuffix(domain, *cookieDomain) {
domain = *cookieDomain domain = *cookieDomain
} }
need_expire := true
expire := time.Now().Add(time.Duration(*cookieExpire))
if *cookieExpire == 0 {
need_expire = false
}
http_only := true
secure := false
if *cookieSecure {
http_only = false
secure = true
}
cookie := &http.Cookie{ cookie := &http.Cookie{
Name: p.CookieKey, Name: p.CookieKey,
Value: signedCookieValue(p.CookieSeed, p.CookieKey, val), Value: signedCookieValue(p.CookieSeed, p.CookieKey, val),
Path: "/", Path: "/",
Domain: domain, Domain: domain,
Expires: time.Now().Add(time.Duration(168) * time.Hour), // 7 days HttpOnly: http_only,
HttpOnly: true, Secure: secure,
// Secure: req. ... ? set if X-Scheme: https ? }
if need_expire {
cookie.Expires = expire
} }
http.SetCookie(rw, cookie) http.SetCookie(rw, cookie)
} }