fosrl/badger
1
0
Fork 0
mirror of https://github.com/fosrl/badger.git synced 2025-05-13 05:40:39 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions

set resource session cookie param

Browse source
This commit is contained in:
Milo Schwartz 2024-11-23 23:31:53 -05:00
parent 199194b352
commit f5992bfdff
No known key found for this signature in database
2 changed files with 53 additions and 30 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

6
.traefik.yml
View file

@ -6,5 +6,7 @@ import: github.com/fosrl/badger
summary: Middleware auth bouncer for Pangolin summary: Middleware auth bouncer for Pangolin
testData: testData:
apiBaseUrl: http://localhost:3001/api/v1 apiBaseUrl: http://localhost:3001/api/v1
appBaseUrl: http://localhost:3000 sessionQueryParameter: __pang_sess
userSessionCookieName: session
resourceSessionCookieName: resource_session

77
main.go
View file

@ -9,27 +9,26 @@ import (
"net/url" "net/url"
) )
const AppSSOSessionCookieName = "session"
const ResourceSessionCookieName = "resource_session"
type Config struct { type Config struct {
AppBaseUrl string `json:"appBaseUrl"` APIBaseUrl string `json:"apiBaseUrl"`
APIBaseUrl string `json:"apiBaseUrl"` SessionQueryParameter string `json:"sessionQueryParameter"`
UserSessionCookieName string `json:"userSessionCookieName"`
ResourceSessionCookieName string `json:"resourceSessionCookieName"`
} }
type CookieData struct { type SessionData struct {
Session *string `json:"session"` Session *string `json:"session"`
ResourceSession *string `json:"resource_session"` ResourceSession *string `json:"resource_session"`
} }
type VerifyBody struct { type VerifyBody struct {
Cookies CookieData `json:"cookies"` Sessions SessionData `json:"session"`
OriginalRequestURL string `json:"originalRequestURL"` OriginalRequestURL string `json:"originalRequestURL"`
RequestScheme *string `json:"scheme"` RequestScheme *string `json:"scheme"`
RequestHost *string `json:"host"` RequestHost *string `json:"host"`
RequestPath *string `json:"path"` RequestPath *string `json:"path"`
RequestMethod *string `json:"method"` RequestMethod *string `json:"method"`
TLS bool `json:"tls"` TLS bool `json:"tls"`
} }
type VerifyResponse struct { type VerifyResponse struct {
@ -42,29 +41,51 @@ func CreateConfig() *Config {
} }
type Badger struct { type Badger struct {
next http.Handler next http.Handler
name string name string
appBaseUrl string apiBaseUrl string
apiBaseUrl string sessionQueryParameter string
userSessionCookieName string
resourceSessionCookieName string
} }
func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) { func New(ctx context.Context, next http.Handler, config *Config, name string) (http.Handler, error) {
return &Badger{ return &Badger{
next: next, next: next,
name: name, name: name,
appBaseUrl: config.AppBaseUrl, apiBaseUrl: config.APIBaseUrl,
apiBaseUrl: config.APIBaseUrl, sessionQueryParameter: config.SessionQueryParameter,
userSessionCookieName: config.UserSessionCookieName,
resourceSessionCookieName: config.ResourceSessionCookieName,
}, nil }, nil
} }
func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) { func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
sess := req.URL.Query().Get(p.sessionQueryParameter)
if sess != "" {
http.SetCookie(rw, &http.Cookie{
Name: p.resourceSessionCookieName,
Value: sess,
Path: "/",
Domain: req.Host,
})
query := req.URL.Query()
query.Del(p.sessionQueryParameter)
req.URL.RawQuery = query.Encode()
}
cookies := p.extractCookies(req)
if sess != "" {
cookies.Session = &sess
}
verifyURL := fmt.Sprintf("%s/badger/verify-session", p.apiBaseUrl) verifyURL := fmt.Sprintf("%s/badger/verify-session", p.apiBaseUrl)
cookies := extractCookies(req)
originalRequestURL := url.QueryEscape(fmt.Sprintf("%s://%s%s", p.getScheme(req), req.Host, req.URL.RequestURI())) originalRequestURL := url.QueryEscape(fmt.Sprintf("%s://%s%s", p.getScheme(req), req.Host, req.URL.RequestURI()))
cookieData := VerifyBody{ cookieData := VerifyBody{
Cookies: CookieData{ Sessions: SessionData{
Session: cookies.Session, Session: cookies.Session,
ResourceSession: cookies.ResourceSession, ResourceSession: cookies.ResourceSession,
}, },
@ -78,7 +99,7 @@ func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
jsonData, err := json.Marshal(cookieData) jsonData, err := json.Marshal(cookieData)
if err != nil { if err != nil {
http.Error(rw, "Internal Server Error", http.StatusInternalServerError) http.Error(rw, "Internal Server Error", http.StatusInternalServerError) // TODO: redirect to error page
return return
} }
@ -114,14 +135,14 @@ func (p *Badger) ServeHTTP(rw http.ResponseWriter, req *http.Request) {
p.next.ServeHTTP(rw, req) p.next.ServeHTTP(rw, req)
} }
func extractCookies(req *http.Request) CookieData { func (p *Badger) extractCookies(req *http.Request) SessionData {
var cookies CookieData var cookies SessionData
if appSSOSessionCookie, err := req.Cookie(AppSSOSessionCookieName); err == nil { if appSSOSessionCookie, err := req.Cookie(p.userSessionCookieName); err == nil {
cookies.Session = &appSSOSessionCookie.Value cookies.Session = &appSSOSessionCookie.Value
} }
if resourceSessionCookie, err := req.Cookie(ResourceSessionCookieName); err == nil { if resourceSessionCookie, err := req.Cookie(p.resourceSessionCookieName); err == nil {
cookies.ResourceSession = &resourceSessionCookie.Value cookies.ResourceSession = &resourceSessionCookie.Value
} }