feat: digitally sign and verify cookie using randomly generated key

author: mo khan <mo@mokhan.ca> 2025-05-07 10:30:59 -0700
committer: mo khan <mo@mokhan.ca> 2025-05-07 10:30:59 -0700
commit: f0fbdab72254d68d0a3a4a49a4a1646f89f0f913 (patch)
tree: a6ede6841714a16fa9ac61ae28575a1f749ad547 /app/middleware/token_parser.go
parent: 61598cf8c8a2dbae368f3f8b15393c70d2e4fa9d (diff)
1 files changed, 3 insertions, 1 deletions
diff --git a/app/middleware/token_parser.go b/app/middleware/token_parser.go
index 8d81aab..6047a94 100644
--- a/app/middleware/token_parser.go
+++ b/app/middleware/token_parser.go
@@ -5,6 +5,7 @@ import (
 
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls"
+	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
 )
 
 type TokenParser func(*http.Request) oidc.RawToken
@@ -16,7 +17,8 @@ func IDTokenFromSessionCookie(r *http.Request) oidc.RawToken {
 		return ""
 	}
 
-	tokens, err := oidc.TokensFromBase64String(cookies[0].Value)
+	value := web.CookieValueFrom(cookies[0])
+	tokens, err := oidc.TokensFromBase64String(value)
 	if err != nil {
 		pls.LogError(r.Context(), err)
 		return ""
author	mo khan <mo@mokhan.ca>	2025-05-07 10:30:59 -0700
committer	mo khan <mo@mokhan.ca>	2025-05-07 10:30:59 -0700
commit	f0fbdab72254d68d0a3a4a49a4a1646f89f0f913 (patch)
tree	a6ede6841714a16fa9ac61ae28575a1f749ad547 /app/middleware/token_parser.go
parent	61598cf8c8a2dbae368f3f8b15393c70d2e4fa9d (diff)