diff options
| -rw-r--r-- | app/app.go | 3 | ||||
| -rw-r--r-- | app/middleware/from_cookie.go | 15 | ||||
| -rw-r--r-- | app/middleware/id_token_test.go | 7 | ||||
| -rw-r--r-- | app/middleware/token_parser.go | 11 |
4 files changed, 21 insertions, 15 deletions
@@ -8,6 +8,7 @@ import ( "github.com/rs/zerolog" "github.com/xlgmokha/x/pkg/ioc" "github.com/xlgmokha/x/pkg/log" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/dashboard" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/health" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/controllers/sparkles" @@ -40,7 +41,7 @@ func New(rootDir string) http.Handler { chain := middleware.IDToken( ioc.MustResolve[*oidc.Provider](ioc.Default), ioc.MustResolve[*oauth2.Config](ioc.Default), - middleware.IDTokenFromSessionCookie, + middleware.FromCookie(cfg.IDTokenCookie), )(middleware.User(users)(mux)) return log.HTTP(logger)(chain) } diff --git a/app/middleware/from_cookie.go b/app/middleware/from_cookie.go new file mode 100644 index 0000000..316d6e4 --- /dev/null +++ b/app/middleware/from_cookie.go @@ -0,0 +1,15 @@ +package middleware + +import "net/http" + +func FromCookie(name string) TokenParser { + return func(r *http.Request) RawToken { + cookies := r.CookiesNamed(name) + + if len(cookies) != 1 { + return "" + } + + return RawToken(cookies[0].Value) + } +} diff --git a/app/middleware/id_token_test.go b/app/middleware/id_token_test.go index 6ee9ce1..015ef0d 100644 --- a/app/middleware/id_token_test.go +++ b/app/middleware/id_token_test.go @@ -9,6 +9,7 @@ import ( "github.com/stretchr/testify/assert" "github.com/stretchr/testify/require" "github.com/xlgmokha/x/pkg/test" + "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc" "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web" @@ -26,9 +27,9 @@ func TestIDToken(t *testing.T) { Endpoint: srv.Provider.Endpoint(), Scopes: []string{xoidc.ScopeOpenID, "profile", "email"}, } - middleware := IDToken(srv.Provider, config, IDTokenFromSessionCookie) + middleware := IDToken(srv.Provider, config, FromCookie(cfg.IDTokenCookie)) - t.Run("when an active session cookie is provided", func(t *testing.T) { + t.Run("when an active id_token cookie is provided", func(t *testing.T) { t.Run("attaches the token to the request context", func(t *testing.T) { user := mockoidc.DefaultUser() @@ -53,7 +54,7 @@ func TestIDToken(t *testing.T) { }) }) - t.Run("when an invalid session cookie is provided", func(t *testing.T) { + t.Run("when an invalid id_token cookie is provided", func(t *testing.T) { t.Run("forwards the request", func(t *testing.T) { server := middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { require.Nil(t, xcfg.IDToken.From(r.Context())) diff --git a/app/middleware/token_parser.go b/app/middleware/token_parser.go index 14d48e2..48034f0 100644 --- a/app/middleware/token_parser.go +++ b/app/middleware/token_parser.go @@ -4,17 +4,6 @@ import ( "net/http" "github.com/xlgmokha/x/pkg/x" - "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg" ) type TokenParser x.Mapper[*http.Request, RawToken] - -func IDTokenFromSessionCookie(r *http.Request) RawToken { - cookies := r.CookiesNamed(cfg.IDTokenCookie) - - if len(cookies) != 1 { - return "" - } - - return RawToken(cookies[0].Value) -} |