summaryrefslogtreecommitdiff
path: root/app/middleware
diff options
context:
space:
mode:
Diffstat (limited to 'app/middleware')
-rw-r--r--app/middleware/id_token.go2
-rw-r--r--app/middleware/id_token_test.go4
-rw-r--r--app/middleware/token_parser.go3
3 files changed, 5 insertions, 4 deletions
diff --git a/app/middleware/id_token.go b/app/middleware/id_token.go
index 5a44f49..e0b5b0d 100644
--- a/app/middleware/id_token.go
+++ b/app/middleware/id_token.go
@@ -21,7 +21,7 @@ func IDToken(cfg *oidc.OpenID, parsers ...TokenParser) func(http.Handler) http.H
if err != nil {
pls.LogError(r.Context(), err)
- web.ExpireCookie(w, "session")
+ web.ExpireCookie(w, xcfg.SessionCookie)
} else {
log.WithFields(r.Context(), log.Fields{"id_token": idToken})
next.ServeHTTP(
diff --git a/app/middleware/id_token_test.go b/app/middleware/id_token_test.go
index 95d9b40..31a4333 100644
--- a/app/middleware/id_token_test.go
+++ b/app/middleware/id_token_test.go
@@ -55,7 +55,7 @@ func TestIDToken(t *testing.T) {
r, w := test.RequestResponse(
"GET",
"/example",
- test.WithCookie(web.NewCookie("session", encoded)),
+ test.WithCookie(web.NewCookie(xcfg.SessionCookie, encoded)),
)
server.ServeHTTP(w, r)
@@ -74,7 +74,7 @@ func TestIDToken(t *testing.T) {
r, w := test.RequestResponse(
"GET",
"/example",
- test.WithCookie(web.NewCookie("session", "invalid")),
+ test.WithCookie(web.NewCookie(xcfg.SessionCookie, "invalid")),
)
server.ServeHTTP(w, r)
diff --git a/app/middleware/token_parser.go b/app/middleware/token_parser.go
index f64522b..08219b4 100644
--- a/app/middleware/token_parser.go
+++ b/app/middleware/token_parser.go
@@ -4,6 +4,7 @@ import (
"net/http"
"github.com/xlgmokha/x/pkg/x"
+ "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
@@ -12,7 +13,7 @@ import (
type TokenParser x.Mapper[*http.Request, oidc.RawToken]
func IDTokenFromSessionCookie(r *http.Request) oidc.RawToken {
- cookies := r.CookiesNamed("session")
+ cookies := r.CookiesNamed(cfg.SessionCookie)
if len(cookies) != 1 {
return ""
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 03:25:09 +0000