summaryrefslogtreecommitdiff
path: root/app
diff options
context:
space:
mode:
Diffstat (limited to 'app')
-rw-r--r--app/controllers/sessions/controller_test.go2
-rw-r--r--app/controllers/sessions/service.go3
-rw-r--r--app/middleware/token_parser.go4
3 files changed, 6 insertions, 3 deletions
diff --git a/app/controllers/sessions/controller_test.go b/app/controllers/sessions/controller_test.go
index a29041e..a1158da 100644
--- a/app/controllers/sessions/controller_test.go
+++ b/app/controllers/sessions/controller_test.go
@@ -127,7 +127,7 @@ func TestSessions(t *testing.T) {
cookie, err := http.ParseSetCookie(w.Header().Get("Set-Cookie"))
require.NoError(t, err)
require.NotZero(t, cookie)
- data, err := base64.URLEncoding.DecodeString(cookie.Value)
+ data, err := base64.URLEncoding.DecodeString(web.CookieValueFrom(cookie))
require.NoError(t, err)
tokens := map[string]interface{}{}
require.NoError(t, json.Unmarshal(data, &tokens))
diff --git a/app/controllers/sessions/service.go b/app/controllers/sessions/service.go
index 0ee692a..af1512c 100644
--- a/app/controllers/sessions/service.go
+++ b/app/controllers/sessions/service.go
@@ -7,6 +7,7 @@ import (
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls"
+ "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
"golang.org/x/oauth2"
)
@@ -38,7 +39,7 @@ func (svc *Service) Exchange(r *http.Request) (*oidc.Tokens, error) {
}
state := r.URL.Query().Get("state")
- if state != cookies[0].Value {
+ if state != web.CookieValueFrom(cookies[0]) {
return nil, errors.New("Invalid CSRF token")
}
diff --git a/app/middleware/token_parser.go b/app/middleware/token_parser.go
index 8d81aab..6047a94 100644
--- a/app/middleware/token_parser.go
+++ b/app/middleware/token_parser.go
@@ -5,6 +5,7 @@ import (
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls"
+ "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
)
type TokenParser func(*http.Request) oidc.RawToken
@@ -16,7 +17,8 @@ func IDTokenFromSessionCookie(r *http.Request) oidc.RawToken {
return ""
}
- tokens, err := oidc.TokensFromBase64String(cookies[0].Value)
+ value := web.CookieValueFrom(cookies[0])
+ tokens, err := oidc.TokensFromBase64String(value)
if err != nil {
pls.LogError(r.Context(), err)
return ""
generated by cgit v1.2.3 (git 2.39.1) at 2026-02-02 05:00:08 +0000