From 61a24b36f334b709f0eac0dd7746f83719747963 Mon Sep 17 00:00:00 2001
From: mo khan <mo@mokhan.ca>
Date: Sun, 11 May 2025 19:56:54 -0600
Subject: refactor: use same cookie names as envoy plugin

---
 app/middleware/id_token.go      |  2 +-
 app/middleware/id_token_test.go |  9 +++------
 app/middleware/token_parser.go  | 13 ++-----------
 3 files changed, 6 insertions(+), 18 deletions(-)

(limited to 'app/middleware')

diff --git a/app/middleware/id_token.go b/app/middleware/id_token.go
index e0b5b0d..dbaf691 100644
--- a/app/middleware/id_token.go
+++ b/app/middleware/id_token.go
@@ -21,7 +21,7 @@ func IDToken(cfg *oidc.OpenID, parsers ...TokenParser) func(http.Handler) http.H
 
 					if err != nil {
 						pls.LogError(r.Context(), err)
-						web.ExpireCookie(w, xcfg.SessionCookie)
+						web.ExpireCookie(w, xcfg.IDTokenCookie)
 					} else {
 						log.WithFields(r.Context(), log.Fields{"id_token": idToken})
 						next.ServeHTTP(
diff --git a/app/middleware/id_token_test.go b/app/middleware/id_token_test.go
index 31a4333..45221ff 100644
--- a/app/middleware/id_token_test.go
+++ b/app/middleware/id_token_test.go
@@ -11,7 +11,6 @@ import (
 	"github.com/stretchr/testify/require"
 	"github.com/xlgmokha/x/pkg/log"
 	"github.com/xlgmokha/x/pkg/test"
-	"github.com/xlgmokha/x/pkg/x"
 	xcfg "gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
@@ -40,9 +39,7 @@ func TestIDToken(t *testing.T) {
 		t.Run("attaches the token to the request context", func(t *testing.T) {
 			user := mockoidc.DefaultUser()
 
-			token, rawIDToken := srv.CreateTokensFor(user)
-			tokens := &oidc.Tokens{Token: token, IDToken: oidc.RawToken(rawIDToken)}
-			encoded := x.Must(tokens.ToBase64String())
+			_, rawIDToken := srv.CreateTokensFor(user)
 
 			server := middleware(http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) {
 				token := xcfg.IDToken.From(r.Context())
@@ -55,7 +52,7 @@ func TestIDToken(t *testing.T) {
 			r, w := test.RequestResponse(
 				"GET",
 				"/example",
-				test.WithCookie(web.NewCookie(xcfg.SessionCookie, encoded)),
+				test.WithCookie(web.NewCookie(xcfg.IDTokenCookie, rawIDToken)),
 			)
 			server.ServeHTTP(w, r)
 
@@ -74,7 +71,7 @@ func TestIDToken(t *testing.T) {
 			r, w := test.RequestResponse(
 				"GET",
 				"/example",
-				test.WithCookie(web.NewCookie(xcfg.SessionCookie, "invalid")),
+				test.WithCookie(web.NewCookie(xcfg.IDTokenCookie, "invalid")),
 			)
 			server.ServeHTTP(w, r)
 
diff --git a/app/middleware/token_parser.go b/app/middleware/token_parser.go
index 08219b4..22a7af9 100644
--- a/app/middleware/token_parser.go
+++ b/app/middleware/token_parser.go
@@ -6,25 +6,16 @@ import (
 	"github.com/xlgmokha/x/pkg/x"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/app/cfg"
 	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/oidc"
-	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/pls"
-	"gitlab.com/gitlab-org/software-supply-chain-security/authorization/sparkled/pkg/web"
 )
 
 type TokenParser x.Mapper[*http.Request, oidc.RawToken]
 
 func IDTokenFromSessionCookie(r *http.Request) oidc.RawToken {
-	cookies := r.CookiesNamed(cfg.SessionCookie)
+	cookies := r.CookiesNamed(cfg.IDTokenCookie)
 
 	if len(cookies) != 1 {
 		return ""
 	}
 
-	value := web.CookieValueFrom(cookies[0])
-	tokens, err := oidc.TokensFromBase64String(value)
-	if err != nil {
-		pls.LogError(r.Context(), err)
-		return ""
-	}
-
-	return tokens.IDToken
+	return oidc.RawToken(cookies[0].Value)
 }
-- 
cgit v1.2.3