Write refresh token cookies

2020-06-03 16:37:37 +02:00 · 2020-06-03 16:37:37 +02:00 · 86fed427e0
commit 86fed427e0
parent 4a0d88d6dd
3 changed files with 5 additions and 5 deletions
--- a/pkg/forwardauth/cookies.go
+++ b/pkg/forwardauth/cookies.go
@ -20,7 +20,7 @@ func getBaseCookie(options *options.Options) *http.Cookie {
 		Path:     "/",
 		Domain:   options.CookieDomain,
 		HttpOnly: true,
-		Secure:   false,
+		Secure:   true,
 	}
 }

--- a/pkg/httphandler/callback.go
+++ b/pkg/httphandler/callback.go
@ -42,8 +42,8 @@ func (root *HttpHandler) callbackHandler(w http.ResponseWriter, r *http.Request,
 	http.SetCookie(w, root.forwardAuth.ClearCSRFCookie(root.options))

 	http.SetCookie(w, root.forwardAuth.MakeAuthCookie(root.options, authResult))
-	//if len(authResult.RefreshToken) > 0 { // Do we have an refresh token?
-	//	http.SetCookie(w, root.forwardAuth.MakeRefreshAuthCookie(root.options, authResult))
-	//}
+	if len(authResult.RefreshToken) > 0 { // Do we have an refresh token?
+		http.SetCookie(w, root.forwardAuth.MakeRefreshAuthCookie(root.options, authResult))
+	}
 	http.Redirect(w, r, redirect, http.StatusTemporaryRedirect)
 }
--- a/pkg/httphandler/root.go
+++ b/pkg/httphandler/root.go
@ -25,7 +25,7 @@ func (root *HttpHandler) rootHandler(w http.ResponseWriter, r *http.Request, for
 		logger.Warn("IsAuthenticated failed, initating login flow.")

 		http.SetCookie(w, root.forwardAuth.ClearAuthCookie(root.options))
-		//http.SetCookie(w, root.forwardAuth.ClearRefreshAuthCookie(root.options))
+		http.SetCookie(w, root.forwardAuth.ClearRefreshAuthCookie(root.options))

 		state := uuid.New().String()
 		http.SetCookie(w, root.forwardAuth.MakeCSRFCookie(w, r, root.options, state))