From 19fda6aa643430a46952d60b5473572b1c6de242 Mon Sep 17 00:00:00 2001 From: William Petit Date: Wed, 5 Jun 2024 16:13:45 +0200 Subject: [PATCH] feat(authn-oidc): allow overwriting of cookie name --- internal/proxy/director/layer/authn/oidc/authenticator.go | 8 +++++++- internal/proxy/director/layer/authn/oidc/layer_options.go | 4 +--- 2 files changed, 8 insertions(+), 4 deletions(-) diff --git a/internal/proxy/director/layer/authn/oidc/authenticator.go b/internal/proxy/director/layer/authn/oidc/authenticator.go index e67993f..09c566a 100644 --- a/internal/proxy/director/layer/authn/oidc/authenticator.go +++ b/internal/proxy/director/layer/authn/oidc/authenticator.go @@ -401,8 +401,14 @@ func (a *Authenticator) getClient(options *LayerOptions, redirectURL string) (*C return client, nil } +const defaultCookieNamePrefix = "_bouncer_authn_oidc" + func (a *Authenticator) getCookieName(cookieName string, proxyName store.ProxyName, layerName store.LayerName) string { - return strings.ToLower(fmt.Sprintf("%s_%s_%s", cookieName, proxyName, layerName)) + if cookieName != "" { + return cookieName + } + + return strings.ToLower(fmt.Sprintf("%s_%s_%s", defaultCookieNamePrefix, proxyName, layerName)) } var ( diff --git a/internal/proxy/director/layer/authn/oidc/layer_options.go b/internal/proxy/director/layer/authn/oidc/layer_options.go index d344942..8886d4a 100644 --- a/internal/proxy/director/layer/authn/oidc/layer_options.go +++ b/internal/proxy/director/layer/authn/oidc/layer_options.go @@ -8,8 +8,6 @@ import ( "github.com/pkg/errors" ) -const defaultCookieName = "_bouncer_authn_oidc" - type LayerOptions struct { authn.LayerOptions OIDC OIDCOptions `mapstructure:"oidc"` @@ -57,7 +55,7 @@ func fromStoreOptions(storeOptions store.LayerOptions) (*LayerOptions, error) { Scopes: []string{"openid"}, }, Cookie: CookieOptions{ - Name: defaultCookieName, + Name: "", Path: "/", HTTPOnly: true, MaxAge: time.Hour,