feat(authn-oidc): allow overwriting of cookie name

2024-06-05 16:13:45 +02:00 · 2024-06-05 16:13:45 +02:00 · 19fda6aa64
parent 65238f1ff3
commit 19fda6aa64
2 changed files with 8 additions and 4 deletions
--- a/internal/proxy/director/layer/authn/oidc/authenticator.go
+++ b/internal/proxy/director/layer/authn/oidc/authenticator.go
@ -401,8 +401,14 @@ func (a *Authenticator) getClient(options *LayerOptions, redirectURL string) (*C
 	return client, nil
 }

+const defaultCookieNamePrefix = "_bouncer_authn_oidc"
+
 func (a *Authenticator) getCookieName(cookieName string, proxyName store.ProxyName, layerName store.LayerName) string {
-	return strings.ToLower(fmt.Sprintf("%s_%s_%s", cookieName, proxyName, layerName))
+	if cookieName != "" {
+		return cookieName
+	}
+
+	return strings.ToLower(fmt.Sprintf("%s_%s_%s", defaultCookieNamePrefix, proxyName, layerName))
 }

 var (
--- a/internal/proxy/director/layer/authn/oidc/layer_options.go
+++ b/internal/proxy/director/layer/authn/oidc/layer_options.go
@ -8,8 +8,6 @@ import (
 	"github.com/pkg/errors"
 )

-const defaultCookieName = "_bouncer_authn_oidc"
-
 type LayerOptions struct {
 	authn.LayerOptions
 	OIDC   OIDCOptions   `mapstructure:"oidc"`
@ -57,7 +55,7 @@ func fromStoreOptions(storeOptions store.LayerOptions) (*LayerOptions, error) {
 			Scopes:                 []string{"openid"},
 		},
 		Cookie: CookieOptions{
-			Name:     defaultCookieName,
+			Name:     "",
 			Path:     "/",
 			HTTPOnly: true,
 			MaxAge:   time.Hour,