From 65238f1ff32af95eaed903124da80749346392e7 Mon Sep 17 00:00:00 2001
From: William Petit <wpetit@cadoles.com>
Date: Wed, 5 Jun 2024 16:00:23 +0200
Subject: [PATCH] feat(authn-oidc): include proxy in cookie name

---
 internal/proxy/director/layer/authn/oidc/authenticator.go | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/internal/proxy/director/layer/authn/oidc/authenticator.go b/internal/proxy/director/layer/authn/oidc/authenticator.go
index c060b8a..e67993f 100644
--- a/internal/proxy/director/layer/authn/oidc/authenticator.go
+++ b/internal/proxy/director/layer/authn/oidc/authenticator.go
@@ -42,7 +42,7 @@ func (a *Authenticator) PreAuthentication(w http.ResponseWriter, r *http.Request
 		return errors.WithStack(err)
 	}
 
-	sess, err := a.store.Get(r, a.getCookieName(options.Cookie.Name, layer.Name))
+	sess, err := a.store.Get(r, a.getCookieName(options.Cookie.Name, layer.Proxy, layer.Name))
 	if err != nil {
 		logger.Error(ctx, "could not retrieve session", logger.E(errors.WithStack(err)))
 	}
@@ -121,7 +121,7 @@ func (a *Authenticator) Authenticate(w http.ResponseWriter, r *http.Request, lay
 		return nil, errors.WithStack(err)
 	}
 
-	sess, err := a.store.Get(r, a.getCookieName(options.Cookie.Name, layer.Name))
+	sess, err := a.store.Get(r, a.getCookieName(options.Cookie.Name, layer.Proxy, layer.Name))
 	if err != nil {
 		return nil, errors.WithStack(err)
 	}
@@ -401,8 +401,8 @@ func (a *Authenticator) getClient(options *LayerOptions, redirectURL string) (*C
 	return client, nil
 }
 
-func (a *Authenticator) getCookieName(cookieName string, layerName store.LayerName) string {
-	return fmt.Sprintf("%s_%s", cookieName, layerName)
+func (a *Authenticator) getCookieName(cookieName string, proxyName store.ProxyName, layerName store.LayerName) string {
+	return strings.ToLower(fmt.Sprintf("%s_%s_%s", cookieName, proxyName, layerName))
 }
 
 var (