oauth2-proxy/pkg/apis/options/cookie.go

package options

import (
	"time"

	"github.com/spf13/pflag"
)

// Cookie contains configuration options relating to Cookie configuration
type Cookie struct {
	Name     string        `flag:"cookie-name" cfg:"cookie_name"`
	Secret   string        `flag:"cookie-secret" cfg:"cookie_secret"`
	Domains  []string      `flag:"cookie-domain" cfg:"cookie_domains"`
	Path     string        `flag:"cookie-path" cfg:"cookie_path"`
	Expire   time.Duration `flag:"cookie-expire" cfg:"cookie_expire"`
	Refresh  time.Duration `flag:"cookie-refresh" cfg:"cookie_refresh"`
	Secure   bool          `flag:"cookie-secure" cfg:"cookie_secure"`
	HTTPOnly bool          `flag:"cookie-httponly" cfg:"cookie_httponly"`
	SameSite string        `flag:"cookie-samesite" cfg:"cookie_samesite"`
}

func cookieFlagSet() *pflag.FlagSet {
	flagSet := pflag.NewFlagSet("cookie", pflag.ExitOnError)

	flagSet.String("cookie-name", "_oauth2_proxy", "the name of the cookie that the oauth_proxy creates")
	flagSet.String("cookie-secret", "", "the seed string for secure cookies (optionally base64 encoded)")
	flagSet.StringSlice("cookie-domain", []string{}, "Optional cookie domains to force cookies to (ie: `.yourcompany.com`). The longest domain matching the request's host will be used (or the shortest cookie domain if there is no match).")
	flagSet.String("cookie-path", "/", "an optional cookie path to force cookies to (ie: /poc/)*")
	flagSet.Duration("cookie-expire", time.Duration(168)*time.Hour, "expire timeframe for cookie")
	flagSet.Duration("cookie-refresh", time.Duration(0), "refresh the cookie after this duration; 0 to disable")
	flagSet.Bool("cookie-secure", true, "set secure (HTTPS) cookie flag")
	flagSet.Bool("cookie-httponly", true, "set HttpOnly cookie flag")
	flagSet.String("cookie-samesite", "", "set SameSite cookie attribute (ie: \"lax\", \"strict\", \"none\", or \"\"). ")

	return flagSet
}

// cookieDefaults creates a Cookie populating each field with its default value
func cookieDefaults() Cookie {
	return Cookie{
		Name:     "_oauth2_proxy",
		Secret:   "",
		Domains:  nil,
		Path:     "/",
		Expire:   time.Duration(168) * time.Hour,
		Refresh:  time.Duration(0),
		Secure:   true,
		HTTPOnly: true,
		SameSite: "",
	}
}
Move cookie configuration to separate package 2019-05-05 20:13:10 +02:00			`package options`

Create Cookie FlagSet and Defaults 2020-05-23 18:04:32 +02:00			`import (`
			`"time"`

			`"github.com/spf13/pflag"`
			`)`
Move cookie configuration to separate package 2019-05-05 20:13:10 +02:00
Rename CookieOptions to Cookie 2020-05-25 13:43:24 +02:00			`// Cookie contains configuration options relating to Cookie configuration`
			`type Cookie struct {`
Remove Env tags from Cookie and Session Options 2020-05-08 19:16:08 +02:00			Name string `flag:"cookie-name" cfg:"cookie_name"`
			Secret string `flag:"cookie-secret" cfg:"cookie_secret"`
Rename cookie-domain config to cookie-domains (#559) Co-authored-by: Henry Jenkins <henry@henryjenkins.name> 2020-05-24 21:19:56 +02:00			Domains []string `flag:"cookie-domain" cfg:"cookie_domains"`
Remove Env tags from Cookie and Session Options 2020-05-08 19:16:08 +02:00			Path string `flag:"cookie-path" cfg:"cookie_path"`
			Expire time.Duration `flag:"cookie-expire" cfg:"cookie_expire"`
			Refresh time.Duration `flag:"cookie-refresh" cfg:"cookie_refresh"`
			Secure bool `flag:"cookie-secure" cfg:"cookie_secure"`
			HTTPOnly bool `flag:"cookie-httponly" cfg:"cookie_httponly"`
			SameSite string `flag:"cookie-samesite" cfg:"cookie_samesite"`
Move cookie configuration to separate package 2019-05-05 20:13:10 +02:00			`}`
Create Cookie FlagSet and Defaults 2020-05-23 18:04:32 +02:00
			`func cookieFlagSet() *pflag.FlagSet {`
			`flagSet := pflag.NewFlagSet("cookie", pflag.ExitOnError)`

			`flagSet.String("cookie-name", "_oauth2_proxy", "the name of the cookie that the oauth_proxy creates")`
			`flagSet.String("cookie-secret", "", "the seed string for secure cookies (optionally base64 encoded)")`
			flagSet.StringSlice("cookie-domain", []string{}, "Optional cookie domains to force cookies to (ie: `.yourcompany.com`). The longest domain matching the request's host will be used (or the shortest cookie domain if there is no match).")
			`flagSet.String("cookie-path", "/", "an optional cookie path to force cookies to (ie: /poc/)*")`
			`flagSet.Duration("cookie-expire", time.Duration(168)*time.Hour, "expire timeframe for cookie")`
			`flagSet.Duration("cookie-refresh", time.Duration(0), "refresh the cookie after this duration; 0 to disable")`
			`flagSet.Bool("cookie-secure", true, "set secure (HTTPS) cookie flag")`
			`flagSet.Bool("cookie-httponly", true, "set HttpOnly cookie flag")`
			`flagSet.String("cookie-samesite", "", "set SameSite cookie attribute (ie: \"lax\", \"strict\", \"none\", or \"\"). ")`

			`return flagSet`
			`}`

Rename CookieOptions to Cookie 2020-05-25 13:43:24 +02:00			`// cookieDefaults creates a Cookie populating each field with its default value`
			`func cookieDefaults() Cookie {`
			`return Cookie{`
Create Cookie FlagSet and Defaults 2020-05-23 18:04:32 +02:00			`Name: "_oauth2_proxy",`
			`Secret: "",`
			`Domains: nil,`
			`Path: "/",`
			`Expire: time.Duration(168) * time.Hour,`
			`Refresh: time.Duration(0),`
			`Secure: true,`
			`HTTPOnly: true,`
			`SameSite: "",`
			`}`
			`}`