mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2024-11-24 08:52:25 +02:00
Make ProcessCookie() fail when cookie parse fails
This commit is contained in:
parent
bd4eae8fec
commit
610341a068
@ -298,6 +298,7 @@ func (p *OauthProxy) ProcessCookie(rw http.ResponseWriter, req *http.Request) (e
|
||||
}
|
||||
if err != nil {
|
||||
log.Printf(err.Error())
|
||||
ok = false
|
||||
} else if p.CookieRefresh != time.Duration(0) {
|
||||
refresh_threshold := time.Now().Add(p.CookieRefresh)
|
||||
if refresh_threshold.Unix() > timestamp.Unix() {
|
||||
|
@ -474,6 +474,17 @@ func TestProcessCookieNoCookieError(t *testing.T) {
|
||||
assert.Equal(t, false, ok)
|
||||
}
|
||||
|
||||
func TestProcessCookieFailIfParsingCookieValueFails(t *testing.T) {
|
||||
pc_test := NewProcessCookieTest()
|
||||
value, _ := buildCookieValue("michael.bland@gsa.gov",
|
||||
pc_test.proxy.AesCipher, "my_access_token")
|
||||
pc_test.req.AddCookie(pc_test.proxy.MakeCookie(
|
||||
pc_test.req, value+"some bogus bytes",
|
||||
pc_test.opts.CookieExpire))
|
||||
_, _, _, ok := pc_test.ProcessCookie()
|
||||
assert.Equal(t, false, ok)
|
||||
}
|
||||
|
||||
func TestProcessCookieRefreshNotSet(t *testing.T) {
|
||||
pc_test := NewProcessCookieTest()
|
||||
pc_test.InstantiateBackend()
|
||||
|
Loading…
Reference in New Issue
Block a user