1
0
mirror of https://github.com/oauth2-proxy/oauth2-proxy.git synced 2024-11-24 08:52:25 +02:00

Make ProcessCookie() fail when cookie parse fails

This commit is contained in:
Mike Bland 2015-05-09 16:31:18 -04:00
parent bd4eae8fec
commit 610341a068
2 changed files with 12 additions and 0 deletions

View File

@ -298,6 +298,7 @@ func (p *OauthProxy) ProcessCookie(rw http.ResponseWriter, req *http.Request) (e
}
if err != nil {
log.Printf(err.Error())
ok = false
} else if p.CookieRefresh != time.Duration(0) {
refresh_threshold := time.Now().Add(p.CookieRefresh)
if refresh_threshold.Unix() > timestamp.Unix() {

View File

@ -474,6 +474,17 @@ func TestProcessCookieNoCookieError(t *testing.T) {
assert.Equal(t, false, ok)
}
func TestProcessCookieFailIfParsingCookieValueFails(t *testing.T) {
pc_test := NewProcessCookieTest()
value, _ := buildCookieValue("michael.bland@gsa.gov",
pc_test.proxy.AesCipher, "my_access_token")
pc_test.req.AddCookie(pc_test.proxy.MakeCookie(
pc_test.req, value+"some bogus bytes",
pc_test.opts.CookieExpire))
_, _, _, ok := pc_test.ProcessCookie()
assert.Equal(t, false, ok)
}
func TestProcessCookieRefreshNotSet(t *testing.T) {
pc_test := NewProcessCookieTest()
pc_test.InstantiateBackend()