Initialise SessionStore in Options

2025-11-29 22:48:19 +02:00 · 2019-05-07 14:27:09 +01:00
parent 17e97ab884
commit fbee5eae16
6 changed files with 48 additions and 11 deletions
--- a/options.go
+++ b/options.go
@@ -19,6 +19,8 @@ import (
 	"github.com/mbland/hmacauth"
 	"github.com/pusher/oauth2_proxy/logger"
 	"github.com/pusher/oauth2_proxy/pkg/apis/options"
+	sessionsapi "github.com/pusher/oauth2_proxy/pkg/apis/sessions"
+	"github.com/pusher/oauth2_proxy/pkg/sessions"
 	"github.com/pusher/oauth2_proxy/providers"
 	"gopkg.in/natefinch/lumberjack.v2"
 )
@@ -111,6 +113,7 @@ type Options struct {
 	proxyURLs     []*url.URL
 	CompiledRegex []*regexp.Regexp
 	provider      providers.Provider
+	sessionStore  sessionsapi.SessionStore
 	signatureData *SignatureData
 	oidcVerifier  *oidc.IDTokenVerifier
 }
@@ -136,6 +139,9 @@ func NewOptions() *Options {
 			CookieExpire:   time.Duration(168) * time.Hour,
 			CookieRefresh:  time.Duration(0),
 		},
+		SessionOptions: options.SessionOptions{
+			Type: "cookie",
+		},
 		SetXAuthRequest:       false,
 		SkipAuthPreflight:     false,
 		PassBasicAuth:         true,
@@ -283,9 +289,19 @@ func (o *Options) Validate() error {
 					"pass_access_token == true or "+
 					"cookie_refresh != 0, but is %d bytes.%s",
 				len(secretBytes(o.CookieSecret)), suffix))
+		} else {
+			// Enable encryption in the session store
+			o.EnableCipher = true
 		}
 	}

+	sessionStore, err := sessions.NewSessionStore(&o.SessionOptions, &o.CookieOptions)
+	if err != nil {
+		msgs = append(msgs, fmt.Sprintf("error initialising session storage: %v", err))
+	} else {
+		o.sessionStore = sessionStore
+	}
+
 	if o.CookieRefresh >= o.CookieExpire {
 		msgs = append(msgs, fmt.Sprintf(
 			"cookie_refresh (%s) must be less than "+