mirror of
https://github.com/oauth2-proxy/oauth2-proxy.git
synced 2024-11-28 09:08:44 +02:00
7eeaea0b3f
* Set and verify a nonce with OIDC * Create a CSRF object to manage nonces & cookies * Add missing generic cookie unit tests * Add config flag to control OIDC SkipNonce * Send hashed nonces in authentication requests * Encrypt the CSRF cookie * Add clarity to naming & add more helper methods * Make CSRF an interface and keep underlying nonces private * Add ReverseProxy scope to cookie tests * Align to new 1.16 SameSite cookie default * Perform SecretBytes conversion on CSRF cookie crypto * Make state encoding signatures consistent * Mock time in CSRF struct via Clock * Improve InsecureSkipNonce docstring
36 lines
717 B
Go
36 lines
717 B
Go
package cookies
|
|
|
|
import (
|
|
"net/http"
|
|
"testing"
|
|
"time"
|
|
|
|
"github.com/oauth2-proxy/oauth2-proxy/v7/pkg/logger"
|
|
. "github.com/onsi/ginkgo"
|
|
. "github.com/onsi/gomega"
|
|
)
|
|
|
|
const (
|
|
csrfState = "1234asdf1234asdf1234asdf"
|
|
csrfNonce = "0987lkjh0987lkjh0987lkjh"
|
|
|
|
cookieName = "cookie_test_12345"
|
|
cookieSecret = "3q48hmFH30FJ2HfJF0239UFJCVcl3kj3"
|
|
cookieDomain = "o2p.cookies.test"
|
|
cookiePath = "/cookie-tests"
|
|
|
|
nowEpoch = 1609366421
|
|
)
|
|
|
|
func TestProviderSuite(t *testing.T) {
|
|
logger.SetOutput(GinkgoWriter)
|
|
|
|
RegisterFailHandler(Fail)
|
|
RunSpecs(t, "Cookies")
|
|
}
|
|
|
|
func testCookieExpires(exp time.Time) string {
|
|
var buf [len(http.TimeFormat)]byte
|
|
return string(exp.UTC().AppendFormat(buf[:0], http.TimeFormat))
|
|
}
|