Simplify Gothic to use our session store instead of creating a different store (#17507)
* Simplify Gothic to use our session store instead of creating a different store We have been using xormstore to provide a separate session store for our OAuth2 logins however, this relies on using gorilla context and some doubling of our session storing. We can however, simplify and simply use our own chi-based session store. Thus removing a cookie and some of the weirdness with missing contexts. Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net> * as per review Signed-off-by: Andrew Thornton <art27@cantab.net> * Handle MaxTokenLength Signed-off-by: Andrew Thornton <art27@cantab.net> * oops Signed-off-by: Andrew Thornton <art27@cantab.net> Co-authored-by: techknowlogick <techknowlogick@gitea.io> Co-authored-by: Lauris BH <lauris@nix.lv>
This commit is contained in:
zeripath
GitHub
parent
95da01c5cd
commit
9d855bd6a1
25 changed files with 110 additions and 934 deletions
|
|
@ -5,23 +5,21 @@
|
|||
package oauth2
|
||||
|
||||
import (
|
||||
"encoding/gob"
|
||||
"net/http"
|
||||
"sync"
|
||||
|
||||
"code.gitea.io/gitea/models/db"
|
||||
"code.gitea.io/gitea/models/login"
|
||||
"code.gitea.io/gitea/modules/log"
|
||||
"code.gitea.io/gitea/modules/setting"
|
||||
|
||||
"github.com/google/uuid"
|
||||
"github.com/gorilla/sessions"
|
||||
"github.com/markbates/goth/gothic"
|
||||
)
|
||||
|
||||
var gothRWMutex = sync.RWMutex{}
|
||||
|
||||
// SessionTableName is the table name that OAuth2 will use to store things
|
||||
const SessionTableName = "oauth2_session"
|
||||
|
||||
// UsersStoreKey is the key for the store
|
||||
const UsersStoreKey = "gitea-oauth2-sessions"
|
||||
|
||||
|
|
@ -34,23 +32,14 @@ func Init() error {
|
|||
return err
|
||||
}
|
||||
|
||||
store, err := db.CreateStore(SessionTableName, UsersStoreKey)
|
||||
if err != nil {
|
||||
return err
|
||||
}
|
||||
|
||||
// according to the Goth lib:
|
||||
// set the maxLength of the cookies stored on the disk to a larger number to prevent issues with:
|
||||
// securecookie: the value is too long
|
||||
// when using OpenID Connect , since this can contain a large amount of extra information in the id_token
|
||||
|
||||
// Note, when using the FilesystemStore only the session.ID is written to a browser cookie, so this is explicit for the storage on disk
|
||||
store.MaxLength(setting.OAuth2.MaxTokenLength)
|
||||
|
||||
// Lock our mutex
|
||||
gothRWMutex.Lock()
|
||||
|
||||
gothic.Store = store
|
||||
gob.Register(&sessions.Session{})
|
||||
|
||||
gothic.Store = &SessionsStore{
|
||||
maxLength: int64(setting.OAuth2.MaxTokenLength),
|
||||
}
|
||||
|
||||
gothic.SetState = func(req *http.Request) string {
|
||||
return uuid.New().String()
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue