refactor: move cookie options to handler constructors

cmd/wonderwall/main.go

@@ -8,7 +8,6 @@ import (
 	_ "go.uber.org/automaxprocs"
 
 	"github.com/nais/wonderwall/pkg/config"
-	"github.com/nais/wonderwall/pkg/cookie"
 	"github.com/nais/wonderwall/pkg/crypto"
 	"github.com/nais/wonderwall/pkg/handler"
 	"github.com/nais/wonderwall/pkg/metrics"
@@ -81,9 +80,7 @@ func standalone(ctx context.Context, cfg *config.Config, crypt crypto.Crypter) (
 		return nil, err
 	}
 
-	cookieOpts := cookie.DefaultOptions()
-
-	return handler.NewStandalone(cfg, cookieOpts, jwksProvider, openidConfig, crypt)
+	return handler.NewStandalone(cfg, jwksProvider, openidConfig, crypt)
 }
 
 func ssoServer(ctx context.Context, cfg *config.Config, crypt crypto.Crypter) (*handler.SSOServer, error) {
@@ -92,11 +89,7 @@ func ssoServer(ctx context.Context, cfg *config.Config, crypt crypto.Crypter) (*
 		return nil, err
 	}
 
-	h.CookieOptions = cookie.DefaultOptions().
-		WithPath("/").
-		WithDomain(cfg.SSO.Domain)
-
-	return handler.NewSSOServer(h)
+	return handler.NewSSOServer(cfg, h)
 }
 
 func ssoProxy(cfg *config.Config, crypt crypto.Crypter) (*handler.SSOProxy, error) {

pkg/handler/handler.go

@@ -47,7 +47,6 @@ type Standalone struct {
 
 func NewStandalone(
 	cfg *config.Config,
-	cookieOpts cookie.Options,
 	jwksProvider openidclient.JwksProvider,
 	openidConfig openidconfig.Config,
 	crypter crypto.Crypter,
@@ -57,6 +56,8 @@ func NewStandalone(
 		return nil, err
 	}
 
+	cookieOpts := cookie.DefaultOptions()
+
 	openidClient := openidclient.NewClient(openidConfig, jwksProvider)
 	openidClient.SetHttpClient(&http.Client{
 		Timeout: time.Second * 10,

pkg/handler/handler_sso_server.go

@@ -3,6 +3,7 @@ package handler
 import (
 	"net/http"
 
+	"github.com/nais/wonderwall/pkg/config"
 	"github.com/nais/wonderwall/pkg/cookie"
 	"github.com/nais/wonderwall/pkg/router"
 	"github.com/nais/wonderwall/pkg/url"
@@ -14,13 +15,16 @@ type SSOServer struct {
 	*Standalone
 }
 
-func NewSSOServer(handler *Standalone) (*SSOServer, error) {
-	redirect, err := url.NewSSOServerRedirect(handler.Config)
+func NewSSOServer(cfg *config.Config, handler *Standalone) (*SSOServer, error) {
+	redirect, err := url.NewSSOServerRedirect(cfg)
 	if err != nil {
 		return nil, err
 	}
-
 	handler.Redirect = redirect
+	handler.CookieOptions = cookie.DefaultOptions().
+		WithPath("/").
+		WithDomain(cfg.SSO.Domain)
+
 	return &SSOServer{Standalone: handler}, nil
 }
 

pkg/mock/openid.go

@@ -81,8 +81,6 @@ func NewIdentityProvider(cfg *config.Config) *IdentityProvider {
 
 	crypter := crypto.NewCrypter([]byte(cfg.EncryptionKey))
 
-	cookieOpts := cookie.DefaultOptions().WithSecure(false)
-
 	rds, err := miniredis.Run()
 	if err != nil {
 		panic(err)
@@ -91,11 +89,13 @@ func NewIdentityProvider(cfg *config.Config) *IdentityProvider {
 	cfg.Redis.TLS = false
 	cfg.Redis.Address = rds.Addr()
 
-	rpHandler, err := handlerpkg.NewStandalone(cfg, cookieOpts, jwksProvider, openidConfig, crypter)
+	rpHandler, err := handlerpkg.NewStandalone(cfg, jwksProvider, openidConfig, crypter)
 	if err != nil {
 		panic(err)
 	}
 
+	rpHandler.CookieOptions = cookie.DefaultOptions().WithSecure(false)
+
 	rpRouter := router.New(rpHandler, cfg)
 	rpServer.SetHandler(rpRouter)
 	rpServer.Start()