diff --git a/cmd/wonderwall/main.go b/cmd/wonderwall/main.go index 1b32b4c..bbccf1d 100644 --- a/cmd/wonderwall/main.go +++ b/cmd/wonderwall/main.go @@ -8,7 +8,6 @@ import ( _ "go.uber.org/automaxprocs" "github.com/nais/wonderwall/pkg/config" - "github.com/nais/wonderwall/pkg/cookie" "github.com/nais/wonderwall/pkg/crypto" "github.com/nais/wonderwall/pkg/handler" "github.com/nais/wonderwall/pkg/metrics" @@ -81,9 +80,7 @@ func standalone(ctx context.Context, cfg *config.Config, crypt crypto.Crypter) ( return nil, err } - cookieOpts := cookie.DefaultOptions() - - return handler.NewStandalone(cfg, cookieOpts, jwksProvider, openidConfig, crypt) + return handler.NewStandalone(cfg, jwksProvider, openidConfig, crypt) } func ssoServer(ctx context.Context, cfg *config.Config, crypt crypto.Crypter) (*handler.SSOServer, error) { @@ -92,11 +89,7 @@ func ssoServer(ctx context.Context, cfg *config.Config, crypt crypto.Crypter) (* return nil, err } - h.CookieOptions = cookie.DefaultOptions(). - WithPath("/"). - WithDomain(cfg.SSO.Domain) - - return handler.NewSSOServer(h) + return handler.NewSSOServer(cfg, h) } func ssoProxy(cfg *config.Config, crypt crypto.Crypter) (*handler.SSOProxy, error) { diff --git a/pkg/handler/handler.go b/pkg/handler/handler.go index 216cca8..6e302ff 100644 --- a/pkg/handler/handler.go +++ b/pkg/handler/handler.go @@ -47,7 +47,6 @@ type Standalone struct { func NewStandalone( cfg *config.Config, - cookieOpts cookie.Options, jwksProvider openidclient.JwksProvider, openidConfig openidconfig.Config, crypter crypto.Crypter, @@ -57,6 +56,8 @@ func NewStandalone( return nil, err } + cookieOpts := cookie.DefaultOptions() + openidClient := openidclient.NewClient(openidConfig, jwksProvider) openidClient.SetHttpClient(&http.Client{ Timeout: time.Second * 10, diff --git a/pkg/handler/handler_sso_server.go b/pkg/handler/handler_sso_server.go index 50c361b..3852fb1 100644 --- a/pkg/handler/handler_sso_server.go +++ b/pkg/handler/handler_sso_server.go @@ -3,6 +3,7 @@ package handler import ( "net/http" + "github.com/nais/wonderwall/pkg/config" "github.com/nais/wonderwall/pkg/cookie" "github.com/nais/wonderwall/pkg/router" "github.com/nais/wonderwall/pkg/url" @@ -14,13 +15,16 @@ type SSOServer struct { *Standalone } -func NewSSOServer(handler *Standalone) (*SSOServer, error) { - redirect, err := url.NewSSOServerRedirect(handler.Config) +func NewSSOServer(cfg *config.Config, handler *Standalone) (*SSOServer, error) { + redirect, err := url.NewSSOServerRedirect(cfg) if err != nil { return nil, err } - handler.Redirect = redirect + handler.CookieOptions = cookie.DefaultOptions(). + WithPath("/"). + WithDomain(cfg.SSO.Domain) + return &SSOServer{Standalone: handler}, nil } diff --git a/pkg/mock/openid.go b/pkg/mock/openid.go index 28fc49a..ea8de97 100644 --- a/pkg/mock/openid.go +++ b/pkg/mock/openid.go @@ -81,8 +81,6 @@ func NewIdentityProvider(cfg *config.Config) *IdentityProvider { crypter := crypto.NewCrypter([]byte(cfg.EncryptionKey)) - cookieOpts := cookie.DefaultOptions().WithSecure(false) - rds, err := miniredis.Run() if err != nil { panic(err) @@ -91,11 +89,13 @@ func NewIdentityProvider(cfg *config.Config) *IdentityProvider { cfg.Redis.TLS = false cfg.Redis.Address = rds.Addr() - rpHandler, err := handlerpkg.NewStandalone(cfg, cookieOpts, jwksProvider, openidConfig, crypter) + rpHandler, err := handlerpkg.NewStandalone(cfg, jwksProvider, openidConfig, crypter) if err != nil { panic(err) } + rpHandler.CookieOptions = cookie.DefaultOptions().WithSecure(false) + rpRouter := router.New(rpHandler, cfg) rpServer.SetHandler(rpRouter) rpServer.Start()