...

Source file src/edge-infra.dev/pkg/edge/iam/oauth2/cookie_session.go

Documentation: edge-infra.dev/pkg/edge/iam/oauth2 

     1  package oauth2
     2  
     3  import (
     4  	"net/http"
     5  
     6  	"github.com/gin-gonic/gin"
     7  	"github.com/gorilla/sessions"
     8  	"github.com/ory/fosite"
     9  
    10  	"edge-infra.dev/pkg/edge/iam/client"
    11  	"edge-infra.dev/pkg/edge/iam/config"
    12  	"edge-infra.dev/pkg/edge/iam/device"
    13  	"edge-infra.dev/pkg/edge/iam/log"
    14  	"edge-infra.dev/pkg/edge/iam/session"
    15  	"edge-infra.dev/pkg/edge/iam/util"
    16  )
    17  
    18  func newCookieSession(ctx *gin.Context, cookieSession *sessions.Session, session *session.LoginSession, clientID string, requester fosite.AuthorizeRequester) {
    19  	cookieSession.Values["client_id"] = clientID
    20  	cookieSession.Values["errormsg"] = session.ErrorMessage
    21  	setLDFeatureFlags(ctx, cookieSession, requester)
    22  }
    23  
    24  func setRequestURL(cookieSession *sessions.Session, ctx *gin.Context) {
    25  	// save the url we expect to be redirect to at the end
    26  	url := ctx.Request.URL
    27  	query := url.Query()
    28  	// we dont expect a login_hint
    29  	query.Del("login_hint")
    30  	url.RawQuery = query.Encode()
    31  	redirectURI := url.String()
    32  	cookieSession.Values["request_url"] = redirectURI
    33  }
    34  
    35  func setLDFeatureFlags(ctx *gin.Context, cookieSession *sessions.Session, requester fosite.AuthorizeRequester) {
    36  	logger := log.Get(ctx)
    37  
    38  	// Set barcode flag
    39  	// let us assume that this client does not have barcode grant
    40  	cookieSession.Values["print_barcode_enabled"] = false
    41  
    42  	client := requester.GetClient().(*client.Client)
    43  	// check if the feature flag barcode enabled true and
    44  	// the client has barcode grant
    45  	if config.BarcodeEnabled(requester.GetClient().GetID()) {
    46  		// this cookie value we should utilize in identity
    47  		if len(client.GetPrintBarcodeURI()) > 0 {
    48  			cookieSession.Values["print_barcode_enabled"] = true
    49  		}
    50  		if len(client.GetPrintBarcodeTypes()) > 0 {
    51  			cookieSession.Values["print_barcode_enabled"] = util.IsElementExist(client.GetPrintBarcodeTypes(), "128A")
    52  		}
    53  	}
    54  	cookieSession.Values["print_ebc_enabled"] = util.IsElementExist(client.GetPrintBarcodeTypes(), "qr") && config.EmergencyBarcodeEnabled(client.GetID())
    55  
    56  	cookieSession.Values["can_scan_barcode"] = client.GetGrantTypes().Has("barcode")
    57  
    58  	//Set Okta Enabled Flag
    59  	cookieSession.Values["okta_enabled"] = config.OktaEnabled()
    60  
    61  	cookieSession.Values["device_enabled"] = config.DeviceLoginEnabled()
    62  
    63  	devicePolicy, errGetPolicy := device.GetLoginPolicy()
    64  	if errGetPolicy == nil {
    65  		cookieSession.Values["device_login_policy"] = devicePolicy
    66  	}
    67  
    68  	cookieSession.Values["strong_auth_disabled"] = config.StrongAuthDisabled()
    69  
    70  	//save cookie session
    71  	err := cookieSession.Save(ctx.Request, ctx.Writer)
    72  	if err != nil {
    73  		logger.Error(err, "failed to save cookie session post setting the LD feature flags")
    74  		ctx.Redirect(http.StatusFound, "/esod")
    75  		return
    76  	}
    77  }
    78  

View as plain text