adding samesite to config

rarimo · Mar 11, 2024 · 2ed30ce · 2ed30ce
1 parent de1e225
commit 2ed30ce
Show file tree

Hide file tree

Showing 4 changed files with 12 additions and 21 deletions.
diff --git a/config.yaml b/config.yaml
@@ -13,6 +13,7 @@ jwt:
 cookies:
   domain: "rarime.com"
   secure: true
+  same_site: 4
 
 verifier:
   schema: 12345

diff --git a/internal/cookies/config.go b/internal/cookies/config.go
@@ -25,8 +25,9 @@ type cookier struct {
 func (j *cookier) Cookies() *Cookies {
 	return j.once.Do(func() interface{} {
 		cfg := struct {
-			Domain string `fig:"domain,required"`
-			Secure bool   `fig:"secure,required"`
+			Domain   string `fig:"domain,required"`
+			Secure   bool   `fig:"secure,required"`
+			SameSite int    `fig:"same_site,required"`
 		}{}
 		err := figure.
 			Out(&cfg).

diff --git a/internal/cookies/main.go b/internal/cookies/main.go
@@ -12,8 +12,9 @@ const (
 )
 
 type Cookies struct {
-	Domain string
-	Secure bool
+	Domain   string
+	Secure   bool
+	SameSite int
 }
 
 func (c *Cookies) SetAccessToken(w http.ResponseWriter, token string, exp time.Time) {
@@ -23,7 +24,7 @@ func (c *Cookies) SetAccessToken(w http.ResponseWriter, token string, exp time.T
 		Path:     "/",
 		HttpOnly: true,
 		Secure:   c.Secure,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSite(c.SameSite),
 		Domain:   c.Domain,
 		Expires:  exp,
 	}
@@ -38,7 +39,7 @@ func (c *Cookies) SetRefreshToken(w http.ResponseWriter, token string, exp time.
 		Path:     "/",
 		HttpOnly: true,
 		Secure:   c.Secure,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSite(c.SameSite),
 		Domain:   c.Domain,
 		Expires:  exp,
 	}
@@ -54,7 +55,7 @@ func (c *Cookies) ClearTokensCookies(w http.ResponseWriter) {
 		HttpOnly: true,
 		Secure:   c.Secure,
 		MaxAge:   -1,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSite(c.SameSite),
 		Domain:   c.Domain,
 	}
 
@@ -67,7 +68,7 @@ func (c *Cookies) ClearTokensCookies(w http.ResponseWriter) {
 		HttpOnly: true,
 		Secure:   c.Secure,
 		MaxAge:   -1,
-		SameSite: http.SameSiteLaxMode,
+		SameSite: http.SameSite(c.SameSite),
 		Domain:   c.Domain,
 	}
 

diff --git a/internal/jwt/main_test.go b/internal/jwt/main_test.go
@@ -7,7 +7,6 @@ import (
 	"time"
 
 	"github.com/ethereum/go-ethereum/common/hexutil"
-	"github.com/google/uuid"
 	"gotest.tools/assert"
 )
 
@@ -21,11 +20,6 @@ func TestGeneratePrivateKey(t *testing.T) {
 }
 
 func TestJWT(t *testing.T) {
-	var (
-		val           = uuid.New()
-		role1  uint32 = 10
-		group1        = &val
-	)
 
 	issuer := JWTIssuer{
 		prv:               make([]byte, 64),
@@ -36,12 +30,9 @@ func TestJWT(t *testing.T) {
 	_, err := rand.Read(issuer.prv)
 	assert.NilError(t, err)
 
-	jwt, err := issuer.IssueJWT(
+	jwt, _, err := issuer.IssueJWT(
 		&AuthClaim{
-			OrgDID:  "did:iden3:readonly:tM1QCJ7ytcbvLB7EFQhGsJPumc11DEE18gEvAzxE7",
 			UserDID: "did:iden3:readonly:tM1QCJ7ytcbvLB7EFQhGsJPumc11DEE18gEvAzxE7",
-			Role:    role1,
-			Group:   group1,
 			Type:    AccessTokenType,
 		},
 	)
@@ -51,8 +42,5 @@ func TestJWT(t *testing.T) {
 	assert.NilError(t, err)
 
 	assert.Equal(t, claim.UserDID, "did:iden3:readonly:tM1QCJ7ytcbvLB7EFQhGsJPumc11DEE18gEvAzxE7")
-	assert.Equal(t, claim.OrgDID, "did:iden3:readonly:tM1QCJ7ytcbvLB7EFQhGsJPumc11DEE18gEvAzxE7")
-	assert.Equal(t, claim.Role, role1)
-	assert.Equal(t, *claim.Group, val)
 	assert.Equal(t, claim.Type, AccessTokenType)
 }