[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[GNUnet-SVN] [gnunet] branch master updated: REST: expire cookies
From: |
gnunet |
Subject: |
[GNUnet-SVN] [gnunet] branch master updated: REST: expire cookies |
Date: |
Wed, 28 Nov 2018 09:23:06 +0100 |
This is an automated email from the git hooks/post-receive script.
martin-schanzenbach pushed a commit to branch master
in repository gnunet.
The following commit(s) were added to refs/heads/master by this push:
new 3fc5340f4 REST: expire cookies
3fc5340f4 is described below
commit 3fc5340f4cc762d091904ee829c3bcadca452ece
Author: Schanzenbach, Martin <address@hidden>
AuthorDate: Wed Nov 28 09:23:03 2018 +0100
REST: expire cookies
---
src/rest-plugins/plugin_rest_openid_connect.c | 16 ++++++++++++++--
1 file changed, 14 insertions(+), 2 deletions(-)
diff --git a/src/rest-plugins/plugin_rest_openid_connect.c
b/src/rest-plugins/plugin_rest_openid_connect.c
index 9325d5825..ca988387c 100644
--- a/src/rest-plugins/plugin_rest_openid_connect.c
+++ b/src/rest-plugins/plugin_rest_openid_connect.c
@@ -121,6 +121,11 @@
#define OIDC_NONCE_KEY "nonce"
/**
+ * OIDC cookie expiration (in seconds)
+ */
+#define OIDC_COOKIE_EXPIRATION 3
+
+/**
* OIDC cookie header key
*/
#define OIDC_COOKIE_HEADER_KEY "cookie"
@@ -1398,6 +1403,7 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
struct GNUNET_TIME_Absolute *current_time;
struct GNUNET_TIME_Absolute *last_time;
char* cookie;
+ char* header_val;
json_t *root;
json_error_t error;
json_t *identity;
@@ -1416,7 +1422,13 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle);
return;
}
- GNUNET_asprintf (&cookie, "Identity=%s", json_string_value (identity));
+ GNUNET_asprintf (&cookie,
+ "Identity=%s",
+ json_string_value (identity));
+ GNUNET_asprintf (&header_val,
+ "%s;Max-Age=%d",
+ cookie,
+ OIDC_COOKIE_EXPIRATION);
MHD_add_response_header (resp, "Set-Cookie", cookie);
MHD_add_response_header (resp, "Access-Control-Allow-Methods", "POST");
GNUNET_CRYPTO_hash (cookie, strlen (cookie), &cache_key);
@@ -1427,7 +1439,7 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
current_time = GNUNET_new(struct GNUNET_TIME_Absolute);
*current_time = GNUNET_TIME_relative_to_absolute (
GNUNET_TIME_relative_multiply (GNUNET_TIME_relative_get_second_ (),
-
5));
+
OIDC_COOKIE_EXPIRATION));
last_time = GNUNET_CONTAINER_multihashmap_get(OIDC_identity_login_time,
&cache_key);
if (NULL != last_time)
{
--
To stop receiving notification emails like this one, please contact
address@hidden
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- [GNUnet-SVN] [gnunet] branch master updated: REST: expire cookies,
gnunet <=