gnunet-svn
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[GNUnet-SVN] [gnunet] branch master updated: REST: expire cookies


From: gnunet
Subject: [GNUnet-SVN] [gnunet] branch master updated: REST: expire cookies
Date: Wed, 28 Nov 2018 09:23:06 +0100

This is an automated email from the git hooks/post-receive script.

martin-schanzenbach pushed a commit to branch master
in repository gnunet.

The following commit(s) were added to refs/heads/master by this push:
     new 3fc5340f4 REST: expire cookies
3fc5340f4 is described below

commit 3fc5340f4cc762d091904ee829c3bcadca452ece
Author: Schanzenbach, Martin <address@hidden>
AuthorDate: Wed Nov 28 09:23:03 2018 +0100

    REST: expire cookies
---
 src/rest-plugins/plugin_rest_openid_connect.c | 16 ++++++++++++++--
 1 file changed, 14 insertions(+), 2 deletions(-)

diff --git a/src/rest-plugins/plugin_rest_openid_connect.c 
b/src/rest-plugins/plugin_rest_openid_connect.c
index 9325d5825..ca988387c 100644
--- a/src/rest-plugins/plugin_rest_openid_connect.c
+++ b/src/rest-plugins/plugin_rest_openid_connect.c
@@ -121,6 +121,11 @@
 #define OIDC_NONCE_KEY "nonce"
 
 /**
+ * OIDC cookie expiration (in seconds)
+ */
+#define OIDC_COOKIE_EXPIRATION 3
+
+/**
  * OIDC cookie header key
  */
 #define OIDC_COOKIE_HEADER_KEY "cookie"
@@ -1398,6 +1403,7 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
   struct GNUNET_TIME_Absolute *current_time;
   struct GNUNET_TIME_Absolute *last_time;
   char* cookie;
+  char* header_val;
   json_t *root;
   json_error_t error;
   json_t *identity;
@@ -1416,7 +1422,13 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
     GNUNET_SCHEDULER_add_now (&cleanup_handle_delayed, handle);
     return;
   }
-  GNUNET_asprintf (&cookie, "Identity=%s", json_string_value (identity));
+  GNUNET_asprintf (&cookie,
+                   "Identity=%s",
+                   json_string_value (identity));
+  GNUNET_asprintf (&header_val,
+                   "%s;Max-Age=%d",
+                   cookie,
+                   OIDC_COOKIE_EXPIRATION);
   MHD_add_response_header (resp, "Set-Cookie", cookie);
   MHD_add_response_header (resp, "Access-Control-Allow-Methods", "POST");
   GNUNET_CRYPTO_hash (cookie, strlen (cookie), &cache_key);
@@ -1427,7 +1439,7 @@ login_cont (struct GNUNET_REST_RequestHandle *con_handle,
     current_time = GNUNET_new(struct GNUNET_TIME_Absolute);
     *current_time = GNUNET_TIME_relative_to_absolute (
                                                       
GNUNET_TIME_relative_multiply (GNUNET_TIME_relative_get_second_ (),
-                                                                               
      5));
+                                                                               
      OIDC_COOKIE_EXPIRATION));
     last_time = GNUNET_CONTAINER_multihashmap_get(OIDC_identity_login_time, 
&cache_key);
     if (NULL != last_time)
     {

-- 
To stop receiving notification emails like this one, please contact
address@hidden



reply via email to

[Prev in Thread] Current Thread [Next in Thread]