Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fix/901 OIDC cookie http only #931

Merged
merged 4 commits into from
Feb 6, 2025
Merged

Fix/901 OIDC cookie http only #931

merged 4 commits into from
Feb 6, 2025

Conversation

ErvinRacz
Copy link
Contributor

Make session cookie HTTP only

See: #901

Testing done

Run the stack locally with oidc auth mode:

air --build.cmd "go build -o ./bin/nebraska ./cmd/nebraska/main.go" \
         --build.bin "./bin/nebraska" \
         --build.args_bin "\
     -debug \
     --auth-mode oidc \
     --oidc-admin-roles nebraska_admin \
     --oidc-viewer-roles nebraska_member \
     --oidc-roles-path \"http://kinvolk\.io/roles\" \
     --oidc-client-id [redacted]\
     --oidc-issuer-url https://[redacted].com/ \
     --oidc-client-secret [redacted] \
     -oidc-valid-redirect-urls http://localhost:3000/*"

Obeserve that the oidc cookie has the httponly flag after login:
Screenshot 2025-02-06 093202

@ErvinRacz
fix(ChannelEdit): handle case when no package is selected
a86cd19 
Ensure that `setFieldValue` is only called when `selectedPackage` is not empty.
@ErvinRacz
fix(sessions): set HttpOnly flag for session cookies
3b6e8ff 
fixes: flatcar#901
@ErvinRacz ErvinRacz requested a review from Copilot February 6, 2025 07:35
Copilot
Copilot AI reviewed Feb 6, 2025
View reviewed changes

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Copilot reviewed 2 out of 2 changed files in this pull request and generated no comments.
@ErvinRacz ErvinRacz merged commit 3507604 into flatcar:main Feb 6, 2025
3 checks passed
@ErvinRacz ErvinRacz deleted the fix/901-oidc-cookie-http-only branch February 6, 2025 12:44
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

Copilot code review Copilot Copilot left review comments

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
1 participant
@ErvinRacz