lukaszraczylo/traefikoidc
1
0
Fork 0
mirror of https://github.com/lukaszraczylo/traefikoidc.git synced 2026-06-05 22:44:17 +00:00
Code Issues Packages Projects Releases Wiki Activity

0.7.10 (#80)

Browse Source 
* Add ability to disable replay protection. - This is useful for runs with multiple traefik replicas to avoid false positives and tokens re-creation.
* Enhance the CI/CD pipelines
* Increase test coverage.
* Update vendored dependencies.
* Update behaviour on forceHTTPS as per issue #82
This commit is contained in:
Lukasz Raczylo
2025-10-16 10:56:28 +01:00
committed by GitHub
parent 79e9b164f9
commit ae59a5e88a
74 changed files with 10748 additions and 234 deletions
Download Patch File Download Diff File Expand all files Collapse all files
auth_flow.go
+2 -2
View File
@@ -47,7 +47,7 @@ func (t *TraefikOidc) generatePKCEParameters() (string, string, error) {
// prepareSessionForAuthentication clears existing session data and sets new authentication state
func (t *TraefikOidc) prepareSessionForAuthentication(session *SessionData, csrfToken, nonce, codeVerifier, incomingPath string) {
// Clear all existing session data
session.SetAuthenticated(false)
_ = session.SetAuthenticated(false) // Safe to ignore: clearing authentication state on new flow
session.SetEmail("")
session.SetAccessToken("")
session.SetRefreshToken("")
@@ -276,7 +276,7 @@ func (t *TraefikOidc) handleCallback(rw http.ResponseWriter, req *http.Request,
// - redirectURL: The callback URL to be used in the new authentication flow.
func (t *TraefikOidc) handleExpiredToken(rw http.ResponseWriter, req *http.Request, session *SessionData, redirectURL string) {
t.logger.Debug("Handling expired token: Clearing session and initiating re-authentication.")
session.SetAuthenticated(false)
_ = session.SetAuthenticated(false) // Safe to ignore: clearing authentication on expired token
session.SetIDToken("")
session.SetAccessToken("")
session.SetRefreshToken("")