From e97d8e15ff6dea534b50b86629015ff0415ecf68 Mon Sep 17 00:00:00 2001 From: Lukasz Raczylo Date: Tue, 17 Sep 2024 08:30:44 +0100 Subject: [PATCH] Another attempt to fix the issue with expired session. --- helpers.go | 8 +++++--- main.go | 9 ++------- 2 files changed, 7 insertions(+), 10 deletions(-) diff --git a/helpers.go b/helpers.go index 28473a2..16d8def 100644 --- a/helpers.go +++ b/helpers.go @@ -137,15 +137,17 @@ func (t *TraefikOidc) handleExpiredToken(rw http.ResponseWriter, req *http.Reque func (t *TraefikOidc) handleCallback(rw http.ResponseWriter, req *http.Request) (bool, string) { session, err := t.store.Get(req, cookieName) if err != nil { - handleError(rw, "Session error", http.StatusInternalServerError, t.logger) + t.logger.Errorf("Session error: %v", err) + t.initiateAuthentication(rw, req, session, t.redirectURL) return false, "" } callbackState := req.URL.Query().Get("state") sessionState, ok := session.Values["csrf"].(string) if !ok || callbackState != sessionState { - handleError(rw, "Invalid state parameter", http.StatusBadRequest, t.logger) - return false, "invalid-state-param" + t.logger.Debug("Invalid state parameter. Session might have expired.") + t.initiateAuthentication(rw, req, session, t.redirectURL) + return false, "" } code := req.URL.Query().Get("code") diff --git a/main.go b/main.go index a62b328..a98e549 100644 --- a/main.go +++ b/main.go @@ -275,12 +275,7 @@ func (t *TraefikOidc) ServeHTTP(rw http.ResponseWriter, req *http.Request) { authenticated, needsRefresh, expired := t.isUserAuthenticated(session) - if expired { - t.handleExpiredToken(rw, req, session) - return - } - - if !authenticated { + if expired || !authenticated { t.initiateAuthentication(rw, req, session, t.redirectURL) return } @@ -288,7 +283,7 @@ func (t *TraefikOidc) ServeHTTP(rw http.ResponseWriter, req *http.Request) { if needsRefresh { refreshed := t.refreshToken(rw, req, session) if !refreshed { - t.handleExpiredToken(rw, req, session) + t.initiateAuthentication(rw, req, session, t.redirectURL) return } }