oauth2: resolve issue with cookie store

ory · Feb 11, 2017 · 5331bbb · 5331bbb
1 parent 8fc3c7b
commit 5331bbb
Show file tree

Hide file tree

Showing 2 changed files with 7 additions and 5 deletions.
diff --git a/config/config.go b/config/config.go
@@ -49,6 +49,7 @@ type Config struct {
  AuthCodeLifespan string `mapstructure:"AUTH_CODE_LIFESPAN" yaml:"-"`
  IDTokenLifespan string `mapstructure:"ID_TOKEN_LIFESPAN" yaml:"-"`
  ChallengeTokenLifespan string `mapstructure:"CHALLENGE_TOKEN_LIFESPAN" yaml:"-"`
+ CookieSecret string `mapstructure:"COOKIE_SECRET" yaml:"-"`
  ForceHTTP bool `yaml:"-"`
 
  cluster *url.URL `yaml:"-"`
@@ -275,7 +276,10 @@ func (c *Config) OAuth2Client(cmd *cobra.Command) *http.Client {
 }
 
 func (c *Config) GetCookieSecret() []byte {
- return []byte(env.Getenv("COOKIE_SECRET", string(c.GetSystemSecret())))
+ if c.CookieSecret != "" {
+ return []byte(c.CookieSecret)
+ }
+ return c.GetSystemSecret()
 }
 
 func (c *Config) GetSystemSecret() []byte {

diff --git a/oauth2/handler.go b/oauth2/handler.go
@@ -186,10 +186,8 @@ func (h *Handler) redirectToConsent(w http.ResponseWriter, r *http.Request, auth
  schema = "http"
  }
 
- cookie, err := h.CookieStore.Get(r, consentCookieName)
- if err != nil {
- return err
- }
+ // Error can be ignored because a session will always be returned
+ cookie, _ := h.CookieStore.Get(r, consentCookieName)
 
  challenge, err := h.Consent.IssueChallenge(authorizeRequest, schema+"://"+r.Host+r.URL.String(), cookie)
  if err != nil {