From 5331bbbc95d1950795cab336c2135d31cb4c0a2b Mon Sep 17 00:00:00 2001
From: "Aeneas Rekkas (arekkas)" <aeneas@ory.am>
Date: Fri, 10 Feb 2017 23:52:38 +0100
Subject: [PATCH] oauth2: resolve issue with cookie store

---
 config/config.go  | 6 +++++-
 oauth2/handler.go | 6 ++----
 2 files changed, 7 insertions(+), 5 deletions(-)

diff --git a/config/config.go b/config/config.go
index 179e203f5ad..f35969ea22a 100644
--- a/config/config.go
+++ b/config/config.go
@@ -49,6 +49,7 @@ type Config struct {
 	AuthCodeLifespan       string `mapstructure:"AUTH_CODE_LIFESPAN" yaml:"-"`
 	IDTokenLifespan        string `mapstructure:"ID_TOKEN_LIFESPAN" yaml:"-"`
 	ChallengeTokenLifespan string `mapstructure:"CHALLENGE_TOKEN_LIFESPAN" yaml:"-"`
+	CookieSecret 	       string `mapstructure:"COOKIE_SECRET" yaml:"-"`
 	ForceHTTP              bool   `yaml:"-"`
 
 	cluster      *url.URL     `yaml:"-"`
@@ -275,7 +276,10 @@ func (c *Config) OAuth2Client(cmd *cobra.Command) *http.Client {
 }
 
 func (c *Config) GetCookieSecret() []byte {
-	return []byte(env.Getenv("COOKIE_SECRET", string(c.GetSystemSecret())))
+	if c.CookieSecret != "" {
+		return []byte(c.CookieSecret)
+	}
+	return c.GetSystemSecret()
 }
 
 func (c *Config) GetSystemSecret() []byte {
diff --git a/oauth2/handler.go b/oauth2/handler.go
index 6cb56e2d98d..e56c9e5a610 100644
--- a/oauth2/handler.go
+++ b/oauth2/handler.go
@@ -186,10 +186,8 @@ func (h *Handler) redirectToConsent(w http.ResponseWriter, r *http.Request, auth
 		schema = "http"
 	}
 
-	cookie, err := h.CookieStore.Get(r, consentCookieName)
-	if err != nil {
-		return err
-	}
+	// Error can be ignored because a session will always be returned
+	cookie, _ := h.CookieStore.Get(r, consentCookieName)
 
 	challenge, err := h.Consent.IssueChallenge(authorizeRequest, schema+"://"+r.Host+r.URL.String(), cookie)
 	if err != nil {