diff --git a/Makefile b/Makefile index b23c462..926bfcb 100644 --- a/Makefile +++ b/Makefile @@ -4,4 +4,6 @@ VERSION := $(or $(VERSION),$(DEFAULT_VERSION)) cmd: cd server && go build -ldflags "-w -X main.Version=$(VERSION)" -o '../build/server' clean: - rm -rf build \ No newline at end of file + rm -rf build +test: + cd server && go test ./... \ No newline at end of file diff --git a/server/handlers/oauthCallback.go b/server/handlers/oauthCallback.go index e345da8..c8f7a7a 100644 --- a/server/handlers/oauthCallback.go +++ b/server/handlers/oauthCallback.go @@ -40,7 +40,7 @@ func processGoogleUserInfo(code string) (db.User, error) { // Parse and verify ID Token payload. idToken, err := verifier.Verify(ctx, rawIDToken) if err != nil { - return user, fmt.Errorf("unable to verify id_token:", err.Error()) + return user, fmt.Errorf("unable to verify id_token: %s", err.Error()) } // Extract custom claims diff --git a/server/utils/cookie.go b/server/utils/cookie.go index 7de2501..a37f187 100644 --- a/server/utils/cookie.go +++ b/server/utils/cookie.go @@ -11,9 +11,14 @@ func SetCookie(gc *gin.Context, token string) { secure := true httpOnly := true host := GetHostName(constants.AUTHORIZER_URL) + domain := GetDomainName(constants.AUTHORIZER_URL) + if domain != "localhost" { + domain = "." + domain + } gc.SetSameSite(http.SameSiteNoneMode) gc.SetCookie(constants.COOKIE_NAME, token, 3600, "/", host, secure, httpOnly) + gc.SetCookie(constants.COOKIE_NAME+"-client", token, 3600, "/", domain, secure, httpOnly) } func GetCookie(gc *gin.Context) (string, error) { @@ -29,8 +34,13 @@ func DeleteCookie(gc *gin.Context) { secure := true httpOnly := true - host := GetHostName(constants.AUTHORIZER_URL) + host := GetDomainName(constants.AUTHORIZER_URL) + domain := GetDomainName(constants.AUTHORIZER_URL) + if domain != "localhost" { + domain = "." + domain + } gc.SetSameSite(http.SameSiteNoneMode) gc.SetCookie(constants.COOKIE_NAME, "", -1, "/", host, secure, httpOnly) + gc.SetCookie(constants.COOKIE_NAME+"-client", "", -1, "/", domain, secure, httpOnly) } diff --git a/server/utils/urls.go b/server/utils/urls.go index 9b0b725..3a850f1 100644 --- a/server/utils/urls.go +++ b/server/utils/urls.go @@ -17,7 +17,7 @@ func GetHostName(auth_url string) string { return host } -// function to get domain name +// GetDomainName function to get domain name func GetDomainName(auth_url string) string { u, err := url.Parse(auth_url) if err != nil { diff --git a/server/utils/urls_test.go b/server/utils/urls_test.go new file mode 100644 index 0000000..b76d59c --- /dev/null +++ b/server/utils/urls_test.go @@ -0,0 +1,25 @@ +package utils + +import "testing" + +func TestGetHostName(t *testing.T) { + authorizer_url := "http://test.herokuapp.com" + + got := GetHostName(authorizer_url) + want := "test.herokuapp.com" + + if got != want { + t.Errorf("GetHostName Test failed got %s, wanted %s", got, want) + } +} + +func TestGetDomainName(t *testing.T) { + authorizer_url := "http://test.herokuapp.com" + + got := GetDomainName(authorizer_url) + want := "herokuapp.com" + + if got != want { + t.Errorf("GetHostName Test failed got %q, wanted %q", got, want) + } +}