Skip to content
Open
Changes from all commits
Commits
File filter

Filter by extension

Filter by extension

Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
26 changes: 2 additions & 24 deletions apisix/plugins/cas-auth.lua
Original file line number Diff line number Diff line change
Expand Up @@ -173,28 +173,6 @@ local function set_our_cookie(conf, name, val)
core.response.add_header("Set-Cookie", name .. "=" .. val .. cookie_attrs(conf))
end

-- nginx's $cookie_<name> variable doesn't reliably expose cookies whose names
-- exceed certain lengths in older OpenResty builds (the per-config cookie name
-- is "CAS_SESSION_<sha256-hex>"). Parse the raw Cookie header as a fallback.
local function get_cookie(ctx, name)
local val = ctx.var["cookie_" .. name]
if val ~= nil then
return val
end
local cookie_header = ctx.var.http_cookie
if not cookie_header then
return nil
end
local prefix = name .. "="
for piece in (cookie_header .. ";"):gmatch("([^;]+);") do
piece = piece:gsub("^%s+", "")
if piece:sub(1, #prefix) == prefix then
return piece:sub(#prefix + 1)
end
end
return nil
end

local function compute_hmac(secret, val)
local m, err = openssl_mac.new(secret, "HMAC", nil, "sha256")
if not m then return nil, err end
Expand Down Expand Up @@ -357,7 +335,7 @@ end

local function logout(conf, ctx)
local opts = session_opts(conf)
local session_id = get_cookie(ctx, opts.cookie_name)
local session_id = ctx.var["cookie_" .. opts.cookie_name]
if session_id == nil then
return ngx.HTTP_UNAUTHORIZED
end
Expand Down Expand Up @@ -399,7 +377,7 @@ function _M.access(conf, ctx)
return ngx.HTTP_OK
else
local opts = session_opts(conf)
local session_id = get_cookie(ctx, opts.cookie_name)
local session_id = ctx.var["cookie_" .. opts.cookie_name]
if session_id ~= nil then
return with_session_id(conf, ctx, opts, session_id)
end
Expand Down
Loading