diff --git a/pkg/admin/wire_gen.go b/pkg/admin/wire_gen.go index 56800b731d..60d5330a12 100644 --- a/pkg/admin/wire_gen.go +++ b/pkg/admin/wire_gen.go @@ -373,14 +373,14 @@ func newGraphQLHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieFactory := deps.NewCookieFactory(request, trustProxy) - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -548,7 +548,7 @@ func newGraphQLHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -577,7 +577,7 @@ func newGraphQLHandler(p *deps.RequestProvider) http.Handler { Clock: clockClock, Random: rand, } - mfaCookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) + mfaCookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) interactionContext := &interaction.Context{ Request: request, Database: sqlExecutor, @@ -604,7 +604,7 @@ func newGraphQLHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef, diff --git a/pkg/auth/deps.go b/pkg/auth/deps.go index 437351b7c5..9ba5048c34 100644 --- a/pkg/auth/deps.go +++ b/pkg/auth/deps.go @@ -46,7 +46,8 @@ var DependencySet = wire.NewSet( wire.Bind(new(interaction.NonceService), new(*nonce.Service)), wire.Bind(new(webapp.GraphService), new(*interaction.Service)), - wire.Bind(new(webapp.CookieFactory), new(*httputil.CookieFactory)), + wire.Bind(new(webapp.CookieManager), new(*httputil.CookieManager)), + wire.Bind(new(handlerwebapp.CookieManager), new(*httputil.CookieManager)), wire.NewSet( wire.Struct(new(MainOriginProvider), "*"), diff --git a/pkg/auth/handler/webapp/cookie.go b/pkg/auth/handler/webapp/cookie.go new file mode 100644 index 0000000000..fd13068da5 --- /dev/null +++ b/pkg/auth/handler/webapp/cookie.go @@ -0,0 +1,13 @@ +package webapp + +import ( + "net/http" + + "github.com/authgear/authgear-server/pkg/util/httputil" +) + +type CookieManager interface { + GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error) + ValueCookie(def *httputil.CookieDef, value string) *http.Cookie + ClearCookie(def *httputil.CookieDef) *http.Cookie +} diff --git a/pkg/auth/handler/webapp/select_account.go b/pkg/auth/handler/webapp/select_account.go index e13e663664..01e515be37 100644 --- a/pkg/auth/handler/webapp/select_account.go +++ b/pkg/auth/handler/webapp/select_account.go @@ -47,6 +47,7 @@ type SelectAccountHandler struct { SignedUpCookie webapp.SignedUpCookieDef Users SelectAccountUserService Identities SelectAccountIdentityService + Cookies CookieManager } func (h *SelectAccountHandler) GetData(r *http.Request, rw http.ResponseWriter, userID string) (map[string]interface{}, error) { @@ -92,7 +93,7 @@ func (h *SelectAccountHandler) ServeHTTP(w http.ResponseWriter, r *http.Request) return nil } gotoSignupOrLogin := func() { - signedUpCookie, err := r.Cookie(h.SignedUpCookie.Def.Name) + signedUpCookie, err := h.Cookies.GetCookie(r, h.SignedUpCookie.Def) signedUp := (err == nil && signedUpCookie.Value == "true") path := GetAuthenticationEndpoint(signedUp, h.AuthenticationConfig.PublicSignupDisabled) http.Redirect(w, r, path, http.StatusFound) diff --git a/pkg/auth/webapp/client_id.go b/pkg/auth/webapp/client_id.go index 436e871311..07349986c4 100644 --- a/pkg/auth/webapp/client_id.go +++ b/pkg/auth/webapp/client_id.go @@ -11,7 +11,7 @@ type ClientIDMiddleware struct { States SessionMiddlewareStore SessionCookieDef SessionCookieDef ClientIDCookieDef ClientIDCookieDef - CookieFactory CookieFactory + Cookies CookieManager } func (m *ClientIDMiddleware) Handle(next http.Handler) http.Handler { @@ -21,7 +21,7 @@ func (m *ClientIDMiddleware) Handle(next http.Handler) http.Handler { // Persist client_id into cookie. // So that client_id no longer need to be present on the query. if ok { - cookie := m.CookieFactory.ValueCookie(m.ClientIDCookieDef.Def, clientID) + cookie := m.Cookies.ValueCookie(m.ClientIDCookieDef.Def, clientID) httputil.UpdateCookie(w, cookie) } @@ -47,7 +47,7 @@ func (m *ClientIDMiddleware) ReadClientID(r *http.Request) (clientID string, ok return } - if cookie, err := r.Cookie(m.SessionCookieDef.Def.Name); err == nil { + if cookie, err := m.Cookies.GetCookie(r, m.SessionCookieDef.Def); err == nil { if s, err := m.States.Get(cookie.Value); err == nil && s.ClientID != "" { clientID = s.ClientID ok = true @@ -55,7 +55,7 @@ func (m *ClientIDMiddleware) ReadClientID(r *http.Request) (clientID string, ok } } - if cookie, err := r.Cookie(m.ClientIDCookieDef.Def.Name); err == nil { + if cookie, err := m.Cookies.GetCookie(r, m.ClientIDCookieDef.Def); err == nil { clientID = cookie.Value ok = true return diff --git a/pkg/auth/webapp/cookie.go b/pkg/auth/webapp/cookie.go index 1fa8a5e2a3..084d5544b2 100644 --- a/pkg/auth/webapp/cookie.go +++ b/pkg/auth/webapp/cookie.go @@ -6,12 +6,12 @@ import ( "net/http" "github.com/authgear/authgear-server/pkg/api/apierrors" - "github.com/authgear/authgear-server/pkg/lib/config" "github.com/authgear/authgear-server/pkg/util/duration" "github.com/authgear/authgear-server/pkg/util/httputil" ) -type CookieFactory interface { +type CookieManager interface { + GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error) ValueCookie(def *httputil.CookieDef, value string) *http.Cookie ClearCookie(def *httputil.CookieDef) *http.Cookie } @@ -20,19 +20,14 @@ type SessionCookieDef struct { Def *httputil.CookieDef } -func NewSessionCookieDef(httpCfg *config.HTTPConfig) SessionCookieDef { +func NewSessionCookieDef() SessionCookieDef { def := &httputil.CookieDef{ - Name: httpCfg.CookiePrefix + "web_session", + NameSuffix: "web_session", Path: "/", AllowScriptAccess: false, SameSite: http.SameSiteNoneMode, // For resumption after redirecting from OAuth providers MaxAge: nil, // Use HTTP session cookie; expires when browser closes } - - if httpCfg.CookieDomain != nil { - def.Domain = *httpCfg.CookieDomain - } - return SessionCookieDef{Def: def} } @@ -40,19 +35,14 @@ type ErrorCookieDef struct { Def *httputil.CookieDef } -func NewErrorCookieDef(httpCfg *config.HTTPConfig) ErrorCookieDef { +func NewErrorCookieDef() ErrorCookieDef { def := &httputil.CookieDef{ - Name: httpCfg.CookiePrefix + "web_err", + NameSuffix: "web_err", Path: "/", AllowScriptAccess: false, SameSite: http.SameSiteLaxMode, MaxAge: nil, // Use HTTP session cookie; expires when browser closes } - - if httpCfg.CookieDomain != nil { - def.Domain = *httpCfg.CookieDomain - } - return ErrorCookieDef{Def: def} } @@ -60,46 +50,38 @@ type SignedUpCookieDef struct { Def *httputil.CookieDef } -func NewSignedUpCookieDef(httpCfg *config.HTTPConfig) SignedUpCookieDef { +func NewSignedUpCookieDef() SignedUpCookieDef { long := int(duration.Long.Seconds()) def := &httputil.CookieDef{ - Name: httpCfg.CookiePrefix + "signed_up", + NameSuffix: "signed_up", Path: "/", AllowScriptAccess: false, SameSite: http.SameSiteLaxMode, MaxAge: &long, } - - if httpCfg.CookieDomain != nil { - def.Domain = *httpCfg.CookieDomain - } - return SignedUpCookieDef{Def: def} } type ErrorCookie struct { - Cookie ErrorCookieDef - CookieFactory CookieFactory + Cookie ErrorCookieDef + Cookies CookieManager } type ClientIDCookieDef struct { Def *httputil.CookieDef } -func NewClientIDCookieDef(httpCfg *config.HTTPConfig) ClientIDCookieDef { +func NewClientIDCookieDef() ClientIDCookieDef { def := &httputil.CookieDef{ - Name: "client_id", - Path: "/", - SameSite: http.SameSiteNoneMode, - } - if httpCfg.CookieDomain != nil { - def.Domain = *httpCfg.CookieDomain + NameSuffix: "client_id", + Path: "/", + SameSite: http.SameSiteNoneMode, } return ClientIDCookieDef{Def: def} } func (c *ErrorCookie) GetError(r *http.Request) (*apierrors.APIError, bool) { - cookie, err := r.Cookie(c.Cookie.Def.Name) + cookie, err := c.Cookies.GetCookie(r, c.Cookie.Def) if err != nil || cookie.Value == "" { return nil, false } @@ -117,7 +99,7 @@ func (c *ErrorCookie) GetError(r *http.Request) (*apierrors.APIError, bool) { } func (c *ErrorCookie) ResetError() *http.Cookie { - cookie := c.CookieFactory.ClearCookie(c.Cookie.Def) + cookie := c.Cookies.ClearCookie(c.Cookie.Def) return cookie } @@ -128,6 +110,6 @@ func (c *ErrorCookie) SetError(value *apierrors.APIError) (*http.Cookie, error) } cookieValue := base64.RawURLEncoding.EncodeToString(data) - cookie := c.CookieFactory.ValueCookie(c.Cookie.Def, cookieValue) + cookie := c.Cookies.ValueCookie(c.Cookie.Def, cookieValue) return cookie, nil } diff --git a/pkg/auth/webapp/login_hint.go b/pkg/auth/webapp/login_hint.go index da5e321239..4e397abffe 100644 --- a/pkg/auth/webapp/login_hint.go +++ b/pkg/auth/webapp/login_hint.go @@ -29,10 +29,6 @@ type LoginHintPageService interface { PostWithIntent(session *Session, intent interaction.Intent, inputFn func() (interface{}, error)) (*Result, error) } -type LoginHintCookieFactory interface { - ValueCookie(def *httputil.CookieDef, value string) *http.Cookie -} - type LoginHintHandler struct { Config *config.OAuthConfig Anonymous AnonymousIdentityProvider @@ -40,7 +36,7 @@ type LoginHintHandler struct { AppSessionTokens oauth.AppSessionTokenStore AppSessions oauth.AppSessionStore Clock clock.Clock - CookieFactory CookieFactory + Cookies CookieManager SessionCookie session.CookieDef Pages LoginHintPageService } @@ -104,7 +100,7 @@ func (r *LoginHintHandler) HandleLoginHint(options HandleLoginHintOptions) (http return nil, nil } - cookie := r.CookieFactory.ValueCookie(r.SessionCookie.Def, token) + cookie := r.Cookies.ValueCookie(r.SessionCookie.Def, token) return &Result{ Cookies: []*http.Cookie{cookie}, RedirectURI: options.OriginalRedirectURI, diff --git a/pkg/auth/webapp/service2.go b/pkg/auth/webapp/service2.go index 108e8efb0b..43404bc2ea 100644 --- a/pkg/auth/webapp/service2.go +++ b/pkg/auth/webapp/service2.go @@ -48,7 +48,7 @@ type Service2 struct { SignedUpCookie SignedUpCookieDef MFADeviceTokenCookie mfa.CookieDef ErrorCookie *ErrorCookie - CookieFactory CookieFactory + Cookies CookieManager Graph GraphService } @@ -59,7 +59,7 @@ func (s *Service2) CreateSession(session *Session, redirectURI string) (*Result, } result := &Result{ RedirectURI: redirectURI, - Cookies: []*http.Cookie{s.CookieFactory.ValueCookie(s.SessionCookie.Def, session.ID)}, + Cookies: []*http.Cookie{s.Cookies.ValueCookie(s.SessionCookie.Def, session.ID)}, } return result, nil } @@ -164,7 +164,7 @@ func (s *Service2) doPost( switch kind { case SessionStepAuthenticate: authDeviceToken := "" - if deviceTokenCookie, err := s.Request.Cookie(s.MFADeviceTokenCookie.Def.Name); err == nil { + if deviceTokenCookie, err := s.Cookies.GetCookie(s.Request, s.MFADeviceTokenCookie.Def); err == nil { for _, edge := range edges { if _, ok := edge.(*nodes.EdgeUseDeviceToken); ok { authDeviceToken = deviceTokenCookie.Value @@ -354,7 +354,7 @@ func (s *Service2) afterPost( // Marked signed up in cookie after authorization. // When user visit auth ui root "/", redirect user to "/login" if // cookie exists - result.Cookies = append(result.Cookies, s.CookieFactory.ValueCookie(s.SignedUpCookie.Def, "true")) + result.Cookies = append(result.Cookies, s.Cookies.ValueCookie(s.SignedUpCookie.Def, "true")) default: // Use the default navigation action for any other intents. // That is, "advance" will be used. @@ -393,13 +393,13 @@ func (s *Service2) afterPost( if err != nil { return err } - result.Cookies = append(result.Cookies, s.CookieFactory.ClearCookie(s.SessionCookie.Def)) + result.Cookies = append(result.Cookies, s.Cookies.ClearCookie(s.SessionCookie.Def)) } else if isNewGraph { err := s.Sessions.Create(session) if err != nil { return err } - result.Cookies = append(result.Cookies, s.CookieFactory.ValueCookie(s.SessionCookie.Def, session.ID)) + result.Cookies = append(result.Cookies, s.Cookies.ValueCookie(s.SessionCookie.Def, session.ID)) } else if interactionErr == nil { err := s.Sessions.Update(session) if err != nil { diff --git a/pkg/auth/webapp/session_middleware.go b/pkg/auth/webapp/session_middleware.go index 032249446d..f5136296fe 100644 --- a/pkg/auth/webapp/session_middleware.go +++ b/pkg/auth/webapp/session_middleware.go @@ -12,9 +12,9 @@ type SessionMiddlewareStore interface { } type SessionMiddleware struct { - States SessionMiddlewareStore - Cookie SessionCookieDef - CookieFactory CookieFactory + States SessionMiddlewareStore + CookieDef SessionCookieDef + Cookies CookieManager } func (m *SessionMiddleware) Handle(next http.Handler) http.Handler { @@ -26,7 +26,7 @@ func (m *SessionMiddleware) Handle(next http.Handler) http.Handler { return } else if errors.Is(err, ErrInvalidSession) { // Clear the session before continuing - cookie := m.CookieFactory.ClearCookie(m.Cookie.Def) + cookie := m.Cookies.ClearCookie(m.CookieDef.Def) httputil.UpdateCookie(w, cookie) next.ServeHTTP(w, r) return @@ -41,7 +41,7 @@ func (m *SessionMiddleware) Handle(next http.Handler) http.Handler { } func (m *SessionMiddleware) loadSession(r *http.Request) (*Session, error) { - cookie, err := r.Cookie(m.Cookie.Def.Name) + cookie, err := m.Cookies.GetCookie(r, m.CookieDef.Def) if err != nil { return nil, ErrSessionNotFound } diff --git a/pkg/auth/webapp/ui_locales.go b/pkg/auth/webapp/ui_locales.go index 1869a10f21..f8a84c9dff 100644 --- a/pkg/auth/webapp/ui_locales.go +++ b/pkg/auth/webapp/ui_locales.go @@ -8,14 +8,14 @@ import ( ) // UILocalesCookieDef is a HTTP session cookie. -var UILocalesCookieDef = httputil.CookieDef{ - Name: "ui_locales", - Path: "/", - SameSite: http.SameSiteNoneMode, +var UILocalesCookieDef = &httputil.CookieDef{ + NameSuffix: "ui_locales", + Path: "/", + SameSite: http.SameSiteNoneMode, } type UILocalesMiddleware struct { - CookieFactory CookieFactory + Cookies CookieManager } func (m *UILocalesMiddleware) Handle(next http.Handler) http.Handler { @@ -26,13 +26,13 @@ func (m *UILocalesMiddleware) Handle(next http.Handler) http.Handler { // Persist ui_locales into cookie. // So that ui_locales no longer need to be present on the query. if uiLocales != "" { - cookie := m.CookieFactory.ValueCookie(&UILocalesCookieDef, uiLocales) + cookie := m.Cookies.ValueCookie(UILocalesCookieDef, uiLocales) httputil.UpdateCookie(w, cookie) } // Restore ui_locales from cookie if uiLocales == "" { - cookie, err := r.Cookie(UILocalesCookieDef.Name) + cookie, err := m.Cookies.GetCookie(r, UILocalesCookieDef) if err == nil { uiLocales = cookie.Value } diff --git a/pkg/auth/webapp/wechat_redirect_uri_middleware.go b/pkg/auth/webapp/wechat_redirect_uri_middleware.go index 39c5790712..74657eec33 100644 --- a/pkg/auth/webapp/wechat_redirect_uri_middleware.go +++ b/pkg/auth/webapp/wechat_redirect_uri_middleware.go @@ -8,21 +8,21 @@ import ( ) // WeChatRedirectURICookieDef is a HTTP session cookie. -var WeChatRedirectURICookieDef = httputil.CookieDef{ - Name: "wechat_redirect_uri", - Path: "/", - SameSite: http.SameSiteNoneMode, +var WeChatRedirectURICookieDef = &httputil.CookieDef{ + NameSuffix: "wechat_redirect_uri", + Path: "/", + SameSite: http.SameSiteNoneMode, } // PlatformCookieDef is a HTTP session cookie. -var PlatformCookieDef = httputil.CookieDef{ - Name: "platform", - Path: "/", - SameSite: http.SameSiteNoneMode, +var PlatformCookieDef = &httputil.CookieDef{ + NameSuffix: "platform", + Path: "/", + SameSite: http.SameSiteNoneMode, } type WeChatRedirectURIMiddleware struct { - CookieFactory CookieFactory + Cookies CookieManager } func (m *WeChatRedirectURIMiddleware) Handle(next http.Handler) http.Handler { @@ -33,13 +33,13 @@ func (m *WeChatRedirectURIMiddleware) Handle(next http.Handler) http.Handler { // Persist weChatRedirectURI. if weChatRedirectURI != "" { - cookie := m.CookieFactory.ValueCookie(&WeChatRedirectURICookieDef, weChatRedirectURI) + cookie := m.Cookies.ValueCookie(WeChatRedirectURICookieDef, weChatRedirectURI) httputil.UpdateCookie(w, cookie) } // Restore weChatRedirectURI from cookie if weChatRedirectURI == "" { - cookie, err := r.Cookie(WeChatRedirectURICookieDef.Name) + cookie, err := m.Cookies.GetCookie(r, WeChatRedirectURICookieDef) if err == nil { weChatRedirectURI = cookie.Value } @@ -54,12 +54,12 @@ func (m *WeChatRedirectURIMiddleware) Handle(next http.Handler) http.Handler { // Repeat the steps for platform platform := q.Get("x_platform") if platform != "" { - cookie := m.CookieFactory.ValueCookie(&PlatformCookieDef, platform) + cookie := m.Cookies.ValueCookie(PlatformCookieDef, platform) httputil.UpdateCookie(w, cookie) } if platform == "" { - cookie, err := r.Cookie(PlatformCookieDef.Name) + cookie, err := m.Cookies.GetCookie(r, PlatformCookieDef) if err == nil { platform = cookie.Value } diff --git a/pkg/auth/wire_gen.go b/pkg/auth/wire_gen.go index 39052fe004..e2748f8c16 100644 --- a/pkg/auth/wire_gen.go +++ b/pkg/auth/wire_gen.go @@ -112,15 +112,15 @@ func newOAuthAuthorizeHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) - cookieFactory := deps.NewCookieFactory(request, trustProxy) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } interactionLogger := interaction.NewLogger(factory) featureConfig := config.FeatureConfig @@ -352,13 +352,13 @@ func newOAuthAuthorizeHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } sessionManager := &oauth2.SessionManager{ Store: store, @@ -436,7 +436,7 @@ func newOAuthAuthorizeHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -556,7 +556,7 @@ func newOAuthAuthorizeHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -579,7 +579,7 @@ func newOAuthAuthorizeHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } authenticateURLProvider := &webapp.AuthenticateURLProvider{ @@ -596,7 +596,7 @@ func newOAuthAuthorizeHandler(p *deps.RequestProvider) http.Handler { AppSessionTokens: store, AppSessions: store, Clock: clock, - CookieFactory: cookieFactory, + Cookies: cookieManager, SessionCookie: cookieDef2, Pages: webappService2, } @@ -925,14 +925,14 @@ func newOAuthTokenHandler(p *deps.RequestProvider) http.Handler { Clock: clockClock, WelcomeMessageProvider: welcomemessageProvider, } - cookieFactory := deps.NewCookieFactory(request, trustProxy) - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: storeRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: storeRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } sessionManager := &oauth2.SessionManager{ Store: store, @@ -1017,7 +1017,7 @@ func newOAuthTokenHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -1091,7 +1091,7 @@ func newOAuthTokenHandler(p *deps.RequestProvider) http.Handler { Commands: commands, Queries: queries, } - mfaCookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) + mfaCookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) interactionContext := &interaction.Context{ Request: request, Database: sqlExecutor, @@ -1118,7 +1118,7 @@ func newOAuthTokenHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: provider, SessionManager: idpsessionManager, SessionCookie: cookieDef, @@ -1429,14 +1429,14 @@ func newOAuthRevokeHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieFactory := deps.NewCookieFactory(request, trustProxy) - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -1825,14 +1825,14 @@ func newOAuthJWKSHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieFactory := deps.NewCookieFactory(request, trustProxy) - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -2149,14 +2149,14 @@ func newOAuthUserInfoHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieFactory := deps.NewCookieFactory(request, trustProxy) - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -2477,14 +2477,14 @@ func newOAuthEndSessionHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieFactory := deps.NewCookieFactory(request, trustProxy) - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -2572,11 +2572,12 @@ func newOAuthEndSessionHandler(p *deps.RequestProvider) http.Handler { Events: eventService, } endSessionHandler := &handler2.EndSessionHandler{ - Config: oAuthConfig, - Endpoints: endpointsProvider, - URLs: urlProvider, - SessionManager: manager2, - SessionCookie: cookieDef, + Config: oAuthConfig, + Endpoints: endpointsProvider, + URLs: urlProvider, + SessionManager: manager2, + SessionCookieDef: cookieDef, + Cookies: cookieManager, } oauthEndSessionHandler := &oauth.EndSessionHandler{ Logger: endSessionHandlerLogger, @@ -2902,14 +2903,14 @@ func newOAuthAppSessionTokenHandler(p *deps.RequestProvider) http.Handler { Clock: clockClock, WelcomeMessageProvider: welcomemessageProvider, } - cookieFactory := deps.NewCookieFactory(request, trustProxy) - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: storeRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: storeRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } sessionManager := &oauth2.SessionManager{ Store: store, @@ -2994,7 +2995,7 @@ func newOAuthAppSessionTokenHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -3068,7 +3069,7 @@ func newOAuthAppSessionTokenHandler(p *deps.RequestProvider) http.Handler { Commands: commands, Queries: queries, } - mfaCookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) + mfaCookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) interactionContext := &interaction.Context{ Request: request, Database: sqlExecutor, @@ -3095,7 +3096,7 @@ func newOAuthAppSessionTokenHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: provider, SessionManager: idpsessionManager, SessionCookie: cookieDef, @@ -3171,19 +3172,19 @@ func newWebAppLoginHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -3425,13 +3426,13 @@ func newWebAppLoginHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -3527,7 +3528,7 @@ func newWebAppLoginHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -3647,7 +3648,7 @@ func newWebAppLoginHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -3670,13 +3671,13 @@ func newWebAppLoginHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -3742,19 +3743,19 @@ func newWebAppSignupHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -3996,13 +3997,13 @@ func newWebAppSignupHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -4098,7 +4099,7 @@ func newWebAppSignupHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -4218,7 +4219,7 @@ func newWebAppSignupHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -4241,13 +4242,13 @@ func newWebAppSignupHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -4313,19 +4314,19 @@ func newWebAppPromoteHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -4567,13 +4568,13 @@ func newWebAppPromoteHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -4669,7 +4670,7 @@ func newWebAppPromoteHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -4789,7 +4790,7 @@ func newWebAppPromoteHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -4812,13 +4813,13 @@ func newWebAppPromoteHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -4884,19 +4885,19 @@ func newWebAppSelectAccountHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -5138,13 +5139,13 @@ func newWebAppSelectAccountHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -5240,7 +5241,7 @@ func newWebAppSelectAccountHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -5360,7 +5361,7 @@ func newWebAppSelectAccountHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -5383,13 +5384,13 @@ func newWebAppSelectAccountHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -5436,6 +5437,7 @@ func newWebAppSelectAccountHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, Users: queries, Identities: serviceService, + Cookies: cookieManager, } return selectAccountHandler } @@ -5454,19 +5456,19 @@ func newWebAppSSOCallbackHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -5708,13 +5710,13 @@ func newWebAppSSOCallbackHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -5810,7 +5812,7 @@ func newWebAppSSOCallbackHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -5930,7 +5932,7 @@ func newWebAppSSOCallbackHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -5953,13 +5955,13 @@ func newWebAppSSOCallbackHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -6018,19 +6020,19 @@ func newWechatAuthHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -6272,13 +6274,13 @@ func newWechatAuthHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -6374,7 +6376,7 @@ func newWechatAuthHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -6494,7 +6496,7 @@ func newWechatAuthHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -6517,13 +6519,13 @@ func newWechatAuthHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -6585,19 +6587,19 @@ func newWechatCallbackHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -6839,13 +6841,13 @@ func newWechatCallbackHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -6941,7 +6943,7 @@ func newWechatCallbackHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -7061,7 +7063,7 @@ func newWechatCallbackHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -7084,13 +7086,13 @@ func newWechatCallbackHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -7155,19 +7157,19 @@ func newWebAppEnterLoginIDHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -7409,13 +7411,13 @@ func newWebAppEnterLoginIDHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -7511,7 +7513,7 @@ func newWebAppEnterLoginIDHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -7631,7 +7633,7 @@ func newWebAppEnterLoginIDHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -7654,13 +7656,13 @@ func newWebAppEnterLoginIDHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -7722,19 +7724,19 @@ func newWebAppEnterPasswordHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -7976,13 +7978,13 @@ func newWebAppEnterPasswordHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -8078,7 +8080,7 @@ func newWebAppEnterPasswordHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -8198,7 +8200,7 @@ func newWebAppEnterPasswordHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -8221,13 +8223,13 @@ func newWebAppEnterPasswordHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -8288,19 +8290,19 @@ func newWebAppCreatePasswordHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -8542,13 +8544,13 @@ func newWebAppCreatePasswordHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -8644,7 +8646,7 @@ func newWebAppCreatePasswordHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -8764,7 +8766,7 @@ func newWebAppCreatePasswordHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -8787,13 +8789,13 @@ func newWebAppCreatePasswordHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -8855,19 +8857,19 @@ func newWebAppSetupTOTPHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -9109,13 +9111,13 @@ func newWebAppSetupTOTPHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -9211,7 +9213,7 @@ func newWebAppSetupTOTPHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -9331,7 +9333,7 @@ func newWebAppSetupTOTPHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -9354,13 +9356,13 @@ func newWebAppSetupTOTPHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -9423,19 +9425,19 @@ func newWebAppEnterTOTPHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -9677,13 +9679,13 @@ func newWebAppEnterTOTPHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -9779,7 +9781,7 @@ func newWebAppEnterTOTPHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -9899,7 +9901,7 @@ func newWebAppEnterTOTPHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -9922,13 +9924,13 @@ func newWebAppEnterTOTPHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -9989,19 +9991,19 @@ func newWebAppSetupOOBOTPHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -10243,13 +10245,13 @@ func newWebAppSetupOOBOTPHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -10345,7 +10347,7 @@ func newWebAppSetupOOBOTPHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -10465,7 +10467,7 @@ func newWebAppSetupOOBOTPHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -10488,13 +10490,13 @@ func newWebAppSetupOOBOTPHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -10555,19 +10557,19 @@ func newWebAppEnterOOBOTPHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -10809,13 +10811,13 @@ func newWebAppEnterOOBOTPHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -10911,7 +10913,7 @@ func newWebAppEnterOOBOTPHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -11031,7 +11033,7 @@ func newWebAppEnterOOBOTPHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -11054,13 +11056,13 @@ func newWebAppEnterOOBOTPHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -11123,19 +11125,19 @@ func newWebAppEnterRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -11377,13 +11379,13 @@ func newWebAppEnterRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -11479,7 +11481,7 @@ func newWebAppEnterRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -11599,7 +11601,7 @@ func newWebAppEnterRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -11622,13 +11624,13 @@ func newWebAppEnterRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -11689,19 +11691,19 @@ func newWebAppSetupRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -11943,13 +11945,13 @@ func newWebAppSetupRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -12045,7 +12047,7 @@ func newWebAppSetupRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -12165,7 +12167,7 @@ func newWebAppSetupRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -12188,13 +12190,13 @@ func newWebAppSetupRecoveryCodeHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -12255,19 +12257,19 @@ func newWebAppVerifyIdentityHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -12509,13 +12511,13 @@ func newWebAppVerifyIdentityHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -12611,7 +12613,7 @@ func newWebAppVerifyIdentityHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -12731,7 +12733,7 @@ func newWebAppVerifyIdentityHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -12754,13 +12756,13 @@ func newWebAppVerifyIdentityHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -12824,19 +12826,19 @@ func newWebAppVerifyIdentitySuccessHandler(p *deps.RequestProvider) http.Handler AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -13078,13 +13080,13 @@ func newWebAppVerifyIdentitySuccessHandler(p *deps.RequestProvider) http.Handler Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -13180,7 +13182,7 @@ func newWebAppVerifyIdentitySuccessHandler(p *deps.RequestProvider) http.Handler } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -13300,7 +13302,7 @@ func newWebAppVerifyIdentitySuccessHandler(p *deps.RequestProvider) http.Handler Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -13323,13 +13325,13 @@ func newWebAppVerifyIdentitySuccessHandler(p *deps.RequestProvider) http.Handler SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -13390,19 +13392,19 @@ func newWebAppForgotPasswordHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -13644,13 +13646,13 @@ func newWebAppForgotPasswordHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -13746,7 +13748,7 @@ func newWebAppForgotPasswordHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -13866,7 +13868,7 @@ func newWebAppForgotPasswordHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -13889,13 +13891,13 @@ func newWebAppForgotPasswordHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -13961,19 +13963,19 @@ func newWebAppForgotPasswordSuccessHandler(p *deps.RequestProvider) http.Handler AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -14215,13 +14217,13 @@ func newWebAppForgotPasswordSuccessHandler(p *deps.RequestProvider) http.Handler Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -14317,7 +14319,7 @@ func newWebAppForgotPasswordSuccessHandler(p *deps.RequestProvider) http.Handler } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -14437,7 +14439,7 @@ func newWebAppForgotPasswordSuccessHandler(p *deps.RequestProvider) http.Handler Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -14460,13 +14462,13 @@ func newWebAppForgotPasswordSuccessHandler(p *deps.RequestProvider) http.Handler SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -14527,19 +14529,19 @@ func newWebAppResetPasswordHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -14781,13 +14783,13 @@ func newWebAppResetPasswordHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -14883,7 +14885,7 @@ func newWebAppResetPasswordHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -15003,7 +15005,7 @@ func newWebAppResetPasswordHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -15026,13 +15028,13 @@ func newWebAppResetPasswordHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -15094,19 +15096,19 @@ func newWebAppResetPasswordSuccessHandler(p *deps.RequestProvider) http.Handler AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -15348,13 +15350,13 @@ func newWebAppResetPasswordSuccessHandler(p *deps.RequestProvider) http.Handler Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -15450,7 +15452,7 @@ func newWebAppResetPasswordSuccessHandler(p *deps.RequestProvider) http.Handler } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -15570,7 +15572,7 @@ func newWebAppResetPasswordSuccessHandler(p *deps.RequestProvider) http.Handler Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -15593,13 +15595,13 @@ func newWebAppResetPasswordSuccessHandler(p *deps.RequestProvider) http.Handler SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -15660,19 +15662,19 @@ func newWebAppSettingsHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -15914,13 +15916,13 @@ func newWebAppSettingsHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -16016,7 +16018,7 @@ func newWebAppSettingsHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -16136,7 +16138,7 @@ func newWebAppSettingsHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -16159,13 +16161,13 @@ func newWebAppSettingsHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -16245,19 +16247,19 @@ func newWebAppSettingsIdentityHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -16499,13 +16501,13 @@ func newWebAppSettingsIdentityHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -16601,7 +16603,7 @@ func newWebAppSettingsIdentityHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -16721,7 +16723,7 @@ func newWebAppSettingsIdentityHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -16744,13 +16746,13 @@ func newWebAppSettingsIdentityHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -16813,19 +16815,19 @@ func newWebAppSettingsBiometricHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -17067,13 +17069,13 @@ func newWebAppSettingsBiometricHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -17169,7 +17171,7 @@ func newWebAppSettingsBiometricHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -17289,7 +17291,7 @@ func newWebAppSettingsBiometricHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -17312,13 +17314,13 @@ func newWebAppSettingsBiometricHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -17380,19 +17382,19 @@ func newWebAppSettingsMFAHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -17634,13 +17636,13 @@ func newWebAppSettingsMFAHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -17736,7 +17738,7 @@ func newWebAppSettingsMFAHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -17856,7 +17858,7 @@ func newWebAppSettingsMFAHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -17879,13 +17881,13 @@ func newWebAppSettingsMFAHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -17956,19 +17958,19 @@ func newWebAppSettingsTOTPHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -18210,13 +18212,13 @@ func newWebAppSettingsTOTPHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -18312,7 +18314,7 @@ func newWebAppSettingsTOTPHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -18432,7 +18434,7 @@ func newWebAppSettingsTOTPHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -18455,13 +18457,13 @@ func newWebAppSettingsTOTPHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -18523,19 +18525,19 @@ func newWebAppSettingsOOBOTPHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -18777,13 +18779,13 @@ func newWebAppSettingsOOBOTPHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -18879,7 +18881,7 @@ func newWebAppSettingsOOBOTPHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -18999,7 +19001,7 @@ func newWebAppSettingsOOBOTPHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -19022,13 +19024,13 @@ func newWebAppSettingsOOBOTPHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -19090,19 +19092,19 @@ func newWebAppSettingsRecoveryCodeHandler(p *deps.RequestProvider) http.Handler AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -19344,13 +19346,13 @@ func newWebAppSettingsRecoveryCodeHandler(p *deps.RequestProvider) http.Handler Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -19446,7 +19448,7 @@ func newWebAppSettingsRecoveryCodeHandler(p *deps.RequestProvider) http.Handler } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -19566,7 +19568,7 @@ func newWebAppSettingsRecoveryCodeHandler(p *deps.RequestProvider) http.Handler Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -19589,13 +19591,13 @@ func newWebAppSettingsRecoveryCodeHandler(p *deps.RequestProvider) http.Handler SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -19658,19 +19660,19 @@ func newWebAppSettingsSessionsHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -19912,13 +19914,13 @@ func newWebAppSettingsSessionsHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -20014,7 +20016,7 @@ func newWebAppSettingsSessionsHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -20134,7 +20136,7 @@ func newWebAppSettingsSessionsHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -20157,13 +20159,13 @@ func newWebAppSettingsSessionsHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -20231,19 +20233,19 @@ func newWebAppChangePasswordHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -20485,13 +20487,13 @@ func newWebAppChangePasswordHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -20587,7 +20589,7 @@ func newWebAppChangePasswordHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -20707,7 +20709,7 @@ func newWebAppChangePasswordHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -20730,13 +20732,13 @@ func newWebAppChangePasswordHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -20798,19 +20800,19 @@ func newWebAppChangeSecondaryPasswordHandler(p *deps.RequestProvider) http.Handl AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -21052,13 +21054,13 @@ func newWebAppChangeSecondaryPasswordHandler(p *deps.RequestProvider) http.Handl Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -21154,7 +21156,7 @@ func newWebAppChangeSecondaryPasswordHandler(p *deps.RequestProvider) http.Handl } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -21274,7 +21276,7 @@ func newWebAppChangeSecondaryPasswordHandler(p *deps.RequestProvider) http.Handl Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -21297,13 +21299,13 @@ func newWebAppChangeSecondaryPasswordHandler(p *deps.RequestProvider) http.Handl SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -21365,19 +21367,19 @@ func newWebAppUserDisabledHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -21619,13 +21621,13 @@ func newWebAppUserDisabledHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -21721,7 +21723,7 @@ func newWebAppUserDisabledHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -21841,7 +21843,7 @@ func newWebAppUserDisabledHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -21864,13 +21866,13 @@ func newWebAppUserDisabledHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -21931,19 +21933,19 @@ func newWebAppLogoutHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -22185,13 +22187,13 @@ func newWebAppLogoutHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -22287,7 +22289,7 @@ func newWebAppLogoutHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -22407,7 +22409,7 @@ func newWebAppLogoutHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -22430,13 +22432,13 @@ func newWebAppLogoutHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -22517,19 +22519,19 @@ func newWebAppReturnHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -22771,13 +22773,13 @@ func newWebAppReturnHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -22873,7 +22875,7 @@ func newWebAppReturnHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -22993,7 +22995,7 @@ func newWebAppReturnHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -23016,13 +23018,13 @@ func newWebAppReturnHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -23083,19 +23085,19 @@ func newWebAppErrorHandler(p *deps.RequestProvider) http.Handler { AppID: appID, Redis: redisHandle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - signedUpCookieDef := webapp.NewSignedUpCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + signedUpCookieDef := webapp.NewSignedUpCookieDef() authenticationConfig := appConfig.Authentication - cookieDef := mfa.NewDeviceTokenCookieDef(httpConfig, authenticationConfig) - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) + cookieDef := mfa.NewDeviceTokenCookieDef(authenticationConfig) + errorCookieDef := webapp.NewErrorCookieDef() rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } logger := interaction.NewLogger(factory) context := deps.ProvideRequestContext(request) @@ -23337,13 +23339,13 @@ func newWebAppErrorHandler(p *deps.RequestProvider) http.Handler { Logger: storeRedisLogger, } sessionConfig := appConfig.Session - cookieDef2 := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef2 := session.NewSessionCookieDef(sessionConfig) idpsessionManager := &idpsession.Manager{ - Store: idpsessionStoreRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef2, + Store: idpsessionStoreRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef2, } redisLogger := redis.NewLogger(factory) redisStore := &redis.Store{ @@ -23439,7 +23441,7 @@ func newWebAppErrorHandler(p *deps.RequestProvider) http.Handler { } responseWriter := p.ResponseWriter nonceService := &nonce.Service{ - CookieFactory: cookieFactory, + Cookies: cookieManager, Request: request, ResponseWriter: responseWriter, } @@ -23559,7 +23561,7 @@ func newWebAppErrorHandler(p *deps.RequestProvider) http.Handler { Challenges: challengeProvider, Users: userProvider, Events: eventService, - CookieFactory: cookieFactory, + CookieManager: cookieManager, Sessions: idpsessionProvider, SessionManager: idpsessionManager, SessionCookie: cookieDef2, @@ -23582,13 +23584,13 @@ func newWebAppErrorHandler(p *deps.RequestProvider) http.Handler { SignedUpCookie: signedUpCookieDef, MFADeviceTokenCookie: cookieDef, ErrorCookie: errorCookie, - CookieFactory: cookieFactory, + Cookies: cookieManager, Graph: interactionService, } uiConfig := appConfig.UI uiFeatureConfig := featureConfig.UI flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -23721,11 +23723,11 @@ func newPanicWebAppMiddleware(p *deps.RequestProvider) httproute.Middleware { } forgotPasswordConfig := appConfig.ForgotPassword authenticationConfig := appConfig.Authentication - errorCookieDef := webapp.NewErrorCookieDef(httpConfig) - cookieFactory := deps.NewCookieFactory(request, trustProxy) + errorCookieDef := webapp.NewErrorCookieDef() + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) errorCookie := &webapp.ErrorCookie{ - Cookie: errorCookieDef, - CookieFactory: cookieFactory, + Cookie: errorCookieDef, + Cookies: cookieManager, } defaultLanguageTag := deps.ProvideDefaultLanguageTag(config) supportedLanguageTags := deps.ProvideSupportedLanguageTags(config) @@ -23745,7 +23747,7 @@ func newPanicWebAppMiddleware(p *deps.RequestProvider) httproute.Middleware { } clockClock := _wireSystemClockValue flashMessage := &httputil.FlashMessage{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } baseViewModeler := &viewmodels.BaseViewModeler{ TrustProxy: trustProxy, @@ -23850,14 +23852,14 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { appProvider := p.AppProvider config := appProvider.Config appConfig := config.AppConfig - httpConfig := appConfig.HTTP sessionConfig := appConfig.Session - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) request := p.Request rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) context := deps.ProvideRequestContext(request) appID := appConfig.ID handle := appProvider.Redis @@ -23891,7 +23893,8 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { Random: idpsessionRand, } resolver := &idpsession.Resolver{ - Cookie: cookieDef, + Cookies: cookieManager, + CookieDef: cookieDef, Provider: provider, TrustProxy: trustProxy, Clock: clockClock, @@ -24147,11 +24150,11 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { WelcomeMessageProvider: welcomemessageProvider, } idpsessionManager := &idpsession.Manager{ - Store: storeRedis, - Clock: clockClock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: storeRedis, + Clock: clockClock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } sessionManager := &oauth2.SessionManager{ Store: store, @@ -24203,13 +24206,14 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { AppSessions: store, AccessTokenDecoder: accessTokenEncoding, Sessions: provider, - SessionCookie: cookieDef, + Cookies: cookieManager, + SessionCookieDef: cookieDef, Clock: clockClock, } middlewareLogger := session.NewMiddlewareLogger(factory) sessionMiddleware := &session.Middleware{ SessionCookie: cookieDef, - CookieFactory: cookieFactory, + Cookies: cookieManager, IDPSessionResolver: resolver, AccessTokenSessionResolver: oauthResolver, AccessEvents: eventProvider, @@ -24230,17 +24234,17 @@ func newWebAppSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { AppID: appID, Redis: handle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() request := p.Request rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) sessionMiddleware := &webapp.SessionMiddleware{ - States: sessionStoreRedis, - Cookie: sessionCookieDef, - CookieFactory: cookieFactory, + States: sessionStoreRedis, + CookieDef: sessionCookieDef, + Cookies: cookieManager, } return sessionMiddleware } @@ -24251,9 +24255,12 @@ func newWebAppUILocalesMiddleware(p *deps.RequestProvider) httproute.Middleware rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + config := appProvider.Config + appConfig := config.AppConfig + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) uiLocalesMiddleware := &webapp.UILocalesMiddleware{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } return uiLocalesMiddleware } @@ -24268,19 +24275,19 @@ func newWebAppClientIDMiddleware(p *deps.RequestProvider) httproute.Middleware { AppID: appID, Redis: handle, } - httpConfig := appConfig.HTTP - sessionCookieDef := webapp.NewSessionCookieDef(httpConfig) - clientIDCookieDef := webapp.NewClientIDCookieDef(httpConfig) + sessionCookieDef := webapp.NewSessionCookieDef() + clientIDCookieDef := webapp.NewClientIDCookieDef() request := p.Request rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) clientIDMiddleware := &webapp.ClientIDMiddleware{ States: sessionStoreRedis, SessionCookieDef: sessionCookieDef, ClientIDCookieDef: clientIDCookieDef, - CookieFactory: cookieFactory, + Cookies: cookieManager, } return clientIDMiddleware } @@ -24291,9 +24298,12 @@ func newWebAppWeChatRedirectURIMiddleware(p *deps.RequestProvider) httproute.Mid rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + config := appProvider.Config + appConfig := config.AppConfig + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) weChatRedirectURIMiddleware := &webapp.WeChatRedirectURIMiddleware{ - CookieFactory: cookieFactory, + Cookies: cookieManager, } return weChatRedirectURIMiddleware } diff --git a/pkg/lib/authn/mfa/cookie.go b/pkg/lib/authn/mfa/cookie.go index 93511dde21..732cf4a5a6 100644 --- a/pkg/lib/authn/mfa/cookie.go +++ b/pkg/lib/authn/mfa/cookie.go @@ -11,19 +11,15 @@ type CookieDef struct { Def *httputil.CookieDef } -func NewDeviceTokenCookieDef(httpCfg *config.HTTPConfig, cfg *config.AuthenticationConfig) CookieDef { +func NewDeviceTokenCookieDef(cfg *config.AuthenticationConfig) CookieDef { def := &httputil.CookieDef{ - Name: httpCfg.CookiePrefix + "mfa_device_token", - Path: "/", - SameSite: http.SameSiteStrictMode, + NameSuffix: "mfa_device_token", + Path: "/", + SameSite: http.SameSiteStrictMode, } maxAge := int(cfg.DeviceToken.ExpireIn.Duration().Seconds()) def.MaxAge = &maxAge - if httpCfg.CookieDomain != nil { - def.Domain = *httpCfg.CookieDomain - } - return CookieDef{Def: def} } diff --git a/pkg/lib/deps/deps_utils.go b/pkg/lib/deps/deps_utils.go index ce1f5ade4a..e6e2f64a7d 100644 --- a/pkg/lib/deps/deps_utils.go +++ b/pkg/lib/deps/deps_utils.go @@ -7,6 +7,9 @@ import ( "github.com/authgear/authgear-server/pkg/lib/config" "github.com/authgear/authgear-server/pkg/lib/interaction" + "github.com/authgear/authgear-server/pkg/lib/nonce" + "github.com/authgear/authgear-server/pkg/lib/oauth" + oidchandler "github.com/authgear/authgear-server/pkg/lib/oauth/oidc/handler" "github.com/authgear/authgear-server/pkg/lib/session" "github.com/authgear/authgear-server/pkg/lib/session/idpsession" "github.com/authgear/authgear-server/pkg/util/httputil" @@ -15,17 +18,30 @@ import ( var utilsDeps = wire.NewSet( wire.NewSet( httputil.DependencySet, - NewCookieFactory, - wire.Bind(new(session.CookieFactory), new(*httputil.CookieFactory)), - wire.Bind(new(idpsession.CookieFactory), new(*httputil.CookieFactory)), - wire.Bind(new(interaction.CookieFactory), new(*httputil.CookieFactory)), - wire.Bind(new(httputil.CookieFactoryInterface), new(*httputil.CookieFactory)), + NewCookieManager, + wire.Bind(new(session.CookieManager), new(*httputil.CookieManager)), + wire.Bind(new(idpsession.CookieManager), new(*httputil.CookieManager)), + wire.Bind(new(idpsession.ResolverCookieManager), new(*httputil.CookieManager)), + wire.Bind(new(oauth.ResolverCookieManager), new(*httputil.CookieManager)), + wire.Bind(new(oidchandler.CookieManager), new(*httputil.CookieManager)), + wire.Bind(new(interaction.CookieManager), new(*httputil.CookieManager)), + wire.Bind(new(httputil.FlashMessageCookieManager), new(*httputil.CookieManager)), + wire.Bind(new(nonce.CookieManager), new(*httputil.CookieManager)), ), ) -func NewCookieFactory(r *http.Request, trustProxy config.TrustProxy) *httputil.CookieFactory { - return &httputil.CookieFactory{ - Request: r, - TrustProxy: bool(trustProxy), +func NewCookieManager( + r *http.Request, + trustProxy config.TrustProxy, + httpCfg *config.HTTPConfig, +) *httputil.CookieManager { + m := &httputil.CookieManager{ + CookiePrefix: httpCfg.CookiePrefix, + Request: r, + TrustProxy: bool(trustProxy), } + if httpCfg.CookieDomain != nil { + m.CookieDomain = *httpCfg.CookieDomain + } + return m } diff --git a/pkg/lib/interaction/context.go b/pkg/lib/interaction/context.go index 7211dc79f2..0bfe197e85 100644 --- a/pkg/lib/interaction/context.go +++ b/pkg/lib/interaction/context.go @@ -154,7 +154,7 @@ type VerificationCodeSender interface { SendCode(code *verification.Code) error } -type CookieFactory interface { +type CookieManager interface { ValueCookie(def *httputil.CookieDef, value string) *http.Cookie ClearCookie(def *httputil.CookieDef) *http.Cookie } @@ -206,7 +206,7 @@ type Context struct { Challenges ChallengeProvider Users UserService Events EventService - CookieFactory CookieFactory + CookieManager CookieManager Sessions SessionProvider SessionManager SessionManager SessionCookie session.CookieDef diff --git a/pkg/lib/interaction/nodes/do_ensure_session.go b/pkg/lib/interaction/nodes/do_ensure_session.go index 3037c2e315..5923f3bf2d 100644 --- a/pkg/lib/interaction/nodes/do_ensure_session.go +++ b/pkg/lib/interaction/nodes/do_ensure_session.go @@ -41,7 +41,7 @@ func (e *EdgeDoEnsureSession) Instantiate(ctx *interaction.Context, graph *inter attrs := session.NewAttrs(userID) attrs.SetAMR(amr) sessionToCreate, token := ctx.Sessions.MakeSession(attrs) - sessionCookie := ctx.CookieFactory.ValueCookie(ctx.SessionCookie.Def, token) + sessionCookie := ctx.CookieManager.ValueCookie(ctx.SessionCookie.Def, token) var updateSessionID string var updateSessionAMR []string @@ -62,7 +62,7 @@ func (e *EdgeDoEnsureSession) Instantiate(ctx *interaction.Context, graph *inter sessionCookie = nil } - sameSiteStrictCookie := ctx.CookieFactory.ValueCookie( + sameSiteStrictCookie := ctx.CookieManager.ValueCookie( ctx.SessionCookie.SameSiteStrictDef, "true", ) diff --git a/pkg/lib/interaction/nodes/do_use_authenticator.go b/pkg/lib/interaction/nodes/do_use_authenticator.go index 11d8e1c04b..6131f80103 100644 --- a/pkg/lib/interaction/nodes/do_use_authenticator.go +++ b/pkg/lib/interaction/nodes/do_use_authenticator.go @@ -36,7 +36,7 @@ func (e *EdgeDoUseAuthenticator) Instantiate(ctx *interaction.Context, graph *in if err != nil { return nil, err } - cookie := ctx.CookieFactory.ValueCookie(ctx.MFADeviceTokenCookie.Def, token) + cookie := ctx.CookieManager.ValueCookie(ctx.MFADeviceTokenCookie.Def, token) n.DeviceTokenCookie = cookie } } diff --git a/pkg/lib/interaction/nodes/use_device_token.go b/pkg/lib/interaction/nodes/use_device_token.go index aae692e402..02ed190f34 100644 --- a/pkg/lib/interaction/nodes/use_device_token.go +++ b/pkg/lib/interaction/nodes/use_device_token.go @@ -26,7 +26,7 @@ func (e *EdgeUseDeviceToken) Instantiate(ctx *interaction.Context, graph *intera err := ctx.MFA.VerifyDeviceToken(userID, deviceToken) if errors.Is(err, mfa.ErrDeviceTokenNotFound) { - cookie := ctx.CookieFactory.ClearCookie(ctx.MFADeviceTokenCookie.Def) + cookie := ctx.CookieManager.ClearCookie(ctx.MFADeviceTokenCookie.Def) return nil, &interaction.ErrClearCookie{ Cookies: []*http.Cookie{cookie}, Inner: interaction.ErrSameNode, diff --git a/pkg/lib/nonce/nonce.go b/pkg/lib/nonce/nonce.go index d1b5e6aa83..9e7be3face 100644 --- a/pkg/lib/nonce/nonce.go +++ b/pkg/lib/nonce/nonce.go @@ -9,31 +9,37 @@ import ( ) var cookieDef = &httputil.CookieDef{ - Name: "nonce", - Path: "/", - SameSite: http.SameSiteNoneMode, + NameSuffix: "nonce", + Path: "/", + SameSite: http.SameSiteNoneMode, +} + +type CookieManager interface { + GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error) + ValueCookie(def *httputil.CookieDef, value string) *http.Cookie + ClearCookie(def *httputil.CookieDef) *http.Cookie } type Service struct { - CookieFactory *httputil.CookieFactory + Cookies CookieManager Request *http.Request ResponseWriter http.ResponseWriter } func (s *Service) GenerateAndSet() string { n := rand.StringWithAlphabet(32, base32.Alphabet, rand.SecureRand) - cookie := s.CookieFactory.ValueCookie(cookieDef, n) + cookie := s.Cookies.ValueCookie(cookieDef, n) httputil.UpdateCookie(s.ResponseWriter, cookie) return n } func (s *Service) GetAndClear() string { - cookie, err := s.Request.Cookie(cookieDef.Name) + cookie, err := s.Cookies.GetCookie(s.Request, cookieDef) if err != nil { return "" } n := cookie.Value - cookie = s.CookieFactory.ClearCookie(cookieDef) + cookie = s.Cookies.ClearCookie(cookieDef) httputil.UpdateCookie(s.ResponseWriter, cookie) return n } diff --git a/pkg/lib/oauth/oidc/handler/handler_end_session.go b/pkg/lib/oauth/oidc/handler/handler_end_session.go index 60d6270343..b7d38d948a 100644 --- a/pkg/lib/oauth/oidc/handler/handler_end_session.go +++ b/pkg/lib/oauth/oidc/handler/handler_end_session.go @@ -8,6 +8,7 @@ import ( "github.com/authgear/authgear-server/pkg/lib/oauth/oidc" "github.com/authgear/authgear-server/pkg/lib/oauth/oidc/protocol" "github.com/authgear/authgear-server/pkg/lib/session" + "github.com/authgear/authgear-server/pkg/util/httputil" "github.com/authgear/authgear-server/pkg/util/urlutil" ) @@ -15,20 +16,26 @@ type WebAppURLsProvider interface { LogoutURL(redirectURI *url.URL) *url.URL SettingsURL() *url.URL } + type LogoutSessionManager interface { Logout(session.Session, http.ResponseWriter) error } +type CookieManager interface { + GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error) +} + type EndSessionHandler struct { - Config *config.OAuthConfig - Endpoints oidc.EndpointsProvider - URLs WebAppURLsProvider - SessionManager LogoutSessionManager - SessionCookie session.CookieDef + Config *config.OAuthConfig + Endpoints oidc.EndpointsProvider + URLs WebAppURLsProvider + SessionManager LogoutSessionManager + SessionCookieDef session.CookieDef + Cookies CookieManager } func (h *EndSessionHandler) Handle(s session.Session, req protocol.EndSessionRequest, r *http.Request, rw http.ResponseWriter) error { - sameSiteStrict, err := r.Cookie(h.SessionCookie.SameSiteStrictDef.Name) + sameSiteStrict, err := h.Cookies.GetCookie(r, h.SessionCookieDef.SameSiteStrictDef) if s != nil && err == nil && sameSiteStrict.Value == "true" { // Logout directly. err := h.SessionManager.Logout(s, rw) diff --git a/pkg/lib/oauth/resolver.go b/pkg/lib/oauth/resolver.go index 0f2637aa79..816334bd8b 100644 --- a/pkg/lib/oauth/resolver.go +++ b/pkg/lib/oauth/resolver.go @@ -10,6 +10,7 @@ import ( "github.com/authgear/authgear-server/pkg/lib/session/access" "github.com/authgear/authgear-server/pkg/lib/session/idpsession" "github.com/authgear/authgear-server/pkg/util/clock" + "github.com/authgear/authgear-server/pkg/util/httputil" ) type ResolverSessionProvider interface { @@ -20,6 +21,10 @@ type AccessTokenDecoder interface { DecodeAccessToken(encodedToken string) (tok string, isHash bool, err error) } +type ResolverCookieManager interface { + GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error) +} + type Resolver struct { OAuthConfig *config.OAuthConfig TrustProxy config.TrustProxy @@ -29,7 +34,8 @@ type Resolver struct { AppSessions AppSessionStore AccessTokenDecoder AccessTokenDecoder Sessions ResolverSessionProvider - SessionCookie session.CookieDef + Cookies ResolverCookieManager + SessionCookieDef session.CookieDef Clock clock.Clock } @@ -135,7 +141,7 @@ func (re *Resolver) resolveHeader(r *http.Request) (session.Session, error) { } func (re *Resolver) resolveCookie(r *http.Request) (session.Session, error) { - cookie, err := r.Cookie(re.SessionCookie.Def.Name) + cookie, err := re.Cookies.GetCookie(r, re.SessionCookieDef.Def) if err != nil { // No session cookie. Simply proceed. return nil, nil diff --git a/pkg/lib/session/cookie.go b/pkg/lib/session/cookie.go index f4c37dec10..ce327d5fcd 100644 --- a/pkg/lib/session/cookie.go +++ b/pkg/lib/session/cookie.go @@ -7,7 +7,8 @@ import ( "github.com/authgear/authgear-server/pkg/util/httputil" ) -type CookieFactory interface { +type CookieManager interface { + GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error) ClearCookie(def *httputil.CookieDef) *http.Cookie } @@ -16,17 +17,17 @@ type CookieDef struct { SameSiteStrictDef *httputil.CookieDef } -func NewSessionCookieDef(httpCfg *config.HTTPConfig, sessionCfg *config.SessionConfig) CookieDef { +func NewSessionCookieDef(sessionCfg *config.SessionConfig) CookieDef { def := &httputil.CookieDef{ - Name: httpCfg.CookiePrefix + "session", - Path: "/", - SameSite: http.SameSiteLaxMode, + NameSuffix: "session", + Path: "/", + SameSite: http.SameSiteLaxMode, } strictDef := &httputil.CookieDef{ - Name: httpCfg.CookiePrefix + "same_site_strict", - Path: "/", - SameSite: http.SameSiteStrictMode, + NameSuffix: "same_site_strict", + Path: "/", + SameSite: http.SameSiteStrictMode, } if sessionCfg.CookieNonPersistent { @@ -40,11 +41,6 @@ func NewSessionCookieDef(httpCfg *config.HTTPConfig, sessionCfg *config.SessionC strictDef.MaxAge = &maxAge } - if httpCfg.CookieDomain != nil { - def.Domain = *httpCfg.CookieDomain - strictDef.Domain = *httpCfg.CookieDomain - } - return CookieDef{ Def: def, SameSiteStrictDef: strictDef, diff --git a/pkg/lib/session/idpsession/manager.go b/pkg/lib/session/idpsession/manager.go index 9082dd8e33..f1cae04840 100644 --- a/pkg/lib/session/idpsession/manager.go +++ b/pkg/lib/session/idpsession/manager.go @@ -11,22 +11,22 @@ import ( "github.com/authgear/authgear-server/pkg/util/httputil" ) -type CookieFactory interface { +type CookieManager interface { ClearCookie(def *httputil.CookieDef) *http.Cookie } type Manager struct { - Store Store - Clock clock.Clock - Config *config.SessionConfig - CookieFactory CookieFactory - CookieDef session.CookieDef + Store Store + Clock clock.Clock + Config *config.SessionConfig + Cookies CookieManager + CookieDef session.CookieDef } func (m *Manager) ClearCookie() []*http.Cookie { return []*http.Cookie{ - m.CookieFactory.ClearCookie(m.CookieDef.Def), - m.CookieFactory.ClearCookie(m.CookieDef.SameSiteStrictDef), + m.Cookies.ClearCookie(m.CookieDef.Def), + m.Cookies.ClearCookie(m.CookieDef.SameSiteStrictDef), } } diff --git a/pkg/lib/session/idpsession/resolver.go b/pkg/lib/session/idpsession/resolver.go index 8f7184e340..89bbf60c83 100644 --- a/pkg/lib/session/idpsession/resolver.go +++ b/pkg/lib/session/idpsession/resolver.go @@ -8,21 +8,27 @@ import ( "github.com/authgear/authgear-server/pkg/lib/session" "github.com/authgear/authgear-server/pkg/lib/session/access" "github.com/authgear/authgear-server/pkg/util/clock" + "github.com/authgear/authgear-server/pkg/util/httputil" ) type resolverProvider interface { AccessWithToken(token string, accessEvent access.Event) (*IDPSession, error) } +type ResolverCookieManager interface { + GetCookie(r *http.Request, def *httputil.CookieDef) (*http.Cookie, error) +} + type Resolver struct { - Cookie session.CookieDef + Cookies ResolverCookieManager + CookieDef session.CookieDef Provider resolverProvider TrustProxy config.TrustProxy Clock clock.Clock } func (re *Resolver) Resolve(rw http.ResponseWriter, r *http.Request) (session.Session, error) { - cookie, err := r.Cookie(re.Cookie.Def.Name) + cookie, err := re.Cookies.GetCookie(r, re.CookieDef.Def) if err != nil { // No cookie. Simply proceed. return nil, nil diff --git a/pkg/lib/session/idpsession/resolver_test.go b/pkg/lib/session/idpsession/resolver_test.go index 4a2aa63638..4d9cbcd250 100644 --- a/pkg/lib/session/idpsession/resolver_test.go +++ b/pkg/lib/session/idpsession/resolver_test.go @@ -30,12 +30,12 @@ func (r *mockResolverProvider) AccessWithToken(token string, accessEvent access. func TestResolver(t *testing.T) { Convey("Resolver", t, func() { + cookieManager := &httputil.CookieManager{} cookie := session.CookieDef{ Def: &httputil.CookieDef{ - Name: "session", - Path: "/", - Domain: "app.test", - MaxAge: nil, + NameSuffix: "session", + Path: "/", + MaxAge: nil, }, } provider := &mockResolverProvider{} @@ -50,7 +50,8 @@ func TestResolver(t *testing.T) { } resolver := Resolver{ - Cookie: cookie, + Cookies: cookieManager, + CookieDef: cookie, Provider: provider, TrustProxy: true, Clock: clock.NewMockClock(), diff --git a/pkg/lib/session/middleware.go b/pkg/lib/session/middleware.go index fc9bd33de0..691697b018 100644 --- a/pkg/lib/session/middleware.go +++ b/pkg/lib/session/middleware.go @@ -28,7 +28,7 @@ func NewMiddlewareLogger(lf *log.Factory) MiddlewareLogger { type Middleware struct { SessionCookie CookieDef - CookieFactory CookieFactory + Cookies CookieManager IDPSessionResolver IDPSessionResolver AccessTokenSessionResolver AccessTokenSessionResolver AccessEvents *access.EventProvider @@ -43,8 +43,8 @@ func (m *Middleware) Handle(next http.Handler) http.Handler { if errors.Is(err, ErrInvalidSession) { // Clear invalid session cookie if exist - if _, err := r.Cookie(m.SessionCookie.Def.Name); err == nil { - cookie := m.CookieFactory.ClearCookie(m.SessionCookie.Def) + if _, err := m.Cookies.GetCookie(r, m.SessionCookie.Def); err == nil { + cookie := m.Cookies.ClearCookie(m.SessionCookie.Def) httputil.UpdateCookie(rw, cookie) } diff --git a/pkg/resolver/wire_gen.go b/pkg/resolver/wire_gen.go index d733afd164..3d8404f2f0 100644 --- a/pkg/resolver/wire_gen.go +++ b/pkg/resolver/wire_gen.go @@ -83,14 +83,14 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { appProvider := p.AppProvider config := appProvider.Config appConfig := config.AppConfig - httpConfig := appConfig.HTTP sessionConfig := appConfig.Session - cookieDef := session.NewSessionCookieDef(httpConfig, sessionConfig) + cookieDef := session.NewSessionCookieDef(sessionConfig) request := p.Request rootProvider := appProvider.RootProvider environmentConfig := rootProvider.EnvironmentConfig trustProxy := environmentConfig.TrustProxy - cookieFactory := deps.NewCookieFactory(request, trustProxy) + httpConfig := appConfig.HTTP + cookieManager := deps.NewCookieManager(request, trustProxy, httpConfig) context := deps.ProvideRequestContext(request) appID := appConfig.ID handle := appProvider.Redis @@ -124,7 +124,8 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { Random: rand, } resolver := &idpsession.Resolver{ - Cookie: cookieDef, + Cookies: cookieManager, + CookieDef: cookieDef, Provider: provider, TrustProxy: trustProxy, Clock: clock, @@ -376,11 +377,11 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { WelcomeMessageProvider: welcomemessageProvider, } idpsessionManager := &idpsession.Manager{ - Store: storeRedis, - Clock: clock, - Config: sessionConfig, - CookieFactory: cookieFactory, - CookieDef: cookieDef, + Store: storeRedis, + Clock: clock, + Config: sessionConfig, + Cookies: cookieManager, + CookieDef: cookieDef, } sessionManager := &oauth2.SessionManager{ Store: store, @@ -432,13 +433,14 @@ func newSessionMiddleware(p *deps.RequestProvider) httproute.Middleware { AppSessions: store, AccessTokenDecoder: accessTokenEncoding, Sessions: provider, - SessionCookie: cookieDef, + Cookies: cookieManager, + SessionCookieDef: cookieDef, Clock: clock, } middlewareLogger := session.NewMiddlewareLogger(factory) sessionMiddleware := &session.Middleware{ SessionCookie: cookieDef, - CookieFactory: cookieFactory, + Cookies: cookieManager, IDPSessionResolver: resolver, AccessTokenSessionResolver: oauthResolver, AccessEvents: eventProvider, diff --git a/pkg/util/httputil/cookie.go b/pkg/util/httputil/cookie.go index f314e8d64f..1aaed770af 100644 --- a/pkg/util/httputil/cookie.go +++ b/pkg/util/httputil/cookie.go @@ -10,9 +10,11 @@ import ( ) type CookieDef struct { - Name string - Path string - Domain string + // NameSuffix means the cookie could have prefix. + NameSuffix string + Path string + // Domain is omitted because it is controlled somewhere else. + // Domain string AllowScriptAccess bool SameSite http.SameSite MaxAge *int @@ -70,12 +72,14 @@ func CookieDomainFromETLDPlusOneWithoutPort(host string) string { return host } -type CookieFactory struct { - Request *http.Request - TrustProxy bool +type CookieManager struct { + Request *http.Request + TrustProxy bool + CookiePrefix string + CookieDomain string } -func (f *CookieFactory) fixupCookie(cookie *http.Cookie) { +func (f *CookieManager) fixupCookie(cookie *http.Cookie) { host := GetHost(f.Request, f.TrustProxy) proto := GetProto(f.Request, f.TrustProxy) @@ -90,11 +94,23 @@ func (f *CookieFactory) fixupCookie(cookie *http.Cookie) { } } -func (f *CookieFactory) ValueCookie(def *CookieDef, value string) *http.Cookie { +// CookieName returns the full name, that is, CookiePrefix followed by NameSuffix. +func (f *CookieManager) CookieName(def *CookieDef) string { + return f.CookiePrefix + def.NameSuffix +} + +// GetCookie is wrapper around http.Request.Cookie, taking care of cookie name. +func (f *CookieManager) GetCookie(r *http.Request, def *CookieDef) (*http.Cookie, error) { + cookieName := f.CookieName(def) + return r.Cookie(cookieName) +} + +// ValueCookie generates a cookie that when set, the cookie is set to the specified value. +func (f *CookieManager) ValueCookie(def *CookieDef, value string) *http.Cookie { cookie := &http.Cookie{ - Name: def.Name, + Name: f.CookieName(def), Path: def.Path, - Domain: def.Domain, + Domain: f.CookieDomain, HttpOnly: !def.AllowScriptAccess, SameSite: def.SameSite, } @@ -109,11 +125,12 @@ func (f *CookieFactory) ValueCookie(def *CookieDef, value string) *http.Cookie { return cookie } -func (f *CookieFactory) ClearCookie(def *CookieDef) *http.Cookie { +// ClearCookie generates a cookie that when set, the cookie is clear. +func (f *CookieManager) ClearCookie(def *CookieDef) *http.Cookie { cookie := &http.Cookie{ - Name: def.Name, + Name: f.CookieName(def), Path: def.Path, - Domain: def.Domain, + Domain: f.CookieDomain, HttpOnly: !def.AllowScriptAccess, SameSite: def.SameSite, Expires: time.Unix(0, 0), diff --git a/pkg/util/httputil/flash_message.go b/pkg/util/httputil/flash_message.go index 7c3e5fa5da..9c4db9a3c7 100644 --- a/pkg/util/httputil/flash_message.go +++ b/pkg/util/httputil/flash_message.go @@ -1,38 +1,41 @@ package httputil -import "net/http" +import ( + "net/http" +) // FlashMessageTypeCookieDef is a HTTP session cookie. -var FlashMessageTypeCookieDef = CookieDef{ - Name: "flash_message_type", - Path: "/", - SameSite: http.SameSiteNoneMode, +var FlashMessageTypeCookieDef = &CookieDef{ + NameSuffix: "flash_message_type", + Path: "/", + SameSite: http.SameSiteNoneMode, } -type CookieFactoryInterface interface { +type FlashMessageCookieManager interface { + GetCookie(r *http.Request, def *CookieDef) (*http.Cookie, error) ValueCookie(def *CookieDef, value string) *http.Cookie ClearCookie(def *CookieDef) *http.Cookie } type FlashMessage struct { - CookieFactory CookieFactoryInterface + Cookies FlashMessageCookieManager } func (f *FlashMessage) Pop(r *http.Request, rw http.ResponseWriter) string { - cookie, err := r.Cookie(FlashMessageTypeCookieDef.Name) + cookie, err := f.Cookies.GetCookie(r, FlashMessageTypeCookieDef) if err != nil { return "" } messageType := cookie.Value - clearCookie := f.CookieFactory.ClearCookie(&FlashMessageTypeCookieDef) + clearCookie := f.Cookies.ClearCookie(FlashMessageTypeCookieDef) UpdateCookie(rw, clearCookie) return messageType } func (f *FlashMessage) Flash(rw http.ResponseWriter, messageType string) { - cookie := f.CookieFactory.ValueCookie(&FlashMessageTypeCookieDef, messageType) + cookie := f.Cookies.ValueCookie(FlashMessageTypeCookieDef, messageType) UpdateCookie(rw, cookie) }