From 2dbeb03aed5a5b17b18304666a8954646535511a Mon Sep 17 00:00:00 2001 From: Chocobozzz Date: Tue, 29 Dec 2020 15:23:16 +0100 Subject: [PATCH] Refactor openid cookie options --- peertube-plugin-auth-openid-connect/main.js | 15 ++++++--------- 1 file changed, 6 insertions(+), 9 deletions(-) diff --git a/peertube-plugin-auth-openid-connect/main.js b/peertube-plugin-auth-openid-connect/main.js index 9680ae1..8fad0c6 100644 --- a/peertube-plugin-auth-openid-connect/main.js +++ b/peertube-plugin-auth-openid-connect/main.js @@ -189,21 +189,18 @@ async function loadSettingsAndCreateClient (registerExternalAuth, unregisterExte state, }) - const encryptedCodeVerifier = await encrypt(codeVerifier) - res.cookie(cookieNamePrefix + 'code-verifier', encryptedCodeVerifier, { + const cookieOptions = { secure: webserverUrl.startsWith('https://'), httpOnly: true, sameSite: 'none', maxAge: 1000 * 60 * 10 // 10 minutes - }) + } + + const encryptedCodeVerifier = await encrypt(codeVerifier) + res.cookie(cookieNamePrefix + 'code-verifier', encryptedCodeVerifier, cookieOptions) const encryptedState = await encrypt(state) - res.cookie(cookieNamePrefix + 'state', encryptedState, { - secure: webserverUrl.startsWith('https://'), - httpOnly: true, - sameSite: 'none', - maxAge: 1000 * 60 * 10 // 10 minutes - }) + res.cookie(cookieNamePrefix + 'state', encryptedState, cookieOptions) return res.redirect(redirectUrl) } catch (err) {