diff --git a/src/auth.rs b/src/auth.rs index 321dbb1..31964f9 100644 --- a/src/auth.rs +++ b/src/auth.rs @@ -570,7 +570,6 @@ impl ConfiguredOidc { &new_nonce, self.plugin_config.cookie_name.as_str(), self.plugin_config.cookie_duration, - self.get_number_of_session_cookies() as u64, ); // Build cookie headers @@ -590,15 +589,7 @@ impl ConfiguredOidc { /// Clear the cookies and redirect to the base path or `end_session_endpoint`. fn logout(&self) -> Result { - let cookie_values = Session::make_cookie_values( - // This is a bit hacky, but we need to write something into the cookie to clear all cookies (otherwise the - // `make_cookie_values` function will not overwrite all cookies, as "" is an empty chunk) - "clear", - "", - &self.plugin_config.cookie_name, - 0, - self.get_number_of_session_cookies() as u64, - ); + let cookie_values = Session::make_cookie_values("", "", &self.plugin_config.cookie_name, 0); let mut headers = Session::make_set_cookie_headers(&cookie_values); @@ -734,7 +725,6 @@ impl ConfiguredOidc { &nonce, self.plugin_config.cookie_name.as_str(), self.plugin_config.cookie_duration, - self.get_number_of_session_cookies() as u64, ); // Build cookie headers @@ -835,30 +825,20 @@ impl ConfiguredOidc { /// /// The session cookie as a string if found, an error otherwise pub fn get_session_cookie_as_string(&self) -> Result { - // Find all cookies that have the cookie_name, split them by ; and remove the name from the cookie - // as well as the leading =. Then join the cookie values together again. - let cookie = self - .get_http_request_header("cookie") - .ok_or(PluginError::SessionCookieNotFoundError)?; - - // Split cookie by ; and filter for the cookie name. - let cookies = cookie - .split(';') - .filter(|x| x.contains(self.plugin_config.cookie_name.as_str())) - .filter(|x| !x.contains(format!("{}-nonce", self.plugin_config.cookie_name).as_str())); - - // Check if cookies have values - for cookie in cookies.clone() { - if cookie.split('=').collect::>().len() < 2 { - return Err(PluginError::SessionCookieNotFoundError); - } - } - - // Then split all cookies by = and get the second element before joining all values together. - let values = cookies - .map(|x| x.split('=').collect::>()[1]) - .collect::>() - // Join the cookie values together again. + let cookie_name = &self.plugin_config.cookie_name; + + // Get the number of cookie parts + let num_parts: u8 = self + .get_cookie(&format!("{cookie_name}-parts")) + .unwrap_or_default() + .parse() + .map_err(|_| PluginError::SessionCookieNotFoundError)?; + + // Get the cookie parts and concatenate them into a string + let values = (0..num_parts) + .map(|i| self.get_cookie(&format!("{cookie_name}-{i}"))) + .collect::>>() + .ok_or(PluginError::SessionCookieNotFoundError)? .join(""); Ok(values) @@ -869,13 +849,4 @@ impl ConfiguredOidc { self.get_cookie(format!("{}-nonce", self.plugin_config.cookie_name).as_str()) .ok_or(PluginError::NonceCookieNotFoundError) } - - /// Helper function to get the number of session cookies from the request headers. - pub fn get_number_of_session_cookies(&self) -> usize { - let cookie = self.get_http_request_header("cookie").unwrap_or_default(); - return cookie - .split(';') - .filter(|x| x.contains(&self.plugin_config.cookie_name)) - .count(); - } } diff --git a/src/error.rs b/src/error.rs index 110226e..c8d9b00 100644 --- a/src/error.rs +++ b/src/error.rs @@ -69,6 +69,7 @@ pub enum PluginError { impl ConfiguredOidc { pub fn show_error_page(&self, status_code: u32, title: &str, message: &str) { let headers = vec![("cache-control", "no-cache"), ("content-type", "text/html")]; + let request_id = self.request_id.clone().unwrap_or_default(); self.send_http_response( status_code, @@ -81,7 +82,7 @@ impl ConfiguredOidc { - Error - {} + Error - {status_code}