Exemple #1
0
func retrieveRequestState(request *http.Request, store store.Storer) (*protocol.AuthnRequest, string) {
	// Does this user have a saved request state
	cookie, err := request.Cookie("lidp-rs")
	if err != nil {
		return nil, ""
	}
	// Read the user information from Redis
	var rs RequestState
	err = store.Retrieve(cookie.Value, &rs)
	if err != nil {
		log.Println(err)
		return nil, ""
	}
	return rs.AuthnRequest, rs.RelayState
}
Exemple #2
0
func retrieveUserFromSession(request *http.Request, store store.Storer) *protocol.AuthenticatedUser {
	// Does this user have a session?
	cookie, err := request.Cookie("lidp-user")
	if err != nil {
		return nil
	}
	// Read the user information from Redis
	var tmpUser protocol.AuthenticatedUser
	err = store.Retrieve(cookie.Value, &tmpUser)
	if err != nil {
		return nil
	}
	user := &tmpUser
	log.Printf("Using exising session for %s\n", user.Name)
	// Make sure the IP matches
	if !getIP(request).Equal(user.IP) {
		log.Println("Warning - Existing session associated with a different IP address.")
		// Force them to authenticate again
		return nil
	}
	return user
}