func storeRequestState(writer http.ResponseWriter, store store.Storer, authnRequest *protocol.AuthnRequest, relayState string) error {
// Save the request and relaystate for 5 minutes
sessionID := uuid.NewV4().String()
state := RequestState{authnRequest, relayState}
err := store.Store(sessionID, state, 300)
if err != nil {
return err
}
// Set a cookie for the request state
c := &http.Cookie{Name: "lidp-rs", Value: sessionID, Path: "/", HttpOnly: true, Secure: true}
http.SetCookie(writer, c)
return err
}
// No need to return an error. We can't do anything. They'll just have to sign in again
func storeUserInSession(writer http.ResponseWriter, store store.Storer, user *protocol.AuthenticatedUser) {
// Create a session and save user info
sessionID := uuid.NewV4().String()
// Set a cookie for the user session
c := &http.Cookie{Name: "lidp-user", Value: sessionID, Path: "/", HttpOnly: true, Secure: true}
http.SetCookie(writer, c)
log.Printf("Creating a new session for %s\n", user.Name)
// Save information for 8 hours
err := store.Store(sessionID, user, 28800)
if err != nil {
log.Println("Failed to save session for user.")
}
}