MCPcopy
hub / github.com/ory/hydra / validateCSRFCookie

Function validateCSRFCookie

consent/csrf.go:47–57  ·  view source on GitHub ↗
(ctx context.Context, r *http.Request, conf x.CookieConfigProvider, store sessions.Store, name, expectedCSRF string)

Source from the content-addressed store, hash-verified

45}
46
47func validateCSRFCookie(ctx context.Context, r *http.Request, conf x.CookieConfigProvider, store sessions.Store, name, expectedCSRF string) error {
48 if cookie, err := getCSRFCookie(ctx, r, store, conf, name); err != nil {
49 return errors.WithStack(fosite.ErrRequestForbidden.WithHint("CSRF session cookie could not be decoded."))
50 } else if csrf, err := mapx.GetString(cookie.Values, "csrf"); err != nil {
51 return errors.WithStack(fosite.ErrRequestForbidden.WithHint("No CSRF value available in the session cookie."))
52 } else if csrf != expectedCSRF {
53 return errors.WithStack(fosite.ErrRequestForbidden.WithHint("The CSRF value from the token does not match the CSRF value from the data store."))
54 }
55
56 return nil
57}
58
59func getCSRFCookie(ctx context.Context, r *http.Request, store sessions.Store, conf x.CookieConfigProvider, name string) (*sessions.Session, error) {
60 cookie, err := store.Get(r, name)

Callers 4

TestValidateCsrfSessionFunction · 0.85
verifyAuthenticationMethod · 0.85
verifyConsentMethod · 0.85
verifyDeviceMethod · 0.85

Calls 2

getCSRFCookieFunction · 0.85
WithHintMethod · 0.80

Tested by 1

TestValidateCsrfSessionFunction · 0.68