MCPcopy
hub / github.com/ory/hydra / CookieStore

Method CookieStore

driver/registry_sql.go:420–452  ·  view source on GitHub ↗
(ctx context.Context)

Source from the content-addressed store, hash-verified

418}
419
420func (m *RegistrySQL) CookieStore(ctx context.Context) (sessions.Store, error) {
421 var keys [][]byte
422 secrets, err := m.conf.GetCookieSecrets(ctx)
423 if err != nil {
424 return nil, err
425 }
426
427 for _, k := range secrets {
428 encrypt := sha256.Sum256(k)
429 keys = append(keys, k, encrypt[:])
430 }
431
432 cs := sessions.NewCookieStore(keys...)
433 cs.Options.Secure = m.Config().CookieSecure(ctx)
434 cs.Options.HttpOnly = true
435
436 // CookieStore MaxAge is set to 86400 * 30 by default. This prevents secure cookies retrieval with expiration > 30 days.
437 // MaxAge(0) disables internal MaxAge check by SecureCookie, see:
438 //
439 // https://github.com/ory/hydra/pull/2488#discussion_r618992698
440 cs.MaxAge(0)
441
442 if domain := m.Config().CookieDomain(ctx); domain != "" {
443 cs.Options.Domain = domain
444 }
445
446 cs.Options.Path = "/"
447 if sameSite := m.Config().CookieSameSiteMode(ctx); sameSite != 0 {
448 cs.Options.SameSite = sameSite
449 }
450
451 return cs, nil
452}
453
454func (m *RegistrySQL) HTTPClient(_ context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client {
455 opts = append(opts,

Callers

nothing calls this directly

Calls 5

ConfigMethod · 0.95
GetCookieSecretsMethod · 0.80
CookieSecureMethod · 0.65
CookieDomainMethod · 0.65
CookieSameSiteModeMethod · 0.65

Tested by

no test coverage detected