(ctx context.Context)
| 418 | } |
| 419 | |
| 420 | func (m *RegistrySQL) CookieStore(ctx context.Context) (sessions.Store, error) { |
| 421 | var keys [][]byte |
| 422 | secrets, err := m.conf.GetCookieSecrets(ctx) |
| 423 | if err != nil { |
| 424 | return nil, err |
| 425 | } |
| 426 | |
| 427 | for _, k := range secrets { |
| 428 | encrypt := sha256.Sum256(k) |
| 429 | keys = append(keys, k, encrypt[:]) |
| 430 | } |
| 431 | |
| 432 | cs := sessions.NewCookieStore(keys...) |
| 433 | cs.Options.Secure = m.Config().CookieSecure(ctx) |
| 434 | cs.Options.HttpOnly = true |
| 435 | |
| 436 | // CookieStore MaxAge is set to 86400 * 30 by default. This prevents secure cookies retrieval with expiration > 30 days. |
| 437 | // MaxAge(0) disables internal MaxAge check by SecureCookie, see: |
| 438 | // |
| 439 | // https://github.com/ory/hydra/pull/2488#discussion_r618992698 |
| 440 | cs.MaxAge(0) |
| 441 | |
| 442 | if domain := m.Config().CookieDomain(ctx); domain != "" { |
| 443 | cs.Options.Domain = domain |
| 444 | } |
| 445 | |
| 446 | cs.Options.Path = "/" |
| 447 | if sameSite := m.Config().CookieSameSiteMode(ctx); sameSite != 0 { |
| 448 | cs.Options.SameSite = sameSite |
| 449 | } |
| 450 | |
| 451 | return cs, nil |
| 452 | } |
| 453 | |
| 454 | func (m *RegistrySQL) HTTPClient(_ context.Context, opts ...httpx.ResilientOptions) *retryablehttp.Client { |
| 455 | opts = append(opts, |
nothing calls this directly
no test coverage detected