From 5641bd559295bf535ac3de551da81b2525131c39 Mon Sep 17 00:00:00 2001 From: Eduardo Apolinario Date: Wed, 30 Oct 2024 19:54:18 -0400 Subject: [PATCH] Set `Secure` flag only if `Secure` is set on flyteadmin config Signed-off-by: Eduardo Apolinario --- flyteadmin/auth/cookie.go | 5 +++-- flyteadmin/auth/cookie_manager.go | 3 ++- 2 files changed, 5 insertions(+), 3 deletions(-) diff --git a/flyteadmin/auth/cookie.go b/flyteadmin/auth/cookie.go index 10a32a4777..c4c3b7b14a 100644 --- a/flyteadmin/auth/cookie.go +++ b/flyteadmin/auth/cookie.go @@ -12,6 +12,7 @@ import ( "github.com/gorilla/securecookie" "github.com/flyteorg/flyte/flyteadmin/auth/interfaces" + "github.com/flyteorg/flyte/flyteadmin/pkg/config" "github.com/flyteorg/flyte/flytestdlib/errors" "github.com/flyteorg/flyte/flytestdlib/logger" ) @@ -69,7 +70,7 @@ func NewSecureCookie(cookieName, value string, hashKey, blockKey []byte, domain Domain: domain, SameSite: sameSiteMode, HttpOnly: true, - Secure: true, + Secure: config.GetConfig().Security.Secure, }, nil } @@ -128,7 +129,7 @@ func NewCsrfCookie() http.Cookie { Value: csrfStateToken, SameSite: http.SameSiteLaxMode, HttpOnly: true, - Secure: true, + Secure: config.GetConfig().Security.Secure, } } diff --git a/flyteadmin/auth/cookie_manager.go b/flyteadmin/auth/cookie_manager.go index c221636930..81e39e6eb3 100644 --- a/flyteadmin/auth/cookie_manager.go +++ b/flyteadmin/auth/cookie_manager.go @@ -11,6 +11,7 @@ import ( "golang.org/x/oauth2" "github.com/flyteorg/flyte/flyteadmin/auth/config" + serverConfig "github.com/flyteorg/flyte/flyteadmin/pkg/config" "github.com/flyteorg/flyte/flyteidl/gen/pb-go/flyteidl/service" "github.com/flyteorg/flyte/flytestdlib/errors" "github.com/flyteorg/flyte/flytestdlib/logger" @@ -218,7 +219,7 @@ func (c *CookieManager) getLogoutCookie(name string) *http.Cookie { Domain: c.domain, MaxAge: 0, HttpOnly: true, - Secure: true, + Secure: serverConfig.GetConfig().Security.Secure, Expires: time.Now().Add(-1 * time.Hour), } }