From 26a1b6f98bc87b19cf2a97dcb898d5111409d41f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Tue, 7 Jul 2020 14:08:18 +0200 Subject: [PATCH] add silent refresh middleware MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- pkg/middleware/silentrefresh.go | 13 +++++++++++++ pkg/server/http/server.go | 2 ++ 2 files changed, 15 insertions(+) create mode 100644 pkg/middleware/silentrefresh.go diff --git a/pkg/middleware/silentrefresh.go b/pkg/middleware/silentrefresh.go new file mode 100644 index 0000000000..84fb50934b --- /dev/null +++ b/pkg/middleware/silentrefresh.go @@ -0,0 +1,13 @@ +package middleware + +import ( + "net/http" +) + +// SilentRefresh allows the oidc client lib to silently refresh the token in an iframe +func SilentRefresh(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("X-Frame-Options", "SAMEORIGIN") + next.ServeHTTP(w, r) + }) +} diff --git a/pkg/server/http/server.go b/pkg/server/http/server.go index 24d91d7422..e92af475f3 100644 --- a/pkg/server/http/server.go +++ b/pkg/server/http/server.go @@ -1,6 +1,7 @@ package http import ( + phoenixmid "github.com/owncloud/ocis-phoenix/pkg/middleware" svc "github.com/owncloud/ocis-phoenix/pkg/service/v0" "github.com/owncloud/ocis-phoenix/pkg/version" "github.com/owncloud/ocis-pkg/v2/middleware" @@ -30,6 +31,7 @@ func Server(opts ...Option) (http.Service, error) { middleware.Cache, middleware.Cors, middleware.Secure, + phoenixmid.SilentRefresh, middleware.Version( "phoenix", version.String,