From 26a1b6f98bc87b19cf2a97dcb898d5111409d41f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Tue, 7 Jul 2020 14:08:18 +0200 Subject: [PATCH 1/3] add silent refresh middleware MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- pkg/middleware/silentrefresh.go | 13 +++++++++++++ pkg/server/http/server.go | 2 ++ 2 files changed, 15 insertions(+) create mode 100644 pkg/middleware/silentrefresh.go diff --git a/pkg/middleware/silentrefresh.go b/pkg/middleware/silentrefresh.go new file mode 100644 index 000000000..84fb50934 --- /dev/null +++ b/pkg/middleware/silentrefresh.go @@ -0,0 +1,13 @@ +package middleware + +import ( + "net/http" +) + +// SilentRefresh allows the oidc client lib to silently refresh the token in an iframe +func SilentRefresh(next http.Handler) http.Handler { + return http.HandlerFunc(func(w http.ResponseWriter, r *http.Request) { + w.Header().Set("X-Frame-Options", "SAMEORIGIN") + next.ServeHTTP(w, r) + }) +} diff --git a/pkg/server/http/server.go b/pkg/server/http/server.go index 24d91d742..e92af475f 100644 --- a/pkg/server/http/server.go +++ b/pkg/server/http/server.go @@ -1,6 +1,7 @@ package http import ( + phoenixmid "github.com/owncloud/ocis-phoenix/pkg/middleware" svc "github.com/owncloud/ocis-phoenix/pkg/service/v0" "github.com/owncloud/ocis-phoenix/pkg/version" "github.com/owncloud/ocis-pkg/v2/middleware" @@ -30,6 +31,7 @@ func Server(opts ...Option) (http.Service, error) { middleware.Cache, middleware.Cors, middleware.Secure, + phoenixmid.SilentRefresh, middleware.Version( "phoenix", version.String, From 45f81da6a3e277e2169973bacfa1c91866e66df0 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Tue, 7 Jul 2020 14:13:28 +0200 Subject: [PATCH 2/3] add changelog MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- changelog/unreleased/add-silentrefresh-middleware | 6 ++++++ 1 file changed, 6 insertions(+) create mode 100644 changelog/unreleased/add-silentrefresh-middleware diff --git a/changelog/unreleased/add-silentrefresh-middleware b/changelog/unreleased/add-silentrefresh-middleware new file mode 100644 index 000000000..335453cef --- /dev/null +++ b/changelog/unreleased/add-silentrefresh-middleware @@ -0,0 +1,6 @@ +Bugfix: allow silent refresh of access token + +Sets the `X-Frame-Options Header` to `SAMEORIGIN` so the oidc client can refresh the token in an iframe. + +https://github.com/owncloud/ocis-konnectd/issues/69 +https://github.com/owncloud/ocis-phoenix/pull/69 From b63fb4e4e97c8675668a5c720c4f063f880538b2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?J=C3=B6rn=20Friedrich=20Dreyer?= Date: Tue, 7 Jul 2020 14:22:56 +0200 Subject: [PATCH 3/3] fix typo MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Signed-off-by: Jörn Friedrich Dreyer --- changelog/unreleased/add-silentrefresh-middleware | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/changelog/unreleased/add-silentrefresh-middleware b/changelog/unreleased/add-silentrefresh-middleware index 335453cef..a7bf11377 100644 --- a/changelog/unreleased/add-silentrefresh-middleware +++ b/changelog/unreleased/add-silentrefresh-middleware @@ -1,6 +1,6 @@ Bugfix: allow silent refresh of access token -Sets the `X-Frame-Options Header` to `SAMEORIGIN` so the oidc client can refresh the token in an iframe. +Sets the `X-Frame-Options` header to `SAMEORIGIN` so the oidc client can refresh the token in an iframe. https://github.com/owncloud/ocis-konnectd/issues/69 https://github.com/owncloud/ocis-phoenix/pull/69