enforce CSRF token usage by the same IP for which it was issued

Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
2025-12-06 22:30:56 +03:00 · 2022-03-26 08:41:50 +01:00
parent 853086b942
commit aaf940edab
8 changed files with 457 additions and 186 deletions
--- a/httpd/oidc_test.go
+++ b/httpd/oidc_test.go
@@ -81,7 +81,10 @@ func setIDTokenClaims(idToken *oidc.IDToken, claims []byte) {
 }

 func TestOIDCInitialization(t *testing.T) {
-	config := OIDC{
+	config := OIDC{}
+	err := config.initialize()
+	assert.NoError(t, err)
+	config = OIDC{
 		ClientID:        "sftpgo-client",
 		ClientSecret:    "jRsmE0SWnuZjP7djBqNq0mrf8QN77j2c",
 		ConfigURL:       fmt.Sprintf("http://%v/", oidcMockAddr),
@@ -89,7 +92,7 @@ func TestOIDCInitialization(t *testing.T) {
 		UsernameField:   "preferred_username",
 		RoleField:       "sftpgo_role",
 	}
-	err := config.initialize()
+	err = config.initialize()
 	if assert.Error(t, err) {
 		assert.Contains(t, err.Error(), "oidc: unable to initialize provider")
 	}