This is an automated email from the ASF dual-hosted git repository.
shreemaan-abhishek pushed a commit to branch master
in repository https://gitbox.apache.org/repos/asf/apisix.git
The following commit(s) were added to refs/heads/master by this push:
new 01cf1e9d5 refactor(cas-auth): drop unnecessary raw Cookie header
fallback (#13635)
01cf1e9d5 is described below
commit 01cf1e9d593db0c10d28e9d5887a553b53cddf6f
Author: Shreemaan Abhishek <[email protected]>
AuthorDate: Thu Jul 2 12:48:01 2026 +0800
refactor(cas-auth): drop unnecessary raw Cookie header fallback (#13635)
---
apisix/plugins/cas-auth.lua | 26 ++------------------------
1 file changed, 2 insertions(+), 24 deletions(-)
diff --git a/apisix/plugins/cas-auth.lua b/apisix/plugins/cas-auth.lua
index 08dfc0d72..f179c9f92 100644
--- a/apisix/plugins/cas-auth.lua
+++ b/apisix/plugins/cas-auth.lua
@@ -173,28 +173,6 @@ local function set_our_cookie(conf, name, val)
core.response.add_header("Set-Cookie", name .. "=" .. val ..
cookie_attrs(conf))
end
--- nginx's $cookie_<name> variable doesn't reliably expose cookies whose names
--- exceed certain lengths in older OpenResty builds (the per-config cookie name
--- is "CAS_SESSION_<sha256-hex>"). Parse the raw Cookie header as a fallback.
-local function get_cookie(ctx, name)
- local val = ctx.var["cookie_" .. name]
- if val ~= nil then
- return val
- end
- local cookie_header = ctx.var.http_cookie
- if not cookie_header then
- return nil
- end
- local prefix = name .. "="
- for piece in (cookie_header .. ";"):gmatch("([^;]+);") do
- piece = piece:gsub("^%s+", "")
- if piece:sub(1, #prefix) == prefix then
- return piece:sub(#prefix + 1)
- end
- end
- return nil
-end
-
local function compute_hmac(secret, val)
local m, err = openssl_mac.new(secret, "HMAC", nil, "sha256")
if not m then return nil, err end
@@ -357,7 +335,7 @@ end
local function logout(conf, ctx)
local opts = session_opts(conf)
- local session_id = get_cookie(ctx, opts.cookie_name)
+ local session_id = ctx.var["cookie_" .. opts.cookie_name]
if session_id == nil then
return ngx.HTTP_UNAUTHORIZED
end
@@ -399,7 +377,7 @@ function _M.access(conf, ctx)
return ngx.HTTP_OK
else
local opts = session_opts(conf)
- local session_id = get_cookie(ctx, opts.cookie_name)
+ local session_id = ctx.var["cookie_" .. opts.cookie_name]
if session_id ~= nil then
return with_session_id(conf, ctx, opts, session_id)
end