go-pkgz / auth

84%

master: 84%

LAST BUILD ON BRANCH fix-oauth-sendjwtheader

branch: fix-oauth-sendjwtheader

CHANGE BRANCH

x

Reset

• fix-oauth-sendjwtheader
• allowed-provider-check
• apple-reponse-mode-fix
• aud-secrets
• ava-factory
• cookie-domain
• custom-dev-host
• custom-dev-port
• dependabot/go_modules/_example/github.com/go-chi/chi/v5-5.2.2
• dependabot/go_modules/_example/golang.org/x/crypto-0.17.0
• dependabot/go_modules/_example/golang.org/x/image-0.5.0
• dependabot/go_modules/_example/golang.org/x/net-0.17.0
• dependabot/go_modules/_example/golang.org/x/net-0.7.0
• dependabot/go_modules/golang.org/x/crypto-0.31.0
• dependabot/go_modules/v2/github.com/golang-jwt/jwt/v5-5.2.2
• dependabot/go_modules/v2/golang.org/x/crypto-0.31.0
• dependabot/go_modules/v2/golang.org/x/crypto-0.45.0
• dependabot/go_modules/v2/golang.org/x/net-0.33.0
• dependabot/go_modules/v2/golang.org/x/net-0.36.0
• direct-custom-id
• dverhoturov/telegram_fix
• email-sender
• fix-anon
• fix-content-type-header
• fix-providers-names
• fix/panic-save-ava-nil
• go1_20
• jwt-header
• master
• microsoft
• migrate-example-to-routegroup
• no-ava
• official-mongo-drvier
• paskal/HttpOnly
• paskal/add_common_processor
• paskal/avatar_return_proper_content_type
• paskal/bump_ci_go_version
• paskal/bump_dep
• paskal/bump_go_modules
• paskal/bump_modules
• paskal/double_close
• paskal/email_module
• paskal/facelift
• paskal/fix_actions_test
• paskal/fix_apple_key_panic
• paskal/fix_custom_server
• paskal/fix_error
• paskal/fix_golangcilint
• paskal/fix_lint_report
• paskal/fix_send_jwt_header
• paskal/google_auth_doc
• paskal/improve_telegram
• paskal/modules_bump
• paskal/mongodb
• paskal/moq
• paskal/new_errors
• paskal/plain_text
• paskal/switch_to_v2
• paskal/sync_v2
• paskal/telegram_site_id
• paskal/tg_username
• paskal/token_generation_instructions
• paskal/update-dependencies
• paskal/update-modules
• paskal/update_modules
• paskal/update_pkcs8
• paskal/v2
• paskal/v2_golangcilint
• paskal/v2_jwt5
• rbac
• refs/tags/v0.10.0
• refs/tags/v0.10.1
• refs/tags/v0.10.2
• refs/tags/v0.11.0
• refs/tags/v0.12.0
• refs/tags/v0.12.1
• refs/tags/v1.13.0
• refs/tags/v1.13.1
• refs/tags/v1.14.0
• refs/tags/v1.15.0
• refs/tags/v1.16.0
• refs/tags/v1.17.0
• refs/tags/v1.18.0
• refs/tags/v1.19.0
• refs/tags/v1.19.1
• refs/tags/v1.20.0
• refs/tags/v1.21.0
• refs/tags/v1.22.0
• refs/tags/v1.22.1
• refs/tags/v1.23.0
• refs/tags/v1.24.0
• refs/tags/v1.24.1
• refs/tags/v1.24.2
• refs/tags/v1.25.1
• refs/tags/v1.5.1
• refs/tags/v2.0.0
• refs/tags/v2.1.0
• remove-bluemonday
• samesite
• sanitize-verifyed
• update-dependencies-dec2024
• update-deps-and-golangci-v2
• upgrade-repeater-v2
• v0.8.0
• v0.8.1
• v0.8.2
• v0.8.3
• v0.9.0
• verify-avatar

Build # 20402130257

Build Type

Pull #262

github

Committed by paskal

Commit Message

fix: set cookies alongside header when SendJWTHeader is enabled

When SendJWTHeader is true, now sets both the JWT header AND cookies.
This fixes OAuth authentication flows where HTTP headers don't survive
browser redirects. Cookies are needed for the OAuth callback to complete
successfully, while headers are still set for direct API calls.

Fixes https://github.com/umputun/remark42/issues/1877

Pull Request Pull Request #262: fix: set cookies alongside header when SendJWTHeader is enabled

Run Details

2 of 2 new or added lines in 1 file covered. (100.0%)

2672 of 3194 relevant lines covered (83.66%)

7.18 hits per line