From bed563fd20448ada4fb88306a98e0f2ff28b4428 Mon Sep 17 00:00:00 2001 From: Kyle Isom Date: Tue, 31 Mar 2026 23:14:34 -0700 Subject: [PATCH] Update mcdsl to v1.7.0 (SSO cookie fix for Firefox) Co-Authored-By: Claude Opus 4.6 (1M context) --- go.mod | 2 +- go.sum | 6 ++---- vendor/git.wntrmute.dev/mc/mcdsl/sso/sso.go | 17 ++++++++++++++++- vendor/modules.txt | 2 +- 4 files changed, 20 insertions(+), 7 deletions(-) diff --git a/go.mod b/go.mod index a423ab3..c6930c1 100644 --- a/go.mod +++ b/go.mod @@ -4,7 +4,7 @@ go 1.25.7 require ( git.wntrmute.dev/kyle/goutils v1.21.0 - git.wntrmute.dev/mc/mcdsl v1.6.0 + git.wntrmute.dev/mc/mcdsl v1.7.0 github.com/go-chi/chi/v5 v5.2.5 github.com/spf13/cobra v1.10.2 github.com/spf13/viper v1.21.0 diff --git a/go.sum b/go.sum index cd79932..b97dc76 100644 --- a/go.sum +++ b/go.sum @@ -1,9 +1,7 @@ git.wntrmute.dev/kyle/goutils v1.21.0 h1:ZR7ovV400hsF09zc8tkdHs6vyen8TDJ7flong/dnFXM= git.wntrmute.dev/kyle/goutils v1.21.0/go.mod h1:JQ8NL5lHSEYl719UMf20p4G1ei70RVGma0hjjNXCR2c= -git.wntrmute.dev/mc/mcdsl v1.4.0 h1:PsEIyskcjBduwHSRwNB/U/uSeU/cv3C8MVr0SRjBRLg= -git.wntrmute.dev/mc/mcdsl v1.4.0/go.mod h1:MhYahIu7Sg53lE2zpQ20nlrsoNRjQzOJBAlCmom2wJc= -git.wntrmute.dev/mc/mcdsl v1.6.0 h1:Vn1uy6b1yZ4Y8fsl1+kLucVprrFKlQ4SN2cjUH/Eg2k= -git.wntrmute.dev/mc/mcdsl v1.6.0/go.mod h1:MhYahIu7Sg53lE2zpQ20nlrsoNRjQzOJBAlCmom2wJc= +git.wntrmute.dev/mc/mcdsl v1.7.0 h1:dAh2SGdzjhz0H66i3KAMDm1eRYYgMaxqQ0Pj5NzF7fc= +git.wntrmute.dev/mc/mcdsl v1.7.0/go.mod h1:MhYahIu7Sg53lE2zpQ20nlrsoNRjQzOJBAlCmom2wJc= github.com/cespare/xxhash/v2 v2.3.0 h1:UL815xU9SqsFlibzuggzjXhog7bL6oX9BbNZnL2UFvs= github.com/cespare/xxhash/v2 v2.3.0/go.mod h1:VGX0DQ3Q6kWi7AoAeZDth3/j3BFtOZR5XLFGgcrjCOs= github.com/cpuguy83/go-md2man/v2 v2.0.6/go.mod h1:oOW0eioCTA6cOiMLiUPZOpcVxMig6NIQQ7OS05n1F4g= diff --git a/vendor/git.wntrmute.dev/mc/mcdsl/sso/sso.go b/vendor/git.wntrmute.dev/mc/mcdsl/sso/sso.go index e0fb6f2..e2d7a79 100644 --- a/vendor/git.wntrmute.dev/mc/mcdsl/sso/sso.go +++ b/vendor/git.wntrmute.dev/mc/mcdsl/sso/sso.go @@ -22,6 +22,7 @@ import ( "encoding/hex" "encoding/json" "fmt" + "html" "io" "net/http" "net/url" @@ -268,6 +269,12 @@ func ConsumeReturnToCookie(w http.ResponseWriter, r *http.Request, prefix string // RedirectToLogin generates a state, sets the state and return-to cookies, // and redirects the user to the MCIAS authorize URL. +// +// The redirect is performed via a 200 response with an HTML meta-refresh +// instead of a 302. Some browsers (notably Firefox) do not reliably store +// Set-Cookie headers on 302 responses that redirect to a different origin, +// even when the origins are same-site. Using a 200 response ensures the +// cookies are stored before the browser navigates away. func RedirectToLogin(w http.ResponseWriter, r *http.Request, client *Client, cookiePrefix string) error { state, err := GenerateState() if err != nil { @@ -276,7 +283,15 @@ func RedirectToLogin(w http.ResponseWriter, r *http.Request, client *Client, coo SetStateCookie(w, cookiePrefix, state) SetReturnToCookie(w, r, cookiePrefix) - http.Redirect(w, r, client.AuthorizeURL(state), http.StatusFound) + + authorizeURL := client.AuthorizeURL(state) + escaped := html.EscapeString(authorizeURL) + w.Header().Set("Content-Type", "text/html; charset=utf-8") + w.WriteHeader(http.StatusOK) + _, _ = fmt.Fprintf(w, ` + +

Redirecting to MCIAS...

`, + escaped, escaped) return nil } diff --git a/vendor/modules.txt b/vendor/modules.txt index 5a14cb2..aebc4bc 100644 --- a/vendor/modules.txt +++ b/vendor/modules.txt @@ -2,7 +2,7 @@ ## explicit; go 1.24.0 git.wntrmute.dev/kyle/goutils/certlib/certgen git.wntrmute.dev/kyle/goutils/lib -# git.wntrmute.dev/mc/mcdsl v1.6.0 +# git.wntrmute.dev/mc/mcdsl v1.7.0 ## explicit; go 1.25.7 git.wntrmute.dev/mc/mcdsl/auth git.wntrmute.dev/mc/mcdsl/config