zitadel/internal/domain/browser_info.go
Livio Spring d04f208486
fix: correctly set user agent / fingerprint id on user sessions (#8231)
# Which Problems Are Solved

When we switched to V2 tokens (#7822), the user agent was incorrectly
set for sessions created though the login UI.
Additionally, when calling the ListMyUserSessions from the AuthService,
any session without the fingerprint ID (e.g. created through the session
API) would be listed.

# How the Problems Are Solved

- Use the intended ID of the user agent (fingerprint)
- Ignore empty user agent IDs when listing the user sessions

# Additional Changes

None.

# Additional Context

- relates #7822
- closes #8213

(cherry picked from commit 08a75635d2165fabf909032e8fd6293769a40393)
2024-07-03 09:55:20 +02:00

38 lines
816 B
Go

package domain
import (
"net"
net_http "net/http"
http_util "github.com/zitadel/zitadel/internal/api/http"
)
type BrowserInfo struct {
UserAgent string
AcceptLanguage string
RemoteIP net.IP
Header net_http.Header
}
func BrowserInfoFromRequest(r *net_http.Request) *BrowserInfo {
return &BrowserInfo{
UserAgent: r.Header.Get(http_util.UserAgentHeader),
AcceptLanguage: r.Header.Get(http_util.AcceptLanguage),
RemoteIP: http_util.RemoteIPFromRequest(r),
Header: r.Header,
}
}
func (a *AuthRequest) ToUserAgent() *UserAgent {
agent := &UserAgent{
FingerprintID: &a.AgentID,
}
if a.BrowserInfo == nil {
return agent
}
agent.IP = a.BrowserInfo.RemoteIP
agent.Description = &a.BrowserInfo.UserAgent
agent.Header = a.BrowserInfo.Header
return agent
}