brash-gpu-27606
02/22/2022, 6:58 AMdamp-sunset-69236
02/22/2022, 8:29 AMsession:
cookie:
domain: <http://example.com|example.com>
brash-gpu-27606
02/22/2022, 8:47 AMkratos:
development: true
secrets:
cookie:
- PLEASE-CHANGE-ME-I-AM-VERY-INSECURE
# -- Enable the initialization job. Required to work with a DB
autoMigrate: true
# -- You can add multiple identity schemas here
identitySchemas:
"identity.default.schema.json": |
{
"$id": "<https://schemas.ory.sh/presets/kratos/identity.email.schema.json>",
"$schema": "<http://json-schema.org/draft-07/schema#>",
"title": "Person",
"type": "object",
"properties": {
"traits": {
"type": "object",
"properties": {
"email": {
"type": "string",
"format": "email",
"title": "E-Mail",
"<http://ory.sh/kratos|ory.sh/kratos>": {
"credentials": {
"password": {
"identifier": true
}
},
"recovery": {
"via": "email"
},
"verification": {
"via": "email"
}
}
}
},
"required": [
"email"
],
"additionalProperties": false
}
}
}
config:
# dsn: <postgres://foo:bar@pg-sqlproxy-gcloud-sqlproxy:5432/db>
dsn: <cockroach://root@cockroachdb:26257/defaultdb?sslmode=disable&max_conns=20&max_idle_conns=4>
courier:
smtp:
connection_uri: <smtp://mailhog.default.svc.cluster.local:1025/?disable_starttls=true>
cookies:
domain: <http://bitglaze.com|bitglaze.com>
same_site: Lax
session:
cookie:
domain: <http://bitglaze.com|bitglaze.com>
serve:
public:
base_url: <https://dev.bitglaze.com/.ory/kratos/public/>
cors:
allowed_origins:
- https://*.<http://bitglaze.com|bitglaze.com>
allowed_methods:
- POST
- GET
- PUT
- PATCH
- DELETE
allowed_headers:
- Authorization
- Cookie
- Content-Type
- X-Session-Token
exposed_headers:
- Content-Type
- Set-Cookie
allow_credentials: true
options_passthrough: false
debug: true
enabled: true
port: 80
selfservice:
default_browser_return_url: <https://dev.bitglaze.com/>
whitelisted_return_urls:
- https://*.<http://bitglaze.com|bitglaze.com>
methods:
password:
enabled: true
totp:
enabled: true
lookup_secret:
enabled: true
flows:
error:
ui_url: <https://dev.bitglaze.com/error>
settings:
ui_url: <https://dev.bitglaze.com/settings>
privileged_session_max_age: 15m
recovery:
enabled: true
ui_url: <https://dev.bitglaze.com/recovery>
verification:
enabled: true
ui_url: <https://dev.bitglaze.com/verification>
after:
default_browser_return_url: <https://dev.bitglaze.com/>
logout:
after:
default_browser_return_url: <https://dev.bitglaze.com/login>
login:
ui_url: <https://dev.bitglaze.com/login>
lifespan: 10m
registration:
lifespan: 10m
ui_url: <https://dev.bitglaze.com/registration>
after:
password:
hooks:
- hook: session
identity:
default_schema_url: file:///etc/config/identity.default.schema.json
log:
level: debug
format: text
leak_sensitive_values: true
[cors] 2022/02/22 08:45:30 Handler: Actual request
[cors] 2022/02/22 08:45:30 Actual request no headers added: missing origin
time=2022-02-22T08:45:30Z level=info msg=started handling request http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close content-type:application/json cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=B1Y77RmPZkaD+rlcnDzco3V9WT4F0AN8fG1EmIt2WBo= referer:<https://dev.bitglaze.com/login?flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:POST path:/self-service/login query:flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6 remote:172.17.0.1:1573 scheme:http]
time=2022-02-22T08:45:31Z level=debug msg=Running ExecuteLoginPostHook. audience=application flow_method=password http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close content-type:application/json cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=B1Y77RmPZkaD+rlcnDzco3V9WT4F0AN8fG1EmIt2WBo= referer:<https://dev.bitglaze.com/login?flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:POST path:/self-service/login query:flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6 remote:172.17.0.1:1573 scheme:http] identity_id=85d462d2-418c-4a20-9f1a-617a2ba097dc service_name=Ory Kratos service_version=v0.8.0-alpha.3
time=2022-02-22T08:45:31Z level=info msg=Identity authenticated successfully and was issued an Ory Kratos Session Cookie. audience=audit http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close content-type:application/json cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=B1Y77RmPZkaD+rlcnDzco3V9WT4F0AN8fG1EmIt2WBo= referer:<https://dev.bitglaze.com/login?flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:POST path:/self-service/login query:flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6 remote:172.17.0.1:1573 scheme:http] identity_id=85d462d2-418c-4a20-9f1a-617a2ba097dc service_name=Ory Kratos service_version=v0.8.0-alpha.3 session_id=08bdbe2a-27f0-418c-9e31-cc4e1214378f
time=2022-02-22T08:45:31Z level=info msg=completed handling request http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close content-type:application/json cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=B1Y77RmPZkaD+rlcnDzco3V9WT4F0AN8fG1EmIt2WBo= referer:<https://dev.bitglaze.com/login?flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:POST path:/self-service/login query:flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6 remote:172.17.0.1:1573 scheme:http] http_response=map[headers:map[cache-control:private, no-cache, no-store, must-revalidate content-type:application/json; charset=utf-8 set-cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=FWn7WuMMiAkI8iK5xv9k+SayM+LKjZf8E1qsQvNfwBI=; Path=/; Domain=<http://bitglaze.com|bitglaze.com>; Max-Age=31536000; HttpOnly; SameSite=Lax vary:Origin] size:1143 status:200 text_status:OK took:482.477295ms]
[cors] 2022/02/22 08:45:31 Handler: Actual request
[cors] 2022/02/22 08:45:31 Actual request no headers added: missing origin
time=2022-02-22T08:45:31Z level=info msg=started handling request http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=FWn7WuMMiAkI8iK5xv9k+SayM+LKjZf8E1qsQvNfwBI=; ory_kratos_session=MTY0NTUxOTUzMXxEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJR0ZMU0ZFeU5FVlFiR041WW05cFFqaFZhVWRQZDJSeVF6RlVWbkF4T1U1NnxkXXilig7G7jjPoRFtFy2HOQQZT2KwewMz7ffeWiOl3Q== referer:<https://dev.bitglaze.com/login?flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:GET path:/sessions/whoami query:<nil> remote:172.17.0.1:9543 scheme:http]
time=2022-02-22T08:45:31Z level=info msg=completed handling request http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=FWn7WuMMiAkI8iK5xv9k+SayM+LKjZf8E1qsQvNfwBI=; ory_kratos_session=MTY0NTUxOTUzMXxEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJR0ZMU0ZFeU5FVlFiR041WW05cFFqaFZhVWRQZDJSeVF6RlVWbkF4T1U1NnxkXXilig7G7jjPoRFtFy2HOQQZT2KwewMz7ffeWiOl3Q== referer:<https://dev.bitglaze.com/login?flow=6c332101-a1ea-4a31-9bc9-9805c0b130d6> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:GET path:/sessions/whoami query:<nil> remote:172.17.0.1:9543 scheme:http] http_response=map[headers:map[content-type:application/json; charset=utf-8 vary:Origin x-kratos-authenticated-identity-id:85d462d2-418c-4a20-9f1a-617a2ba097dc] size:1125 status:200 text_status:OK took:27.596022ms]
[cors] 2022/02/22 08:45:31 Handler: Actual request
[cors] 2022/02/22 08:45:31 Actual request no headers added: missing origin
time=2022-02-22T08:45:31Z level=info msg=started handling request http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=FWn7WuMMiAkI8iK5xv9k+SayM+LKjZf8E1qsQvNfwBI=; ory_kratos_session=MTY0NTUxOTUzMXxEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJR0ZMU0ZFeU5FVlFiR041WW05cFFqaFZhVWRQZDJSeVF6RlVWbkF4T1U1NnxkXXilig7G7jjPoRFtFy2HOQQZT2KwewMz7ffeWiOl3Q== referer:<https://dev.bitglaze.com/> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:GET path:/sessions/whoami query:<nil> remote:172.17.0.1:61543 scheme:http]
time=2022-02-22T08:45:31Z level=info msg=completed handling request http_request=map[headers:map[accept:application/json, text/plain, / accept-encoding:gzip, deflate accept-language:en-IN,en-GB;q=0.9,en;q=0.8,en-US;q=0.7 connection:close cookie:csrf_token_a1ef72f817aa785fd776758de4364067ed05b87cb77cf196c4bfbb45f291b573=FWn7WuMMiAkI8iK5xv9k+SayM+LKjZf8E1qsQvNfwBI=; ory_kratos_session=MTY0NTUxOTUzMXxEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJR0ZMU0ZFeU5FVlFiR041WW05cFFqaFZhVWRQZDJSeVF6RlVWbkF4T1U1NnxkXXilig7G7jjPoRFtFy2HOQQZT2KwewMz7ffeWiOl3Q== referer:<https://dev.bitglaze.com/> user-agent:Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/98.0.4758.102 Safari/537.36 Edg/98.0.1108.56] host:kratos-public.default.svc.cluster.local method:GET path:/sessions/whoami query:<nil> remote:172.17.0.1:61543 scheme:http] http_response=map[headers:map[content-type:application/json; charset=utf-8 vary:Origin x-kratos-authenticated-identity-id:85d462d2-418c-4a20-9f1a-617a2ba097dc] size:1125 status:200 text_status:OK took:26.33934ms]
billions-leather-15882
02/23/2022, 12:29 PMdamp-sunset-69236
02/23/2022, 12:55 PM<http://mydomain.com|mydomain.com>
when the original request was made to <http://subdomain.mydomain.com|subdomain.mydomain.com>
. It is however not possible to set a cookie for <http://anotherdomain.com|anotherdomain.com>
when the original request was made to <http://mydomain.com|mydomain.com>
. See also this answer on StackOverflow.
Taken from Configuring Cookiesbrash-gpu-27606
02/23/2022, 1:06 PMbillions-leather-15882
02/23/2022, 1:15 PM