Introduce cookie_secret an additional value in the Secret oidc-client-secret created for each user
As part of https://gitlab.cern.ch/webservices/webframeworks-planning/-/issues/226 we noticed that Oauth2 requires us to provide a cookie_secret
which is the seed string for secure cookies, we also had to provide this back when we configured SSO for webeos here.
Instead of having to generate this value with helm or something else the authz-operator could generate this value per AppReg and store it together with the user secrets in the Secret oidc-client-secret
cookie_secret
must be 16, 24, or 32 bytes
Oauth2 recommends us to generate it using the following command, there must be an equivalent in go:
python -c 'import os,base64; print(base64.urlsafe_b64encode(os.urandom(16)).decode())'
/cc @alossent
Edited by Joao Esteves Marcal