From e0374d97e6a3a6436255693a3f60545b848f54ce Mon Sep 17 00:00:00 2001
From: Sebastian Marcet <smarcet@gmail.com>
Date: Fri, 2 Jun 2017 16:15:43 -0300
Subject: [PATCH] Updated session cookie params

addeed more configuration params for
IDP cookie session. also set default value
for lifetime from 120 to 1440 minutes as
requested by Jimmy McArthur.

Change-Id: Iddca85712c98f88e11b2c872aaf1911bd6263c39
---
 manifests/init.pp      | 10 +++++++++-
 templates/lv5/.env.erb |  7 +++++++
 2 files changed, 16 insertions(+), 1 deletion(-)

diff --git a/manifests/init.pp b/manifests/init.pp
index 759c276..231ce71 100644
--- a/manifests/init.pp
+++ b/manifests/init.pp
@@ -76,7 +76,15 @@ class openstackid (
   $assets_base_url = 'https://www.openstack.org/',
   $cache_driver = 'redis',
   $session_driver = 'redis',
-  $session_cookie_secure = false,
+  # on minutes
+  $session_lifetime = 1440,
+  $session_encrypt = true,
+  $session_expire_on_close = false,
+  $session_cookie_name = 'openstackid_s',
+  $session_cookie_path = '/',
+  $session_cookie_domain = $::fqdn,
+  $session_cookie_secure = true,
+  $session_cookie_http_only = true,
 ) {
 
   # php packages needed for openid server
diff --git a/templates/lv5/.env.erb b/templates/lv5/.env.erb
index 9b17b9b..c19441a 100644
--- a/templates/lv5/.env.erb
+++ b/templates/lv5/.env.erb
@@ -26,7 +26,14 @@ REDIS_PASSWORD="<%= @redis_password %>"
 CACHE_DRIVER="<%= @cache_driver %>"
 
 SESSION_DRIVER="<%= @session_driver %>"
+SESSION_LIFETIME=<%= @session_lifetime %>
+SESSION_ENCRYPT=<%= @session_encrypt %>
+SESSION_EXPIRE_ON_CLOSE=<%= @session_expire_on_close %>
+SESSION_COOKIE_NAME=<%= @session_cookie_name %>
+SESSION_COOKIE_PATH=<%= @session_cookie_path %>
+SESSION_COOKIE_DOMAIN=<%= @session_cookie_domain %>
 SESSION_COOKIE_SECURE=<%= @session_cookie_secure %>
+SESSION_COOKIE_HTTP_ONLY<%= @session_cookie_http_only %>
 
 MAIL_DRIVER=<%= @email_driver %>
 MAIL_HOST=<%= @email_smtp_server %>