update to reflect memguard related changes to go-http-cookie

Author: thisisaaronland

go.mod

@@ -3,10 +3,11 @@ module github.com/sfomuseum/go-http-oauth2
 go 1.12
 
 require (
-	github.com/aaronland/go-http-cookie v0.3.0
+	github.com/aaronland/go-http-cookie v0.3.1
 	github.com/aaronland/go-http-crumb v0.1.0
 	github.com/aaronland/go-http-sanitize v0.0.4
 	github.com/aaronland/go-string v0.1.2
+	github.com/awnumar/memguard v0.22.2
 	github.com/sfomuseum/go-flags v0.1.0
 	golang.org/x/oauth2 v0.0.0-20200107190931-bf48bf16ab8d
 )

go.sum

@@ -7,6 +7,8 @@ github.com/aaronland/go-http-cookie v0.2.0 h1:DXJ4jJ7lRwOGP1rUn68K3n24r6dGOO/3Pd
 github.com/aaronland/go-http-cookie v0.2.0/go.mod h1:fGP679ZUdWY+ISTL26BcHG6q7T8GT7rklpZJ/eHC7yo=
 github.com/aaronland/go-http-cookie v0.3.0 h1:mB4CZ+KAddyucQ/nURv7RSuGl0AJZqZJT9cgtE86vd4=
 github.com/aaronland/go-http-cookie v0.3.0/go.mod h1:x8CK9UF7W+Audtu+CyBKjVfGEmysK4wr8+pA9WLk7iU=
+github.com/aaronland/go-http-cookie v0.3.1 h1:+eNNvou/5mhgJa/VbwvhlKBJT7mqpTa+V32r/nkIt9s=
+github.com/aaronland/go-http-cookie v0.3.1/go.mod h1:x8CK9UF7W+Audtu+CyBKjVfGEmysK4wr8+pA9WLk7iU=
 github.com/aaronland/go-http-crumb v0.0.5 h1:ZhBkvWUW9wsw+KYnOu0sHAeRpsfY9kj0wh7yA8qGA0M=
 github.com/aaronland/go-http-crumb v0.0.5/go.mod h1:tzp6zHKE/pojVXQhcS1J5x5qQkhhxOTvJS2N7S1VVuY=
 github.com/aaronland/go-http-crumb v0.0.6 h1:R+hGU1SdkKxLqKIuabBwXpemo7VqFaCVYg4YK13JOnw=

vendor/modules.txt

@@ -1,4 +1,4 @@
-# github.com/aaronland/go-http-cookie v0.3.0
+# github.com/aaronland/go-http-cookie v0.3.1
 github.com/aaronland/go-http-cookie
 # github.com/aaronland/go-http-crumb v0.1.0
 github.com/aaronland/go-http-crumb

www/cookie.go

@@ -7,6 +7,7 @@ import (
 	"github.com/aaronland/go-http-cookie"
 	"github.com/aaronland/go-http-sanitize"
 	"github.com/sfomuseum/go-http-oauth2"
+	"github.com/awnumar/memguard"
 	goog_oauth2 "golang.org/x/oauth2"
 	_ "log"
 	"net/http"
@@ -173,12 +174,11 @@ func OAuth2AccessTokenCookieHandler(opts *oauth2.Options) (http.Handler, error)
 			return
 		}
 
-		str_token := string(enc_token)
+		buf_token := memguard.NewBufferFromBytes(enc_token)
 
 		// https://tools.ietf.org/html/draft-ietf-httpbis-cookie-same-site-00#section-4.1.1
 
 		http_cookie := &http.Cookie{
-			Value:    str_token,
 			SameSite: http.SameSiteLaxMode,
 			// SameSite: http.SameSiteStrictMode,	// I can not make this work... (20200416/thisisaaronland)
 			Expires: tok.Expiry,
@@ -191,7 +191,7 @@ func OAuth2AccessTokenCookieHandler(opts *oauth2.Options) (http.Handler, error)
 			http_cookie.Secure = true
 		}
 
-		err = ck.SetCookie(rsp, http_cookie)
+		err = ck.SetWithCookie(rsp, buf_token, http_cookie)
 
 		if err != nil {
 			http.Error(rsp, err.Error(), http.StatusInternalServerError)
@@ -282,19 +282,19 @@ func GetOAuth2TokenFromCookie(opts *oauth2.Options, req *http.Request) (*goog_oa
 		return nil, err
 	}
 
-	str_token, err := ck.Get(req)
+	buf_token, err := ck.Get(req)
 
 	if err != nil && err != http.ErrNoCookie {
 		return nil, err
 	}
 
-	if str_token == "" {
+	if buf_token == nil {
 		return nil, http.ErrNoCookie
 	}
 
 	var token *goog_oauth2.Token
 
-	err = json.Unmarshal([]byte(str_token), &token)
+	err = json.Unmarshal(buf_token.Bytes(), &token)
 
 	if err != nil {
 		return nil, err