mirror of
https://github.com/jech/galene.git
synced 2024-11-10 02:35:58 +01:00
Fix token parsing when aud is an array.
This commit is contained in:
parent
a9c9581465
commit
37ef768ac0
1 changed files with 26 additions and 11 deletions
|
@ -37,7 +37,7 @@ func parseKey(key map[string]interface{}) (interface{}, error) {
|
||||||
switch kty {
|
switch kty {
|
||||||
case "oct":
|
case "oct":
|
||||||
var length int
|
var length int
|
||||||
switch(alg) {
|
switch alg {
|
||||||
case "HS256":
|
case "HS256":
|
||||||
length = 32
|
length = 32
|
||||||
case "HS384":
|
case "HS384":
|
||||||
|
@ -105,6 +105,18 @@ func getKey(header map[string]interface{}, keys []map[string]interface{}) (inter
|
||||||
return nil, errors.New("key not found")
|
return nil, errors.New("key not found")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
func toStringArray(a []interface{}) ([]string, bool) {
|
||||||
|
b := make([]string, len(a))
|
||||||
|
for i, v := range a {
|
||||||
|
w, ok := v.(string)
|
||||||
|
if !ok {
|
||||||
|
return nil, false
|
||||||
|
}
|
||||||
|
b[i] = w
|
||||||
|
}
|
||||||
|
return b, true
|
||||||
|
}
|
||||||
|
|
||||||
func Valid(username, token string, keys []map[string]interface{}) ([]string, []string, error) {
|
func Valid(username, token string, keys []map[string]interface{}) ([]string, []string, error) {
|
||||||
tok, err := jwt.Parse(token, func(t *jwt.Token) (interface{}, error) {
|
tok, err := jwt.Parse(token, func(t *jwt.Token) (interface{}, error) {
|
||||||
return getKey(t.Header, keys)
|
return getKey(t.Header, keys)
|
||||||
|
@ -124,8 +136,15 @@ func Valid(username, token string, keys []map[string]interface{}) ([]string, []s
|
||||||
switch a := a.(type) {
|
switch a := a.(type) {
|
||||||
case string:
|
case string:
|
||||||
aud = []string{a}
|
aud = []string{a}
|
||||||
case []string:
|
case []interface{}:
|
||||||
aud = a
|
aud, ok = toStringArray(a)
|
||||||
|
if !ok {
|
||||||
|
return nil, nil,
|
||||||
|
errors.New("invalid 'aud' field")
|
||||||
|
}
|
||||||
|
default:
|
||||||
|
return nil, nil,
|
||||||
|
errors.New("invalid 'aud' field")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -136,15 +155,11 @@ func Valid(username, token string, keys []map[string]interface{}) ([]string, []s
|
||||||
return nil, nil,
|
return nil, nil,
|
||||||
errors.New("invalid 'permissions' field")
|
errors.New("invalid 'permissions' field")
|
||||||
}
|
}
|
||||||
perms = make([]string, len(pp))
|
perms, ok = toStringArray(pp)
|
||||||
for i, v := range pp {
|
|
||||||
w, ok := v.(string)
|
|
||||||
if !ok {
|
if !ok {
|
||||||
return nil, nil,
|
return nil, nil,
|
||||||
errors.New("invalid 'permissions' field")
|
errors.New("invalid 'permissions' field")
|
||||||
}
|
}
|
||||||
perms[i] = w
|
|
||||||
}
|
|
||||||
}
|
}
|
||||||
return aud, perms, nil
|
return aud, perms, nil
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue