usememos/memos
1
1
Fork 0
mirror of https://github.com/usememos/memos.git synced 2024-12-20 09:41:58 +03:00
Code Issues Packages Projects Releases Wiki Activity

fix: validate access token (#1867)

Browse Source 
* fix/to_valid_token

* eslint

* revert

* Update server/jwt.go

---------

Co-authored-by: boojack <stevenlgtm@gmail.com>
This commit is contained in:
CorrectRoadH 2023-06-30 22:59:52 +08:00 committed by GitHub
parent 63d6b6f9f9
commit c9aa2eeb98
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 5 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

5
server/jwt.go
View File

@ -111,6 +111,11 @@ func JWTMiddleware(server *Server, next echo.HandlerFunc, secret string) echo.Ha
} }
return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"]) return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"])
}) })
if !accessToken.Valid {
return echo.NewHTTPError(http.StatusUnauthorized, "Invalid access token.")
}
if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) { if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName)) return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
} }