mirror of
https://github.com/usememos/memos.git
synced 2025-06-05 22:09:59 +02:00
fix: validate access token (#1867)
* fix/to_valid_token * eslint * revert * Update server/jwt.go --------- Co-authored-by: boojack <stevenlgtm@gmail.com>
This commit is contained in:
CorrectRoadH
GitHub
@ -111,6 +111,11 @@ func JWTMiddleware(server *Server, next echo.HandlerFunc, secret string) echo.Ha
|
|||||||
}
|
}
|
||||||
return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"])
|
return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"])
|
||||||
})
|
})
|
||||||
|
|
||||||
|
if !accessToken.Valid {
|
||||||
|
return echo.NewHTTPError(http.StatusUnauthorized, "Invalid access token.")
|
||||||
|
}
|
||||||
|
|
||||||
if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
|
if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
|
||||||
return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
|
return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
|
||||||
}
|
}
|
||||||
|
|||||||
Reference in New Issue
Block a user