mirror of
https://github.com/dani-garcia/vaultwarden.git
synced 2024-06-08 19:32:22 +00:00
make PublicToken support multi-domains
This commit is contained in:
parent
901bf570bf
commit
df524c7139
|
@ -217,11 +217,13 @@ impl<'r> FromRequest<'r> for PublicToken {
|
||||||
err_handler!("Token expired");
|
err_handler!("Token expired");
|
||||||
}
|
}
|
||||||
// Check if claims.iss is host|claims.scope[0]
|
// Check if claims.iss is host|claims.scope[0]
|
||||||
let host = match auth::Host::from_request(request).await {
|
let host_info = match auth::HostInfo::from_request(request).await {
|
||||||
Outcome::Success(host) => host,
|
Outcome::Success(host_info) => host_info,
|
||||||
_ => err_handler!("Error getting Host"),
|
_ => err_handler!("Error getting Host"),
|
||||||
};
|
};
|
||||||
let complete_host = format!("{}|{}", host.host, claims.scope[0]);
|
// TODO check if this is fine
|
||||||
|
// using origin, because that's what they're generated with in auth.rs
|
||||||
|
let complete_host = format!("{}|{}", host_info.origin, claims.scope[0]);
|
||||||
if complete_host != claims.iss {
|
if complete_host != claims.iss {
|
||||||
err_handler!("Token not issued by this server");
|
err_handler!("Token not issued by this server");
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in New Issue
Block a user