topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

Fix: update OAuth2 state storage initialization and state token encoding

pull/6388/head
hnolde 4 weeks ago
parent
96fe363ee5
commit
7e3acf26b4
1 changed files with 2 additions and 2 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 4
      src/api/admin.rs

4
src/api/admin.rs
View File

@ -106,7 +106,7 @@ static CAN_BACKUP: LazyLock<bool> =
static CAN_BACKUP: LazyLock<bool> = LazyLock::new(|| false); static CAN_BACKUP: LazyLock<bool> = LazyLock::new(|| false);
// OAuth2 state storage for CSRF protection (state -> expiration timestamp) // OAuth2 state storage for CSRF protection (state -> expiration timestamp)
static OAUTH2_STATES: LazyLock<RwLock<HashMap<String, u64>>> = static OAUTH2_STATES: LazyLock<RwLock<HashMap<String, u64>>> =
LazyLock::new(|| RwLock::new(HashMap::new())); LazyLock::new(|| RwLock::new(HashMap::new()));
#[get("/")] #[get("/")]
@ -370,7 +370,7 @@ fn oauth2_authorize(_token: AdminToken) -> Result<Redirect, Error> {
let scopes = CONFIG.smtp_oauth2_scopes(); let scopes = CONFIG.smtp_oauth2_scopes();
// Generate a random state token for CSRF protection // Generate a random state token for CSRF protection
let state = crate::crypto::encode_random_bytes::<32>(BASE64URL_NOPAD); let state = crate::crypto::encode_random_bytes::<32>(&BASE64URL_NOPAD);
// Store state with expiration (10 minutes from now) // Store state with expiration (10 minutes from now)
let expiration = SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() + 600; let expiration = SystemTime::now().duration_since(UNIX_EPOCH).unwrap().as_secs() + 600;

Write Preview
Loading…
Cancel
Save