topaLE
/
vaultwarden
mirror of https://github.com/dani-garcia/vaultwarden
1
0
Fork 0
Code Issues Projects Releases Wiki Activity
Browse Source

make PublicToken support multi-domains

pull/3870/merge^2
BlockListed 2 years ago
parent
901bf570bf
commit
df524c7139
No known key found for this signature in database GPG Key ID: 2D204777C477B588
1 changed files with 5 additions and 3 deletions
Whitespace
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Unified View
Diff Options
Show Stats Download Patch File Download Diff File
  1. 8
      src/api/core/public.rs

8
src/api/core/public.rs
View File

@ -217,11 +217,13 @@ impl<'r> FromRequest<'r> for PublicToken {
err_handler!("Token expired"); err_handler!("Token expired");
} }
// Check if claims.iss is host|claims.scope[0] // Check if claims.iss is host|claims.scope[0]
let host = match auth::Host::from_request(request).await { let host_info = match auth::HostInfo::from_request(request).await {
Outcome::Success(host) => host, Outcome::Success(host_info) => host_info,
_ => err_handler!("Error getting Host"), _ => err_handler!("Error getting Host"),
}; };
let complete_host = format!("{}|{}", host.host, claims.scope[0]); // TODO check if this is fine
// using origin, because that's what they're generated with in auth.rs
let complete_host = format!("{}|{}", host_info.origin, claims.scope[0]);
if complete_host != claims.iss { if complete_host != claims.iss {
err_handler!("Token not issued by this server"); err_handler!("Token not issued by this server");
} }

Write Preview
Loading…
Cancel
Save