jfinn
/
jitsi_app_c0
Прати 1
Волим 0
Креирај огранак 0
Код Дискусије 0 Захтеви за спајање 0 Издања 0 Вики Activity
Преглед изворни кода

allow wildcard in token issuer verification

master
slauth пре 5 година
родитељ
2a01d3550c
комит
9742e90bb5
1 измењених фајлова са 13 додато и 7 уклоњено
Један поглед Покажи статистику Diff
  1. 13
    7
      resources/prosody-plugins/token/util.lib.lua

+ 13
- 7
resources/prosody-plugins/token/util.lib.lua Прегледај датотеку

142 
 end
 142 
 end
143
143
144 
 --- Verifies issuer part of token
 144 
 --- Verifies issuer part of token
145 
+-- @param 'issClaim' claim from the token to verify
145 
 -- @param 'acceptedIssuers' list of issuers to check
 146 
 -- @param 'acceptedIssuers' list of issuers to check
146 
 -- @return nil and error string or true for accepted claim
 147 
 -- @return nil and error string or true for accepted claim
147 
 function Util:verify_issuer(issClaim, acceptedIssuers)
 148 
 function Util:verify_issuer(issClaim, acceptedIssuers)
148 
     if not acceptedIssuers then
 149 
     if not acceptedIssuers then
149 
         acceptedIssuers = self.acceptedIssuers
 150 
         acceptedIssuers = self.acceptedIssuers
150 
     end
 151 
     end
151 
-    module:log("debug","verify_issuer claim: %s against accepted: %s",issClaim, acceptedIssuers);
152 
+    module:log("debug", "verify_issuer claim: %s against accepted: %s", issClaim, acceptedIssuers);
152 
     for i, iss in ipairs(acceptedIssuers) do
 153 
     for i, iss in ipairs(acceptedIssuers) do
154 
+        if iss == '*' then
155 
+            -- "*" indicates to accept any issuer in the claims so return success
156 
+            return true;
157 
+        end
153 
         if issClaim == iss then
 158 
         if issClaim == iss then
154 
-            --claim matches an accepted issuer so return success
159 
+            -- claim matches an accepted issuer so return success
155 
             return true;
 160 
             return true;
156 
         end
 161 
         end
157 
     end
 162 
     end
158 
-    --if issClaim not found in acceptedIssuers, fail claim
163 
+    -- if issClaim not found in acceptedIssuers, fail claim
159 
     return nil, "Invalid issuer ('iss' claim)";
 164 
     return nil, "Invalid issuer ('iss' claim)";
160 
 end
 165 
 end
161
166
162 
 --- Verifies audience part of token
 167 
 --- Verifies audience part of token
168 
+-- @param 'audClaim' claim from the token to verify
163 
 -- @return nil and error string or true for accepted claim
 169 
 -- @return nil and error string or true for accepted claim
164 
 function Util:verify_audience(audClaim)
 170 
 function Util:verify_audience(audClaim)
165 
-    module:log("debug","verify_audience claim: %s against accepted: %s",audClaim, self.acceptedAudiences);
171 
+    module:log("debug", "verify_audience claim: %s against accepted: %s", audClaim, self.acceptedAudiences);
166 
     for i, aud in ipairs(self.acceptedAudiences) do
 172 
     for i, aud in ipairs(self.acceptedAudiences) do
167 
         if aud == '*' then
 173 
         if aud == '*' then
168 
-            --* indicates to accept any audience in the claims so return success
174 
+            -- "*" indicates to accept any audience in the claims so return success
169 
             return true;
 175 
             return true;
170 
         end
 176 
         end
171 
         if audClaim == aud then
 177 
         if audClaim == aud then
172 
-            --claim matches an accepted audience so return success
178 
+            -- claim matches an accepted audience so return success
173 
             return true;
 179 
             return true;
174 
         end
 180 
         end
175 
     end
 181 
     end
176 
-    --if issClaim not found in acceptedIssuers, fail claim
182 
+    -- if audClaim not found in acceptedAudiences, fail claim
177 
     return nil, "Invalid audience ('aud' claim)";
 183 
     return nil, "Invalid audience ('aud' claim)";
178 
 end
 184 
 end
179
185

Write Preview
Loading…
Откажи
Сачувај