1
0
mirror of https://github.com/hrfee/jfa-go.git synced 2024-12-22 17:10:10 +00:00

auth: fix "ok" issue

the "ok" returned when the JWT claims are read was being overridden with
"false" before it could be checked.
This commit is contained in:
Harvey Tindall 2023-06-15 21:59:34 +01:00
parent 918f8816c5
commit 81372d6a6b
Signed by: hrfee
GPG Key ID: BBC65952848FB1A2

View File

@ -69,17 +69,19 @@ func (app *appContext) decodeValidateAuthHeader(gc *gin.Context) (claims jwt.Map
respond(401, "Unauthorized", gc) respond(401, "Unauthorized", gc)
return return
} }
ok = false
expiryUnix := int64(claims["exp"].(float64)) expiryUnix := int64(claims["exp"].(float64))
if err != nil { if err != nil {
app.debug.Printf("Auth denied: %s", err) app.debug.Printf("Auth denied: %s", err)
respond(401, "Unauthorized", gc) respond(401, "Unauthorized", gc)
ok = false
return return
} }
expiry := time.Unix(expiryUnix, 0) expiry := time.Unix(expiryUnix, 0)
if !(ok && token.Valid && claims["type"].(string) == "bearer" && expiry.After(time.Now())) { if !(ok && token.Valid && claims["type"].(string) == "bearer" && expiry.After(time.Now())) {
app.debug.Printf("Auth denied: Invalid token") app.debug.Printf("Auth denied: Invalid token")
// app.debug.Printf("Expiry: %+v, OK: %t, Valid: %t, ClaimType: %s\n", expiry, ok, token.Valid, claims["type"].(string))
respond(401, "Unauthorized", gc) respond(401, "Unauthorized", gc)
ok = false
return return
} }
ok = true ok = true
@ -256,13 +258,14 @@ func (app *appContext) decodeValidateRefreshCookie(gc *gin.Context) (claims jwt.
if err != nil { if err != nil {
app.debug.Printf("getTokenRefresh: Invalid token expiry: %s", err) app.debug.Printf("getTokenRefresh: Invalid token expiry: %s", err)
respond(401, "Invalid token", gc) respond(401, "Invalid token", gc)
ok = false
return return
} }
ok = false
expiry := time.Unix(expiryUnix, 0) expiry := time.Unix(expiryUnix, 0)
if !(ok && token.Valid && claims["type"].(string) == "refresh" && expiry.After(time.Now())) { if !(ok && token.Valid && claims["type"].(string) == "refresh" && expiry.After(time.Now())) {
app.debug.Printf("getTokenRefresh: Invalid token: %s", err) app.debug.Printf("getTokenRefresh: Invalid token: %+v", err)
respond(401, "Invalid token", gc) respond(401, "Invalid token", gc)
ok = false
return return
} }
ok = true ok = true