Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-08 07:10:56 +03:00
Code Issues Packages Projects Releases Wiki Activity

WIP new WebAdmin: profile, change password, message pages

Browse Source 
Signed-off-by: Nicola Murino <nicola.murino@gmail.com>
This commit is contained in:
Nicola Murino
2024-01-18 19:18:57 +01:00
parent 87451560e3
commit 91802fad3e
19 changed files with 359 additions and 393 deletions
Download Patch File Download Diff File Expand all files Collapse all files

11
internal/httpd/auth_utils.go
View File

@@ -440,18 +440,21 @@ func verifyOAuth2Token(tokenString, ip string) (string, error) {
token, err := jwtauth.VerifyToken(csrfTokenAuth, tokenString)
if err != nil || token == nil {
logger.Debug(logSender, "", "error validating OAuth2 token %q: %v", tokenString, err)
return "", fmt.Errorf("unable to verify OAuth2 state: %v", err)
return "", util.NewI18nError(
fmt.Errorf("unable to verify OAuth2 state: %v", err),
util.I18nOAuth2ErrorVerifyState,
)
}
if !util.Contains(token.Audience(), tokenAudienceOAuth2) {
logger.Debug(logSender, "", "error validating OAuth2 token audience")
return "", errors.New("invalid OAuth2 state")
return "", util.NewI18nError(errors.New("invalid OAuth2 state"), util.I18nOAuth2InvalidState)
}
if tokenValidationMode != tokenValidationNoIPMatch {
if !util.Contains(token.Audience(), ip) {
logger.Debug(logSender, "", "error validating OAuth2 token IP audience")
return "", errors.New("invalid OAuth2 state")
return "", util.NewI18nError(errors.New("invalid OAuth2 state"), util.I18nOAuth2InvalidState)
}
}
if val, ok := token.Get(jwt.JwtIDKey); ok {
@@ -460,5 +463,5 @@ func verifyOAuth2Token(tokenString, ip string) (string, error) {
}
}
logger.Debug(logSender, "", "jti not found in OAuth2 token")
return "", errors.New("invalid OAuth2 state")
return "", util.NewI18nError(errors.New("invalid OAuth2 state"), util.I18nOAuth2InvalidState)
}