Mirrors/sftpgo
1
0
Fork 0
mirror of https://github.com/drakkan/sftpgo.git synced 2025-12-07 14:50:55 +03:00
Code Issues Packages Projects Releases Wiki Activity

add experimental plugin system

Browse Source
This commit is contained in:
Nicola Murino
2021-07-11 15:26:51 +02:00
parent bfa4085932
commit bd5191dfc5
101 changed files with 3190 additions and 1612 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
httpd/middleware.go
View File

@@ -10,7 +10,7 @@ import (
"github.com/lestrrat-go/jwx/jwt"
"github.com/drakkan/sftpgo/v2/logger"
"github.com/drakkan/sftpgo/v2/utils"
"github.com/drakkan/sftpgo/v2/util"
)
var (
@@ -58,7 +58,7 @@ func validateJWTToken(w http.ResponseWriter, r *http.Request, audience tokenAudi
}
return errInvalidToken
}
if !utils.IsStringInSlice(audience, token.Audience()) {
if !util.IsStringInSlice(audience, token.Audience()) {
logger.Debug(logSender, "", "the token is not valid for audience %#v", audience)
if isAPIToken {
sendAPIResponse(w, r, nil, "Your token audience is not valid", http.StatusUnauthorized)
@@ -192,7 +192,7 @@ func verifyCSRFHeader(next http.Handler) http.Handler {
return
}
if !utils.IsStringInSlice(tokenAudienceCSRF, token.Audience()) {
if !util.IsStringInSlice(tokenAudienceCSRF, token.Audience()) {
logger.Debug(logSender, "", "error validating CSRF header audience")
sendAPIResponse(w, r, errors.New("the token is not valid"), "", http.StatusForbidden)
return