Signed-off-by: Gabriel Robertson <overminddl1@gmail.com>
This commit is contained in:
OvermindDL1
Lauris BH
parent
364c029246
commit
07af31d004
2 changed files with 32 additions and 4 deletions
6
Gopkg.lock
generated
6
Gopkg.lock
generated
|
|
@ -547,7 +547,7 @@
|
|||
revision = "e3534c89ef969912856dfa39e56b09e58c5f5daf"
|
||||
|
||||
[[projects]]
|
||||
digest = "1:fb22af9d8c1a6166ad299705648db460ba2c28a830f7f6cdd830019d7c3fd96f"
|
||||
digest = "1:23f75ae90fcc38dac6fad6881006ea7d0f2c78db5f9f81f3df558dc91460e61f"
|
||||
name = "github.com/markbates/goth"
|
||||
packages = [
|
||||
".",
|
||||
|
|
@ -562,8 +562,8 @@
|
|||
"providers/twitter",
|
||||
]
|
||||
pruneopts = "NUT"
|
||||
revision = "4933f155d89c3c52ab4ca545c6602cf4a1e87913"
|
||||
version = "1.45.5"
|
||||
revision = "f9c6649ab984d6ea71ef1e13b7b1cdffcf4592d3"
|
||||
version = "v1.46.1"
|
||||
|
||||
[[projects]]
|
||||
digest = "1:3ef954101983406a71171c4dc816a73e01bb3de608b3dd063627aa67a459f3e3"
|
||||
|
|
|
|||
30
vendor/github.com/markbates/goth/providers/openidConnect/openidConnect.go
generated
vendored
30
vendor/github.com/markbates/goth/providers/openidConnect/openidConnect.go
generated
vendored
|
|
@ -200,7 +200,17 @@ func (p *Provider) RefreshToken(refreshToken string) (*oauth2.Token, error) {
|
|||
func (p *Provider) validateClaims(claims map[string]interface{}) (time.Time, error) {
|
||||
audience := getClaimValue(claims, []string{audienceClaim})
|
||||
if audience != p.ClientKey {
|
||||
return time.Time{}, errors.New("audience in token does not match client key")
|
||||
found := false
|
||||
audiences := getClaimValues(claims, []string{audienceClaim})
|
||||
for _, aud := range audiences {
|
||||
if aud == p.ClientKey {
|
||||
found = true
|
||||
break
|
||||
}
|
||||
}
|
||||
if !found {
|
||||
return time.Time{}, errors.New("audience in token does not match client key")
|
||||
}
|
||||
}
|
||||
|
||||
issuer := getClaimValue(claims, []string{issuerClaim})
|
||||
|
|
@ -355,6 +365,24 @@ func getClaimValue(data map[string]interface{}, claims []string) string {
|
|||
return ""
|
||||
}
|
||||
|
||||
func getClaimValues(data map[string]interface{}, claims []string) []string {
|
||||
var result []string
|
||||
|
||||
for _, claim := range claims {
|
||||
if value, ok := data[claim]; ok {
|
||||
if stringValues, ok := value.([]interface{}); ok {
|
||||
for _, stringValue := range stringValues {
|
||||
if s, ok := stringValue.(string); ok && len(s) > 0 {
|
||||
result = append(result, s)
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
return result
|
||||
}
|
||||
|
||||
// decodeJWT decodes a JSON Web Token into a simple map
|
||||
// http://openid.net/specs/draft-jones-json-web-token-07.html
|
||||
func decodeJWT(jwt string) (map[string]interface{}, error) {
|
||||
|
|
|
|||
Loading…
Reference in a new issue