fix(auth): fix JWT verification

This commit is contained in:
liushuyu 2022-11-27 17:02:05 -07:00
parent 7b8bf579f2
commit 61a7db2005
No known key found for this signature in database
GPG key ID: 23D1CE4534419437
2 changed files with 7 additions and 4 deletions

View file

@ -2,8 +2,6 @@
//! //!
//! Contains Config structures, as well as means of serialising them. //! Contains Config structures, as well as means of serialising them.
use std::collections::HashSet;
use toml; use toml;
use toml::de::Error as TomlError; use toml::de::Error as TomlError;
@ -68,7 +66,7 @@ pub struct PackageDescription {
/// Configuration for validating the JWT token /// Configuration for validating the JWT token
#[derive(Debug, Serialize, Deserialize, Clone)] #[derive(Debug, Serialize, Deserialize, Clone)]
pub struct JWTValidation { pub struct JWTValidation {
pub iss: Option<HashSet<String>>, pub iss: Option<String>,
// This can technically be a Vec as well, but thats a pain to support atm // This can technically be a Vec as well, but thats a pain to support atm
pub aud: Option<String>, pub aud: Option<String>,
} }

View file

@ -2,6 +2,7 @@
//! //!
//! Provides mechanisms to authenticate users using JWT. //! Provides mechanisms to authenticate users using JWT.
use std::collections::HashSet;
use std::sync::Arc; use std::sync::Arc;
use futures::{Future, Stream}; use futures::{Future, Stream};
@ -142,7 +143,11 @@ pub fn validate_token(
let mut validation = match validation { let mut validation = match validation {
Some(v) => { Some(v) => {
let mut valid = Validation::new(Algorithm::RS256); let mut valid = Validation::new(Algorithm::RS256);
valid.iss = v.iss; valid.iss = v.iss.map(|iss| {
let mut issuer = HashSet::new();
issuer.insert(iss);
issuer
});
if let &Some(ref v) = &v.aud { if let &Some(ref v) = &v.aud {
valid.set_audience(&[v]); valid.set_audience(&[v]);
} }