Spiegel von
https://github.com/dani-garcia/vaultwarden.git
synchronisiert 2024-11-21 05:00:28 +01:00
Fix public api for domains with path prefix (#4500)
Dieser Commit ist enthalten in:
Ursprung
f5fb69b64f
Commit
753a9e0bae
1 geänderte Dateien mit 2 neuen und 6 gelöschten Zeilen
|
@ -216,12 +216,8 @@ impl<'r> FromRequest<'r> for PublicToken {
|
|||
if time_now > claims.exp {
|
||||
err_handler!("Token expired");
|
||||
}
|
||||
// Check if claims.iss is host|claims.scope[0]
|
||||
let host = match auth::Host::from_request(request).await {
|
||||
Outcome::Success(host) => host,
|
||||
_ => err_handler!("Error getting Host"),
|
||||
};
|
||||
let complete_host = format!("{}|{}", host.host, claims.scope[0]);
|
||||
// Check if claims.iss is domain|claims.scope[0]
|
||||
let complete_host = format!("{}|{}", CONFIG.domain_origin(), claims.scope[0]);
|
||||
if complete_host != claims.iss {
|
||||
err_handler!("Token not issued by this server");
|
||||
}
|
||||
|
|
Laden …
In neuem Issue referenzieren