Skip to content

Commit

Permalink
fix: validate access token (#1867)
Browse files Browse the repository at this point in the history 
* fix/to_valid_token

* eslint

* revert

* Update server/jwt.go

---------

Co-authored-by: boojack <stevenlgtm@gmail.com>
  • Loading branch information
@CorrectRoadH @boojack
CorrectRoadH and boojack committed Jun 30, 2023
1 parent 63d6b6f commit c9aa2ee
Showing 1 changed file with 5 additions and 0 deletions.
5 changes: 5 additions & 0 deletions server/jwt.go
View file
Expand Up @@ -111,6 +111,11 @@ func JWTMiddleware(server *Server, next echo.HandlerFunc, secret string) echo.Ha
}
return nil, errors.Errorf("unexpected access token kid=%v", t.Header["kid"])
})

if !accessToken.Valid {
return echo.NewHTTPError(http.StatusUnauthorized, "Invalid access token.")
}

if !audienceContains(claims.Audience, auth.AccessTokenAudienceName) {
return echo.NewHTTPError(http.StatusUnauthorized, fmt.Sprintf("Invalid access token, audience mismatch, got %q, expected %q.", claims.Audience, auth.AccessTokenAudienceName))
}
Expand Down

0 comments on commit c9aa2ee

Please sign in to comment.