TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:37:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: cors (#621)

Browse Source 
* fix: dont (re)generate client secret with auth type none

* fix(cors): allow Origin from request

* feat: add origin allow list and fix some core issues

* rename migration

* fix UserIDsByDomain

* check origin on userinfo

* update oidc pkg
This commit is contained in:
Livio Amstutz
2020-08-24 10:06:55 +02:00
committed by GitHub
parent 193cfb45f6
commit 4e1e8a714a
18 changed files with 128 additions and 26 deletions
Download Patch File Download Diff File Expand all files Collapse all files

9
internal/authz/repository/eventsourcing/eventstore/token_verifier.go
View File

@@ -2,12 +2,13 @@ package eventstore
import (
"context"
"time"
"github.com/caos/zitadel/internal/authz/repository/eventsourcing/view"
"github.com/caos/zitadel/internal/crypto"
caos_errs "github.com/caos/zitadel/internal/errors"
iam_event "github.com/caos/zitadel/internal/iam/repository/eventsourcing"
proj_event "github.com/caos/zitadel/internal/project/repository/eventsourcing"
"time"
)
type TokenVerifierRepo struct {
@@ -40,12 +41,12 @@ func (repo *TokenVerifierRepo) VerifyAccessToken(ctx context.Context, tokenStrin
return "", "", caos_errs.ThrowUnauthenticated(nil, "APP-Zxfako", "invalid audience")
}
func (repo *TokenVerifierRepo) ProjectIDByClientID(ctx context.Context, clientID string) (projectID string, err error) {
func (repo *TokenVerifierRepo) ProjectIDAndOriginsByClientID(ctx context.Context, clientID string) (projectID string, origins []string, err error) {
app, err := repo.View.ApplicationByOIDCClientID(clientID)
if err != nil {
return "", err
return "", nil, err
}
return app.ProjectID, nil
return app.ProjectID, app.OriginAllowList, nil
}
func (repo *TokenVerifierRepo) ExistsOrg(ctx context.Context, orgID string) error {