feat: check if org exists (#480)

* feat: check if org exists * feat: check if org exists * Update internal/authz/repository/eventsourcing/eventstore/token_verifier.go Co-authored-by: Silvan <silvan.reusser@gmail.com> * fix: err handling Co-authored-by: Silvan <silvan.reusser@gmail.com>
2025-08-12 00:07:36 +00:00 · 2020-07-16 13:27:36 +02:00
parent 423b86a03b
commit 5e00f1c9db
10 changed files with 152 additions and 0 deletions
--- a/internal/api/authz/context.go
+++ b/internal/api/authz/context.go
@@ -2,6 +2,7 @@ package authz

 import (
 	"context"
+	"github.com/caos/zitadel/internal/errors"

 	"github.com/caos/logging"
 )
@@ -33,6 +34,10 @@ type Grant struct {
 }

 func VerifyTokenAndWriteCtxData(ctx context.Context, token, orgID string, t *TokenVerifier, method string) (_ context.Context, err error) {
+	err = t.ExistsOrg(ctx, orgID)
+	if err != nil {
+		return nil, errors.ThrowPermissionDenied(nil, "AUTH-Bs7Ds", "Organisation doesn't exist")
+	}
 	userID, clientID, agentID, err := verifyAccessToken(ctx, token, t, method)
 	if err != nil {
 		return nil, err