TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2024-12-13 03:24:26 +00:00
Code Issues Packages Projects Releases Wiki Activity

feat: permissin denied (#411)

Browse Source
This commit is contained in:
Fabi 2020-07-09 09:31:29 +02:00 committed by GitHub
parent c73875afbb
commit 740bab7f59
No known key found for this signature in database
GPG Key ID: 4AEE18F83AFDEB23
1 changed files with 4 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
internal/authz/repository/eventsourcing/eventstore/token_verifier.go
View File

@ -22,14 +22,14 @@ func (repo *TokenVerifierRepo) VerifyAccessToken(ctx context.Context, tokenStrin
//TODO: use real key
tokenID, err := crypto.DecryptAESString(tokenString, string(repo.TokenVerificationKey[:32]))
if err != nil {
return "", "", caos_errs.ThrowPermissionDenied(nil, "APP-8EF0zZ", "invalid token")
return "", "", caos_errs.ThrowUnauthenticated(nil, "APP-8EF0zZ", "invalid token")
}
token, err := repo.View.TokenByID(tokenID)
if err != nil {
return "", "", caos_errs.ThrowPermissionDenied(err, "APP-BxUSiL", "invalid token")
return "", "", caos_errs.ThrowUnauthenticated(err, "APP-BxUSiL", "invalid token")
}
if !token.Expiration.After(time.Now().UTC()) {
return "", "", caos_errs.ThrowPermissionDenied(err, "APP-k9KS0", "invalid token")
return "", "", caos_errs.ThrowUnauthenticated(err, "APP-k9KS0", "invalid token")
}
for _, aud := range token.Audience {
@ -37,7 +37,7 @@ func (repo *TokenVerifierRepo) VerifyAccessToken(ctx context.Context, tokenStrin
return token.UserID, token.UserAgentID, nil
}
}
return "", "", caos_errs.ThrowPermissionDenied(nil, "APP-Zxfako", "invalid audience")
return "", "", caos_errs.ThrowUnauthenticated(nil, "APP-Zxfako", "invalid audience")
}
func (repo *TokenVerifierRepo) ProjectIDByClientID(ctx context.Context, clientID string) (projectID string, err error) {