TheArchive/zitadel
1
0
Fork 0
mirror of https://github.com/zitadel/zitadel.git synced 2025-08-11 21:47:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: token verification (don't cache zitadel id system wide) (#3542)

Browse Source
This commit is contained in:
Livio Amstutz
2022-04-29 14:16:23 +02:00
committed by GitHub
parent a3fb49db2c
commit dc7fdb240b
2 changed files with 2 additions and 10 deletions
Download Patch File Download Diff File Expand all files Collapse all files

8
internal/authz/repository/eventsourcing/eventstore/token_verifier.go
View File

@@ -90,7 +90,7 @@ func (repo *TokenVerifierRepo) VerifyAccessToken(ctx context.Context, tokenStrin
return token.UserID, "", "", "", token.ResourceOwner, nil
}
for _, aud := range token.Audience {
if verifierClientID == aud || projectID == aud {
if verifierClientID == aud || projectID == aud || authz.GetInstance(ctx).ProjectID() == aud {
return token.UserID, token.UserAgentID, token.ApplicationID, token.PreferredLanguage, token.ResourceOwner, nil
}
}
@@ -236,11 +236,7 @@ func (repo *TokenVerifierRepo) VerifierClientID(ctx context.Context, appName str
ctx, span := tracing.NewSpan(ctx)
defer func() { span.EndWithError(err) }()
iam, err := repo.Query.Instance(ctx)
if err != nil {
return "", "", err
}
app, err := repo.View.ApplicationByProjecIDAndAppName(ctx, iam.IAMProjectID, appName)
app, err := repo.View.ApplicationByProjecIDAndAppName(ctx, authz.GetInstance(ctx).ProjectID(), appName)
if err != nil {
return "", "", err
}