fix linter errors, error out if jwt does not contain a key id
This commit is contained in:
parent
e7a2501fe8
commit
b22a9781a2
1 changed files with 17 additions and 3 deletions
20
oidc.go
20
oidc.go
|
@ -94,7 +94,7 @@ func verifyToken(token string) (*AccessToken, error) {
|
||||||
}
|
}
|
||||||
|
|
||||||
} else {
|
} else {
|
||||||
return nil, err
|
return nil, errors.New("JWT does not contain a key id")
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
|
@ -200,6 +200,13 @@ func (h *Headscale) RegisterOIDC(c *gin.Context) {
|
||||||
|
|
||||||
b := make([]byte, 16)
|
b := make([]byte, 16)
|
||||||
_, err = rand.Read(b)
|
_, err = rand.Read(b)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
log.Error().Msg("could not read 16 bytes from rand")
|
||||||
|
c.String(http.StatusInternalServerError, "could not read 16 bytes from rand")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
stateStr := hex.EncodeToString(b)[:32]
|
stateStr := hex.EncodeToString(b)[:32]
|
||||||
|
|
||||||
// init the state cache if it hasn't been already
|
// init the state cache if it hasn't been already
|
||||||
|
@ -281,6 +288,13 @@ func (h *Headscale) OIDCCallback(c *gin.Context) {
|
||||||
ns, err := h.GetNamespace(claims.Email)
|
ns, err := h.GetNamespace(claims.Email)
|
||||||
if err != nil {
|
if err != nil {
|
||||||
ns, err = h.CreateNamespace(claims.Email)
|
ns, err = h.CreateNamespace(claims.Email)
|
||||||
|
|
||||||
|
if err != nil {
|
||||||
|
log.Error().Msgf("could not create new namespace '%s'", claims.Email)
|
||||||
|
c.String(http.StatusInternalServerError, "could not create new namespace")
|
||||||
|
return
|
||||||
|
}
|
||||||
|
|
||||||
}
|
}
|
||||||
|
|
||||||
ip, err := h.getAvailableIP()
|
ip, err := h.getAvailableIP()
|
||||||
|
@ -301,10 +315,10 @@ func (h *Headscale) OIDCCallback(c *gin.Context) {
|
||||||
<body>
|
<body>
|
||||||
<h1>headscale</h1>
|
<h1>headscale</h1>
|
||||||
<p>
|
<p>
|
||||||
Authenticated, you can now close this window.
|
Authenticated as %s, you can now close this window.
|
||||||
</p>
|
</p>
|
||||||
</body>
|
</body>
|
||||||
</html>
|
</html>
|
||||||
|
|
||||||
`)))
|
`, claims.Email)))
|
||||||
}
|
}
|
||||||
|
|
Loading…
Reference in a new issue