mirror of
				https://github.com/juanfont/headscale.git
				synced 2025-10-24 21:51:22 +02:00 
			
		
		
		
	fix linter errors, error out if jwt does not contain a key id
This commit is contained in:
		
							parent
							
								
									e7a2501fe8
								
							
						
					
					
						commit
						b22a9781a2
					
				
							
								
								
									
										20
									
								
								oidc.go
									
									
									
									
									
								
							
							
						
						
									
										20
									
								
								oidc.go
									
									
									
									
									
								
							| @ -94,7 +94,7 @@ func verifyToken(token string) (*AccessToken, error) { | |||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
| 	} else { | 	} else { | ||||||
| 		return nil, err | 		return nil, errors.New("JWT does not contain a key id") | ||||||
| 	} | 	} | ||||||
| } | } | ||||||
| 
 | 
 | ||||||
| @ -200,6 +200,13 @@ func (h *Headscale) RegisterOIDC(c *gin.Context) { | |||||||
| 
 | 
 | ||||||
| 	b := make([]byte, 16) | 	b := make([]byte, 16) | ||||||
| 	_, err = rand.Read(b) | 	_, err = rand.Read(b) | ||||||
|  | 
 | ||||||
|  | 	if err != nil { | ||||||
|  | 		log.Error().Msg("could not read 16 bytes from rand") | ||||||
|  | 		c.String(http.StatusInternalServerError, "could not read 16 bytes from rand") | ||||||
|  | 		return | ||||||
|  | 	} | ||||||
|  | 
 | ||||||
| 	stateStr := hex.EncodeToString(b)[:32] | 	stateStr := hex.EncodeToString(b)[:32] | ||||||
| 
 | 
 | ||||||
| 	// init the state cache if it hasn't been already | 	// init the state cache if it hasn't been already | ||||||
| @ -281,6 +288,13 @@ func (h *Headscale) OIDCCallback(c *gin.Context) { | |||||||
| 		ns, err := h.GetNamespace(claims.Email) | 		ns, err := h.GetNamespace(claims.Email) | ||||||
| 		if err != nil { | 		if err != nil { | ||||||
| 			ns, err = h.CreateNamespace(claims.Email) | 			ns, err = h.CreateNamespace(claims.Email) | ||||||
|  | 
 | ||||||
|  | 			if err != nil { | ||||||
|  | 				log.Error().Msgf("could not create new namespace '%s'", claims.Email) | ||||||
|  | 				c.String(http.StatusInternalServerError, "could not create new namespace") | ||||||
|  | 				return | ||||||
|  | 			} | ||||||
|  | 
 | ||||||
| 		} | 		} | ||||||
| 
 | 
 | ||||||
| 		ip, err := h.getAvailableIP() | 		ip, err := h.getAvailableIP() | ||||||
| @ -301,10 +315,10 @@ func (h *Headscale) OIDCCallback(c *gin.Context) { | |||||||
| <body> | <body> | ||||||
| <h1>headscale</h1> | <h1>headscale</h1> | ||||||
| <p> | <p> | ||||||
|     Authenticated, you can now close this window. |     Authenticated as %s, you can now close this window. | ||||||
| </p> | </p> | ||||||
| </body> | </body> | ||||||
| </html> | </html> | ||||||
| 
 | 
 | ||||||
| `))) | `, claims.Email))) | ||||||
| } | } | ||||||
|  | |||||||
		Loading…
	
	
			
			x
			
			
		
	
		Reference in New Issue
	
	Block a user