Skip to content

Commit

Permalink
fix: use correct JWT claims variable type when parsing token
Browse files Browse the repository at this point in the history
  • Loading branch information
@activeshadow
activeshadow committed Jun 14, 2024
1 parent 240fa9b commit 7583fcd
Show file tree
Hide file tree
Showing 5 changed files with 16 additions and 18 deletions.
10 changes: 5 additions & 5 deletions src/go/tunneler/main.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -97,13 +97,13 @@ var serveCmd = &cobra.Command{
return fmt.Errorf("unable to get --use-cookie flag")
}

var claims jwt.MapClaims

_, _, err = new(jwt.Parser).ParseUnverified(token, &claims)
token, _, err := new(jwt.Parser).ParseUnverified(token, jwt.MapClaims{})
if err != nil {
return fmt.Errorf("parsing phenix auth token for username: %w", err)
}

claims := token.Claims.(jwt.MapClaims)

username, err = jwtutil.UsernameFromClaims(claims)
if err != nil {
return fmt.Errorf("username missing from token")
Expand All @@ -113,10 +113,10 @@ var serveCmd = &cobra.Command{
return fmt.Errorf("validating token expiration: %w", err)
}

headers.Set("X-phenix-auth-token", "Bearer "+token)
headers.Set("X-phenix-auth-token", fmt.Sprintf("Bearer %s", token.Raw))

if cookie != "" {
headers.Set("Cookie", fmt.Sprintf("%s=%s", cookie, token))
headers.Set("Cookie", fmt.Sprintf("%s=%s", cookie, token.Raw))
}
} else if username != "" {
fmt.Printf("Password for %s: ", username)
Expand Down
8 changes: 4 additions & 4 deletions src/go/web/auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -42,9 +42,9 @@ func Signup(w http.ResponseWriter, r *http.Request) {
// Will only be present when this function is called if proxy JWT is enabled.
if userToken := ctx.Value("user"); userToken != nil {
token = userToken.(*jwt.Token)
claims := token.Claims.(*jwt.MapClaims)
claims := token.Claims.(jwt.MapClaims)

jwtUser, err := jwtutil.UsernameFromClaims(*claims)
jwtUser, err := jwtutil.UsernameFromClaims(claims)
if err != nil {
plog.Error("proxy user missing from JWT", "path", r.URL.Path, "err", err)
http.Error(w, "proxy user missing", http.StatusUnauthorized)
Expand Down Expand Up @@ -127,11 +127,11 @@ func Login(w http.ResponseWriter, r *http.Request) {
token = userToken.(*jwt.Token)

var (
claims = token.Claims.(*jwt.MapClaims)
claims = token.Claims.(jwt.MapClaims)
err error
)

user, err = jwtutil.UsernameFromClaims(*claims)
user, err = jwtutil.UsernameFromClaims(claims)
if err != nil {
plog.Error("proxy user missing from JWT", "path", r.URL.Path, "token", token.Raw, "err", err)
http.Error(w, "proxy user missing", http.StatusUnauthorized)
Expand Down
8 changes: 3 additions & 5 deletions src/go/web/middleware/auth.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -81,9 +81,7 @@ func Auth(jwtKey, proxyAuthHeader string) mux.MiddlewareFunc {
return
}

var claims jwt.MapClaims

token, _, err := new(jwt.Parser).ParseUnverified(raw, &claims)
token, _, err := new(jwt.Parser).ParseUnverified(raw, jwt.MapClaims{})
if err != nil {
plog.Error("parsing valid JWT", "token", raw, "err", err)

Expand Down Expand Up @@ -121,10 +119,10 @@ func Auth(jwtKey, proxyAuthHeader string) mux.MiddlewareFunc {

var (
token = userToken.(*jwt.Token)
claims = token.Claims.(*jwt.MapClaims)
claims = token.Claims.(jwt.MapClaims)
)

jwtUser, err := jwtutil.UsernameFromClaims(*claims)
jwtUser, err := jwtutil.UsernameFromClaims(claims)
if err != nil {
plog.Error("rejecting unauthorized request", "path", r.URL.Path, "err", err)
http.Error(w, "Forbidden", http.StatusUnauthorized)
Expand Down
2 changes: 1 addition & 1 deletion src/go/web/rbac/known_policy.go
View file

Some generated files are not rendered by default. Learn more about how customized files appear on GitHub.

6 changes: 3 additions & 3 deletions src/js/vue.config.js
View file
Original file line number Diff line number Diff line change
Expand Up @@ -5,19 +5,19 @@ module.exports = {
devServer: {
proxy: {
'/api/v1': {
target: 'http://localhost:9090',
target: 'http://localhost:3000',
changeOrigin: true,
logLevel: 'debug',
ws: true
},
'/version': {
target: 'http://localhost:9090',
target: 'http://localhost:3000',
changeOrigin: true,
logLevel: 'debug',
ws: true
},
'/features': {
target: 'http://localhost:9090',
target: 'http://localhost:3000',
changeOrigin: true,
logLevel: 'debug',
ws: true
Expand Down

0 comments on commit 7583fcd

Please sign in to comment.