Docker/planka
Docker/planka
1
0
Fork 0
mirror of https://github.com/plankanban/planka.git synced 2025-07-19 13:19:44 +02:00
Code Issues Releases Activity

feat: Improve OIDC support for strict providers (#824)

Browse source
This commit is contained in:
aleb_the_flash 2024-07-16 12:19:27 +02:00 committed by GitHub
parent 8d74cc1732
commit ad2966c5d6
No known key found for this signature in database
GPG key ID: B5690EEEBB952194
5 changed files with 34 additions and 6 deletions
Download patch file Download diff file Expand all files Collapse all files

7
server/api/controllers/access-tokens/exchange-using-oidc.js
View file

@ -13,6 +13,9 @@ const Errors = {
MISSING_VALUES: {
missingValues: 'Unable to retrieve required values (email, name)',
},
INVALID_USERINFO_SIGNATURE: {
invalidUserInfoSignature: "Invalid signature on userInfo due to client misconfiguration"
}
};
module.exports = {
@ -40,6 +43,9 @@ module.exports = {
missingValues: {
responseType: 'unprocessableEntity',
},
invalidUserInfoSignature: {
responseType: 'unauthorized',
},
},
async fn(inputs) {
@ -51,6 +57,7 @@ module.exports = {
sails.log.warn(`Invalid code or nonce! (IP: ${remoteAddress})`);
return Errors.INVALID_CODE_OR_NONCE;
})
.intercept('invalidUserInfoSignature', () => Errors.INVALID_USERINFO_SIGNATURE)
.intercept('emailAlreadyInUse', () => Errors.EMAIL_ALREADY_IN_USE)
.intercept('usernameAlreadyInUse', () => Errors.USERNAME_ALREADY_IN_USE)
.intercept('missingValues', () => Errors.MISSING_VALUES);