ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-02-21 10:01:46 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge branch 'dev' of http://git.int.zerotier.com/zerotier/ZeroTierOne into dev

Browse Source
This commit is contained in:
Adam Ierymenko 2022-02-01 16:04:06 -05:00
commit 330e1de3d1
6 changed files with 238 additions and 194 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
node/Constants.hpp
View File

@ -50,9 +50,16 @@
#define __UNIX_LIKE__
#endif
#include <endian.h>
#if (defined(__amd64) || defined(__amd64__) || defined(__x86_64) || defined(__x86_64__) || defined(__AMD64) || defined(__AMD64__) || defined(_M_X64) || defined(__aarch64__))
#define OIDC_SUPPORTED 1
#else
#define OIDC_SUPPORTED 0
#endif
#endif
#ifdef __APPLE__
#define OIDC_SUPPORTED 1
#define likely(x) __builtin_expect((x),1)
#define unlikely(x) __builtin_expect((x),0)
#include <TargetConditionals.h>
@ -66,6 +73,7 @@
#endif
#if defined(__FreeBSD__) || defined(__OpenBSD__) || defined(__NetBSD__)
#define OIDC_SUPPORTED 0
#ifndef __UNIX_LIKE__
#define __UNIX_LIKE__
#endif
@ -81,6 +89,7 @@
#endif
#if defined(_WIN32) || defined(_WIN64)
#define OIDC_SUPPORTED 1
#ifndef __WINDOWS__
#define __WINDOWS__
#endif

24
service/OneService.cpp
View File

@ -53,7 +53,9 @@
#include "OneService.hpp"
#include "SoftwareUpdater.hpp"
#if OIDC_SUPPORTED
#include <zeroidc.h>
#endif
#ifdef __WINDOWS__
#include <winsock2.h>
@ -169,11 +171,13 @@ public:
this->_managedRoutes.clear();
this->_tap.reset();
#if OIDC_SUPPORTED
if (_idc) {
zeroidc::zeroidc_stop(_idc);
zeroidc::zeroidc_delete(_idc);
_idc = nullptr;
}
#endif
}
void setWebPort(unsigned int port) {
@ -251,6 +255,7 @@ public:
if (_config.ssoEnabled && _config.ssoVersion == 1) {
// fprintf(stderr, "ssoEnabled for %s\n", nwid);
#if OIDC_SUPPORTED
if (_idc == nullptr)
{
assert(_config.issuerURL != nullptr);
@ -290,6 +295,7 @@ public:
// TODO: kick the refresh thread
zeroidc::zeroidc_kick_refresh_thread(_idc);
}
#endif
}
}
@ -306,14 +312,17 @@ public:
}
const char* getAuthURL() {
#if OIDC_SUPPORTED
if (_idc != nullptr) {
return zeroidc::zeroidc_get_auth_url(_idc);
}
fprintf(stderr, "_idc is null\n");
#endif
return "";
}
const char* doTokenExchange(const char *code) {
#if OIDC_SUPPORTED
if (_idc == nullptr) {
fprintf(stderr, "ainfo or idc null\n");
return "";
@ -330,6 +339,9 @@ public:
memcpy(_config.authenticationURL, url, strlen(url));
_config.authenticationURL[strlen(url)] = 0;
return ret;
#else
return "";
#endif
}
uint64_t getExpiryTime() {
@ -337,8 +349,11 @@ public:
fprintf(stderr, "idc is null\n");
return 0;
}
#if OIDC_SUPPORTED
return zeroidc::zeroidc_get_exp_time(_idc);
#else
return 0;
#endif
}
private:
@ -348,7 +363,9 @@ private:
std::vector<InetAddress> _managedIps;
std::map< InetAddress, SharedPtr<ManagedRoute> > _managedRoutes;
OneService::NetworkSettings _settings;
#if OIDC_SUPPORTED
zeroidc::ZeroIDC *_idc;
#endif
};
namespace {
@ -1661,10 +1678,10 @@ public:
scode = _controller->handleControlPlaneHttpGET(std::vector<std::string>(ps.begin()+1,ps.end()),urlArgs,headers,body,responseBody,responseContentType);
} else scode = 404;
}
#if OIDC_SUPPORTED
} else if (ps[0] == "sso") {
// SSO redirect handling
const char* state = zeroidc::zeroidc_get_url_param_value("state", path.c_str());
const char* state = zeroidc::zeroidc_get_url_param_value("state", path.c_str());
const char* nwid = zeroidc::zeroidc_network_id_from_state(state);
const uint64_t id = Utils::hexStrToU64(nwid);
@ -1716,6 +1733,7 @@ div.icon {\
} else {
scode = 404;
}
#endif
} else {
scode = 401; // isAuth == false && !sso
}

239
zeroidc/Cargo.lock generated
View File

@ -28,12 +28,6 @@ version = "1.0.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "cdb031dd78e28731d87d56cc8ffef4a8f36ca26c38fe2de700543e627f8a464a"
[[package]]
name = "base64"
version = "0.12.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "3441f0f7b02788e948e47f457ca01f1d7e6d92c693bc132c22b087d3141c03ff"
[[package]]
name = "base64"
version = "0.13.0"
@ -55,6 +49,15 @@ dependencies = [
"generic-array",
]
[[package]]
name = "block-buffer"
version = "0.10.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f1d36a02058e76b040de25a4464ba1c80935655595b661505c8b39b664828b95"
dependencies = [
"generic-array",
]
[[package]]
name = "bumpalo"
version = "3.8.0"
@ -108,7 +111,6 @@ dependencies = [
"num-integer",
"num-traits",
"serde",
"time 0.1.43",
"winapi",
]
@ -152,6 +154,15 @@ dependencies = [
"libc",
]
[[package]]
name = "crypto-common"
version = "0.1.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "683d6b536309245c849479fba3da410962a43ed8e51c26b729208ec0ac2798d0"
dependencies = [
"generic-array",
]
[[package]]
name = "digest"
version = "0.9.0"
@ -161,6 +172,18 @@ dependencies = [
"generic-array",
]
[[package]]
name = "digest"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b697d66081d42af4fba142d56918a3cb21dc8eb63372c6b85d14f44fb9c5979b"
dependencies = [
"block-buffer 0.10.0",
"crypto-common",
"generic-array",
"subtle",
]
[[package]]
name = "either"
version = "1.6.1"
@ -322,6 +345,15 @@ dependencies = [
"libc",
]
[[package]]
name = "hmac"
version = "0.12.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ddca131f3e7f2ce2df364b57949a9d47915cfbd35e46cfee355ccebbf794d6a2"
dependencies = [
"digest 0.10.1",
]
[[package]]
name = "http"
version = "0.2.5"
@ -380,19 +412,6 @@ dependencies = [
"want",
]
[[package]]
name = "hyper-rustls"
version = "0.23.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d87c48c02e0dc5e3b849a2041db3029fd066650f8f717c07bf8ed78ccb895cac"
dependencies = [
"http",
"hyper",
"rustls",
"tokio",
"tokio-rustls",
]
[[package]]
name = "hyper-tls"
version = "0.5.0"
@ -458,17 +477,18 @@ dependencies = [
]
[[package]]
name = "jsonwebtoken"
version = "7.2.0"
name = "jwt"
version = "0.16.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "afabcc15e437a6484fc4f12d0fd63068fe457bf93f1c148d3d9649c60b103f32"
checksum = "6204285f77fe7d9784db3fdc449ecce1a0114927a51d5a41c4c7a292011c015f"
dependencies = [
"base64 0.12.3",
"pem",
"ring",
"base64",
"crypto-common",
"digest 0.10.1",
"hmac",
"serde",
"serde_json",
"simple_asn1",
"sha2 0.10.1",
]
[[package]]
@ -559,17 +579,6 @@ dependencies = [
"winapi",
]
[[package]]
name = "num-bigint"
version = "0.2.6"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "090c7f9998ee0ff65aa5b723e4009f7b217707f1fb5ea551329cc4d6231fb304"
dependencies = [
"autocfg",
"num-integer",
"num-traits",
]
[[package]]
name = "num-bigint"
version = "0.4.3"
@ -616,7 +625,7 @@ version = "4.1.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "80e47cfc4c0a1a519d9a025ebfbac3a2439d1b5cdf397d72dcb79b11d9920dab"
dependencies = [
"base64 0.13.0",
"base64",
"chrono",
"getrandom",
"http",
@ -625,7 +634,7 @@ dependencies = [
"serde",
"serde_json",
"serde_path_to_error",
"sha2",
"sha2 0.9.8",
"thiserror",
"url",
]
@ -644,16 +653,16 @@ checksum = "624a8340c38c1b80fd549087862da4ba43e08858af025b236e509b6649fc13d5"
[[package]]
name = "openidconnect"
version = "2.1.2"
version = "2.2.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "7d523cf32bdf7696f36bc4198a42c34b65f0227b97f2f501ebfbe016baa5bc52"
checksum = "f6db0c030c3036f53c7108668641151b244358d221303a17985b07ac9bb60091"
dependencies = [
"base64 0.13.0",
"base64",
"chrono",
"http",
"itertools",
"log",
"num-bigint 0.4.3",
"num-bigint",
"oauth2",
"rand",
"ring",
@ -709,17 +718,6 @@ dependencies = [
"num-traits",
]
[[package]]
name = "pem"
version = "0.8.3"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "fd56cbd21fea48d0c440b41cd69c589faacade08c992d9a54e471b79d0fd13eb"
dependencies = [
"base64 0.13.0",
"once_cell",
"regex",
]
[[package]]
name = "percent-encoding"
version = "2.1.0"
@ -817,21 +815,6 @@ dependencies = [
"bitflags",
]
[[package]]
name = "regex"
version = "1.5.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d07a8629359eb56f1e2fb1652bb04212c072a87ba68546a04065d525673ac461"
dependencies = [
"regex-syntax",
]
[[package]]
name = "regex-syntax"
version = "0.6.25"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f497285884f3fcff424ffc933e56d7cbca511def0c9831a7f9b5f6153e3cc89b"
[[package]]
name = "remove_dir_all"
version = "0.5.3"
@ -847,7 +830,7 @@ version = "0.11.7"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "07bea77bc708afa10e59905c3d4af7c8fd43c9214251673095ff8b14345fcbc5"
dependencies = [
"base64 0.13.0",
"base64",
"bytes",
"encoding_rs",
"futures-core",
@ -855,7 +838,6 @@ dependencies = [
"http",
"http-body",
"hyper",
"hyper-rustls",
"hyper-tls",
"ipnet",
"js-sys",
@ -865,19 +847,15 @@ dependencies = [
"native-tls",
"percent-encoding",
"pin-project-lite",
"rustls",
"rustls-pemfile",
"serde",
"serde_json",
"serde_urlencoded",
"tokio",
"tokio-native-tls",
"tokio-rustls",
"url",
"wasm-bindgen",
"wasm-bindgen-futures",
"web-sys",
"webpki-roots",
"winreg",
]
@ -896,27 +874,6 @@ dependencies = [
"winapi",
]
[[package]]
name = "rustls"
version = "0.20.2"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d37e5e2290f3e040b594b1a9e04377c2c671f1a1cfd9bfdef82106ac1c113f84"
dependencies = [
"log",
"ring",
"sct",
"webpki 0.22.0",
]
[[package]]
name = "rustls-pemfile"
version = "0.2.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "5eebeaeb360c87bfb72e84abdb3447159c0eaececf1bef2aecd65a8be949d1c9"
dependencies = [
"base64 0.13.0",
]
[[package]]
name = "ryu"
version = "1.0.5"
@ -933,16 +890,6 @@ dependencies = [
"winapi",
]
[[package]]
name = "sct"
version = "0.7.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "d53dcdb7c9f8158937a7981b48accfd39a43af418591a5d008c7b22b5e1b7ca4"
dependencies = [
"ring",
"untrusted",
]
[[package]]
name = "security-framework"
version = "2.4.2"
@ -1034,22 +981,22 @@ version = "0.9.8"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b69f9a4c9740d74c5baa3fd2e547f9525fa8088a8a958e0ca2409a514e33f5fa"
dependencies = [
"block-buffer",
"block-buffer 0.9.0",
"cfg-if",
"cpufeatures",
"digest",
"digest 0.9.0",
"opaque-debug",
]
[[package]]
name = "simple_asn1"
version = "0.4.1"
name = "sha2"
version = "0.10.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "692ca13de57ce0613a363c8c2f1de925adebc81b04c923ac60c5488bb44abe4b"
checksum = "99c3bd8169c58782adad9290a9af5939994036b76187f7b4f0e6de91dbbfc0ec"
dependencies = [
"chrono",
"num-bigint 0.2.6",
"num-traits",
"cfg-if",
"cpufeatures",
"digest 0.10.1",
]
[[package]]
@ -1080,6 +1027,12 @@ version = "0.8.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "8ea5119cdb4c55b55d432abb513a0429384878c15dde60cc77b1c99de1a95a6a"
[[package]]
name = "subtle"
version = "2.4.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "6bdef32e8150c2a081110b42772ffe7d7c9032b606bc226c8260fd97e0976601"
[[package]]
name = "syn"
version = "1.0.81"
@ -1134,16 +1087,6 @@ dependencies = [
"syn",
]
[[package]]
name = "time"
version = "0.1.43"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "ca8a50ef2360fbd1eeb0ecd46795a87a19024eb4b53c5dc916ca1fd95fe62438"
dependencies = [
"libc",
"winapi",
]
[[package]]
name = "time"
version = "0.3.5"
@ -1195,17 +1138,6 @@ dependencies = [
"tokio",
]
[[package]]
name = "tokio-rustls"
version = "0.23.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "4baa378e417d780beff82bf54ceb0d195193ea6a00c14e22359e7f39456b5689"
dependencies = [
"rustls",
"tokio",
"webpki 0.22.0",
]
[[package]]
name = "tokio-util"
version = "0.6.8"
@ -1429,35 +1361,6 @@ dependencies = [
"wasm-bindgen",
]
[[package]]
name = "webpki"
version = "0.21.4"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "b8e38c0608262c46d4a56202ebabdeb094cef7e560ca7a226c6bf055188aa4ea"
dependencies = [
"ring",
"untrusted",
]
[[package]]
name = "webpki"
version = "0.22.0"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "f095d78192e208183081cc07bc5515ef55216397af48b873e5edcd72637fa1bd"
dependencies = [
"ring",
"untrusted",
]
[[package]]
name = "webpki-roots"
version = "0.21.1"
source = "registry+https://github.com/rust-lang/crates.io-index"
checksum = "aabe153544e473b775453675851ecc86863d2a81d786d741f6b76778f2a48940"
dependencies = [
"webpki 0.21.4",
]
[[package]]
name = "winapi"
version = "0.3.9"
@ -1493,14 +1396,14 @@ dependencies = [
name = "zeroidc"
version = "0.1.0"
dependencies = [
"base64 0.13.0",
"base64",
"bytes",
"cbindgen",
"jsonwebtoken",
"jwt",
"openidconnect",
"reqwest",
"serde",
"thiserror",
"time 0.3.5",
"time",
"url",
]

4
zeroidc/Cargo.toml
View File

@ -12,11 +12,11 @@ crate-type = ["staticlib","rlib"]
# See more keys and their definitions at https://doc.rust-lang.org/cargo/reference/manifest.html
[dependencies]
openidconnect = "2.1"
openidconnect = { version = "2.2", default-features = false, features = ["reqwest", "native-tls"] }
base64 = "0.13"
url = "2.2"
reqwest = "0.11"
jsonwebtoken = "7.2"
jwt = "0.16"
serde = "1.0"
time = { version = "0.3", features = ["formatting"] }
bytes = "1.1"

81
zeroidc/src/ext.rs
View File

@ -16,6 +16,15 @@ use url::{Url};
use crate::ZeroIDC;
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_new(
issuer: *const c_char,
@ -57,6 +66,15 @@ pub extern "C" fn zeroidc_new(
}
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_delete(ptr: *mut ZeroIDC) {
if ptr.is_null() {
@ -67,6 +85,15 @@ pub extern "C" fn zeroidc_delete(ptr: *mut ZeroIDC) {
}
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_start(ptr: *mut ZeroIDC) {
let idc = unsafe {
@ -76,6 +103,15 @@ pub extern "C" fn zeroidc_start(ptr: *mut ZeroIDC) {
idc.start();
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_stop(ptr: *mut ZeroIDC) {
let idc = unsafe {
@ -85,6 +121,15 @@ pub extern "C" fn zeroidc_stop(ptr: *mut ZeroIDC) {
idc.stop();
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_is_running(ptr: *mut ZeroIDC) -> bool {
let idc = unsafe {
@ -105,6 +150,15 @@ pub extern "C" fn zeroidc_get_exp_time(ptr: *mut ZeroIDC) -> u64 {
id.get_exp_time()
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_set_nonce_and_csrf(
ptr: *mut ZeroIDC,
@ -137,6 +191,15 @@ pub extern "C" fn zeroidc_set_nonce_and_csrf(
idc.set_nonce_and_csrf(csrf_token, nonce);
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_get_auth_url(ptr: *mut ZeroIDC) -> *const c_char {
if ptr.is_null() {
@ -151,6 +214,15 @@ pub extern "C" fn zeroidc_get_auth_url(ptr: *mut ZeroIDC) -> *const c_char {
return s.into_raw();
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char ) -> *const c_char {
if idc.is_null() {
@ -219,6 +291,15 @@ pub extern "C" fn zeroidc_network_id_from_state(state: *const c_char) -> *const
return s.into_raw();
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
#[no_mangle]
pub extern "C" fn zeroidc_kick_refresh_thread(idc: *mut ZeroIDC) {
if idc.is_null() {

75
zeroidc/src/lib.rs
View File

@ -22,11 +22,10 @@ extern crate url;
use crate::error::ZeroIDCError;
use bytes::Bytes;
use jsonwebtoken::{dangerous_insecure_decode};
use jwt::{Token};
use openidconnect::core::{CoreClient, CoreProviderMetadata, CoreResponseType};
use openidconnect::reqwest::http_client;
use openidconnect::{AccessToken, AccessTokenHash, AuthorizationCode, AuthenticationFlow, ClientId, CsrfToken, IssuerUrl, Nonce, OAuth2TokenResponse, PkceCodeChallenge, PkceCodeVerifier, RedirectUrl, RefreshToken, Scope, TokenResponse};
use serde::{Deserialize, Serialize};
use std::str::from_utf8;
use std::sync::{Arc, Mutex};
use std::thread::{sleep, spawn, JoinHandle};
@ -36,10 +35,28 @@ use time::{OffsetDateTime, format_description};
use url::Url;
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
pub struct ZeroIDC {
inner: Arc<Mutex<Inner>>,
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
struct Inner {
running: bool,
auth_endpoint: String,
@ -63,11 +80,6 @@ impl Inner {
}
}
#[derive(Debug, Serialize, Deserialize)]
struct Exp {
exp: u64
}
fn csrf_func(csrf_token: String) -> Box<dyn Fn() -> CsrfToken> {
return Box::new(move || CsrfToken::new(csrf_token.to_string()));
}
@ -94,6 +106,15 @@ fn systemtime_strftime<T>(dt: T, format: &str) -> String
}
}
#[cfg(
any(
all(target_os = "linux", target_arch = "x86"),
all(target_os = "linux", target_arch = "x86_64"),
all(target_os = "linux", target_arch = "aarch64"),
target_os = "windows",
target_os = "macos",
)
)]
impl ZeroIDC {
pub fn new(
issuer: &str,
@ -277,15 +298,20 @@ impl ZeroIDC {
let access_token = res.access_token();
let at = access_token.secret();
// yes this function is called `dangerous_insecure_decode`
// and it doesn't validate the jwt token signature,
// but if we've gotten this far, our claims have already
// been validated up above
let exp = dangerous_insecure_decode::<Exp>(&at);
let t: Result<Token<jwt::Header, jwt::Claims, jwt::Unverified<'_>>, jwt::Error>= Token::parse_unverified(at);
if let Ok(e) = exp {
(*inner_local.lock().unwrap()).exp_time = e.claims.exp
}
if let Ok(t) = t {
let claims = t.claims().registered.clone();
match claims.expiration {
Some(exp) => {
(*inner_local.lock().unwrap()).exp_time = exp;
},
None => {
panic!("expiration is None. This shouldn't happen")
}
}
}
(*inner_local.lock().unwrap()).access_token = Some(access_token.clone());
if let Some(t) = res.refresh_token() {
@ -543,11 +569,19 @@ impl ZeroIDC {
let at = tok.access_token().secret();
// see previous note about this function's use
let exp = dangerous_insecure_decode::<Exp>(&at);
if let Ok(e) = exp {
i.exp_time = e.claims.exp
}
let t: Result<Token<jwt::Header, jwt::Claims, jwt::Unverified<'_>>, jwt::Error>= Token::parse_unverified(at);
if let Ok(t) = t {
let claims = t.claims().registered.clone();
match claims.expiration {
Some(exp) => {
i.exp_time = exp;
},
None => {
panic!("expiration is None. This shouldn't happen")
}
}
}
i.access_token = Some(tok.access_token().clone());
if let Some(t) = tok.refresh_token() {
@ -599,4 +633,3 @@ impl ZeroIDC {
};
}
}