ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-06-14 13:18:21 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Adjust deauth time window and send revocation when SSO members expire.

Browse Source
This commit is contained in:
Adam Ierymenko
2021-08-18 12:17:40 -04:00
parent 2d0f76bb9c
commit 576b4f03a5
6 changed files with 27 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
controller/EmbeddedNetworkController.cpp
View File

@ -1369,11 +1369,16 @@ void EmbeddedNetworkController::_request(
fprintf(stderr, "authExpiryTime: %lld\n", authenticationExpiryTime);
if (authenticationExpiryTime < now) {
if (!authenticationURL.empty()) {
_db.networkMemberSSOHasExpired(nwid, now);
onNetworkMemberDeauthorize(&_db, nwid, identity.address().toInt());
Dictionary<3072> authInfo;
authInfo.add("aU", authenticationURL.c_str());
fprintf(stderr, "sending auth URL: %s\n", authenticationURL.c_str());
DB::cleanMember(member);
_db.save(member,true);
_sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_AUTHENTICATION_REQUIRED, authInfo.data(), authInfo.sizeBytes());
return;
}