ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-01-18 02:40:13 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

set zeroidc.running = false on token exchange error

Browse Source
This commit is contained in:
Grant Limberg 2022-10-06 08:59:27 -07:00
parent 12392b5190
commit 9826c20d1a
No known key found for this signature in database
GPG Key ID: 8F2F97D3BE8D7735
1 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
zeroidc/src/lib.rs
View File

@ -498,7 +498,8 @@ impl ZeroIDC {
let n = match i.nonce.clone() {
Some(n) => n,
None => {
println!("no noce");
println!("no nonce");
i.running = false;
return None;
}
};
@ -507,6 +508,7 @@ impl ZeroIDC {
Some(t) => t,
None => {
println!("no id token");
i.running = false;
return None;
}
};
@ -515,6 +517,7 @@ impl ZeroIDC {
Ok(c) => c,
Err(_e) => {
println!("no claims");
i.running = false;
return None;
}
};
@ -523,6 +526,7 @@ impl ZeroIDC {
Ok(s) => s,
Err(_) => {
println!("no signing algorithm");
i.running = false;
return None;
}
};
@ -535,12 +539,14 @@ impl ZeroIDC {
Ok(h) => h,
Err(e) => {
println!("Error hashing access token: {}", e);
i.running = false;
return None;
}
};
if actual_hash != *expected_hash {
println!("token hash error");
i.running = false;
return None;
}
}
@ -549,7 +555,7 @@ impl ZeroIDC {
Err(e) => {
println!("token response error: {:?}", e.to_string());
println!("\t {:?}", e.source());
i.running = false;
None
}
}
@ -634,10 +640,12 @@ impl ZeroIDC {
Ok(bytes)
} else if res.status() == 402 {
Err(SSOExchangeError::new(
"additional license seats required. Please contact your network administrator.".to_string(),
))
i.running = false;
Err(SSOExchangeError::new(
"additional license seats required. Please contact your network administrator.".to_string(),
))
} else {
i.running = false;
Err(SSOExchangeError::new(
"error from central endpoint".to_string(),
))
@ -649,20 +657,24 @@ impl ZeroIDC {
println!("Status: {}", res.status().unwrap());
println!("Post error: {}", res);
i.exp_time = 0;
i.running = false;
Err(SSOExchangeError::new(
"error from central endpoint".to_string(),
))
}
}
} else {
i.running = false;
Err(SSOExchangeError::new(
"error splitting state token".to_string(),
))
}
} else {
i.running = false;
Err(SSOExchangeError::new("invalid token response".to_string()))
}
} else {
i.running = false;
Err(SSOExchangeError::new("invalid pkce verifier".to_string()))
}
});