ExternalVendorCode/ZeroTierOne
1
0
Fork 0
mirror of https://github.com/zerotier/ZeroTierOne.git synced 2025-05-03 17:22:58 +00:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity

set zeroidc.running = false on token exchange error

Browse Source
This commit is contained in:
Grant Limberg 2022-10-06 08:59:27 -07:00
parent 12392b5190
commit 9826c20d1a
No known key found for this signature in database
GPG Key ID: 8F2F97D3BE8D7735
1 changed files with 17 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
zeroidc/src/lib.rs
View File

@ -498,7 +498,8 @@ impl ZeroIDC {
let n = match i.nonce.clone() { let n = match i.nonce.clone() {
Some(n) => n, Some(n) => n,
None => { None => {
println!("no noce"); println!("no nonce");
i.running = false;
return None; return None;
} }
}; };
@ -507,6 +508,7 @@ impl ZeroIDC {
Some(t) => t, Some(t) => t,
None => { None => {
println!("no id token"); println!("no id token");
i.running = false;
return None; return None;
} }
}; };
@ -515,6 +517,7 @@ impl ZeroIDC {
Ok(c) => c, Ok(c) => c,
Err(_e) => { Err(_e) => {
println!("no claims"); println!("no claims");
i.running = false;
return None; return None;
} }
}; };
@ -523,6 +526,7 @@ impl ZeroIDC {
Ok(s) => s, Ok(s) => s,
Err(_) => { Err(_) => {
println!("no signing algorithm"); println!("no signing algorithm");
i.running = false;
return None; return None;
} }
}; };
@ -535,12 +539,14 @@ impl ZeroIDC {
Ok(h) => h, Ok(h) => h,
Err(e) => { Err(e) => {
println!("Error hashing access token: {}", e); println!("Error hashing access token: {}", e);
i.running = false;
return None; return None;
} }
}; };
if actual_hash != *expected_hash { if actual_hash != *expected_hash {
println!("token hash error"); println!("token hash error");
i.running = false;
return None; return None;
} }
} }
@ -549,7 +555,7 @@ impl ZeroIDC {
Err(e) => { Err(e) => {
println!("token response error: {:?}", e.to_string()); println!("token response error: {:?}", e.to_string());
println!("\t {:?}", e.source()); println!("\t {:?}", e.source());
i.running = false;
None None
} }
} }
@ -634,10 +640,12 @@ impl ZeroIDC {
Ok(bytes) Ok(bytes)
} else if res.status() == 402 { } else if res.status() == 402 {
Err(SSOExchangeError::new( i.running = false;
"additional license seats required. Please contact your network administrator.".to_string(), Err(SSOExchangeError::new(
)) "additional license seats required. Please contact your network administrator.".to_string(),
))
} else { } else {
i.running = false;
Err(SSOExchangeError::new( Err(SSOExchangeError::new(
"error from central endpoint".to_string(), "error from central endpoint".to_string(),
)) ))
@ -649,20 +657,24 @@ impl ZeroIDC {
println!("Status: {}", res.status().unwrap()); println!("Status: {}", res.status().unwrap());
println!("Post error: {}", res); println!("Post error: {}", res);
i.exp_time = 0; i.exp_time = 0;
i.running = false;
Err(SSOExchangeError::new( Err(SSOExchangeError::new(
"error from central endpoint".to_string(), "error from central endpoint".to_string(),
)) ))
} }
} }
} else { } else {
i.running = false;
Err(SSOExchangeError::new( Err(SSOExchangeError::new(
"error splitting state token".to_string(), "error splitting state token".to_string(),
)) ))
} }
} else { } else {
i.running = false;
Err(SSOExchangeError::new("invalid token response".to_string())) Err(SSOExchangeError::new("invalid token response".to_string()))
} }
} else { } else {
i.running = false;
Err(SSOExchangeError::new("invalid pkce verifier".to_string())) Err(SSOExchangeError::new("invalid pkce verifier".to_string()))
} }
}); });