mirror of
https://github.com/zerotier/ZeroTierOne.git
synced 2025-01-18 02:40:13 +00:00
Add error handling for over sso seat limits
This commit is contained in:
Grant Limberg
parent
7e46c83592
commit
aee9521c91
@ -34,4 +34,4 @@ fn target_dir() -> PathBuf {
|
||||
} else {
|
||||
PathBuf::from(env::var("CARGO_MANIFEST_DIR").unwrap()).join("target")
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -21,3 +21,17 @@ pub enum ZeroIDCError
|
||||
#[error(transparent)]
|
||||
ParseError(#[from] url::ParseError),
|
||||
}
|
||||
|
||||
#[derive(Error, Debug)]
|
||||
#[error("SSO Exchange Error: {message:}")]
|
||||
pub struct SSOExchangeError {
|
||||
message: String,
|
||||
}
|
||||
|
||||
impl SSOExchangeError {
|
||||
pub fn new(message: String) -> Self {
|
||||
SSOExchangeError{
|
||||
message
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
@ -267,9 +267,19 @@ pub extern "C" fn zeroidc_token_exchange(idc: *mut ZeroIDC, code: *const c_char
|
||||
|
||||
let code = unsafe{CStr::from_ptr(code)}.to_str().unwrap();
|
||||
|
||||
let ret = idc.do_token_exchange( code);
|
||||
let ret = CString::new(ret).unwrap();
|
||||
return ret.into_raw();
|
||||
let ret = idc.do_token_exchange(code);
|
||||
match ret {
|
||||
Ok(ret) => {
|
||||
let ret = CString::new(ret).unwrap();
|
||||
return ret.into_raw();
|
||||
|
||||
},
|
||||
Err(e) => {
|
||||
let errstr = format!("{{\"message\":\"{}\"\"}}", e).to_string();
|
||||
let ret = CString::new(errstr).unwrap();
|
||||
return ret.into_raw();
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
#[no_mangle]
|
||||
@ -338,4 +348,4 @@ pub extern "C" fn zeroidc_kick_refresh_thread(idc: *mut ZeroIDC) {
|
||||
};
|
||||
|
||||
idc.kick_refresh_thread();
|
||||
}
|
||||
}
|
||||
|
||||
@ -19,7 +19,7 @@ extern crate openidconnect;
|
||||
extern crate time;
|
||||
extern crate url;
|
||||
|
||||
use crate::error::ZeroIDCError;
|
||||
use crate::error::*;
|
||||
|
||||
use bytes::Bytes;
|
||||
use jwt::{Token};
|
||||
@ -415,7 +415,7 @@ impl ZeroIDC {
|
||||
}
|
||||
}
|
||||
|
||||
pub fn do_token_exchange(&mut self, code: &str) -> String {
|
||||
pub fn do_token_exchange(&mut self, code: &str) -> Result<String, SSOExchangeError> {
|
||||
let local = Arc::clone(&self.inner);
|
||||
let mut should_start = false;
|
||||
let res = (*local.lock().unwrap()).as_opt().map(|i| {
|
||||
@ -530,7 +530,7 @@ impl ZeroIDC {
|
||||
println!("Set exp time to: {:?}", i.exp_time);
|
||||
},
|
||||
None => {
|
||||
panic!("expiration is None. This shouldn't happen")
|
||||
panic!("expiration is None. This shouldn't happen");
|
||||
}
|
||||
}
|
||||
}
|
||||
@ -558,30 +558,38 @@ impl ZeroIDC {
|
||||
Err(_) => "".to_string(),
|
||||
};
|
||||
|
||||
return bytes;
|
||||
return Ok(bytes);
|
||||
},
|
||||
Err(res) => {
|
||||
println!("error result: {}", res);
|
||||
println!("hit url: {}", res.url().unwrap().as_str());
|
||||
println!("Status: {}", res.status().unwrap());
|
||||
println!("Post error: {}", res.to_string());
|
||||
i.exp_time = 0;
|
||||
return Err(SSOExchangeError::new("error from central endpoint".to_string()));
|
||||
}
|
||||
}
|
||||
|
||||
|
||||
} else {
|
||||
println!("invalid split length?!?");
|
||||
return Err(SSOExchangeError::new("error splitting state token".to_string()));
|
||||
}
|
||||
} else {
|
||||
return Err(SSOExchangeError::new("invalid token response".to_string()));
|
||||
}
|
||||
} else {
|
||||
return Err(SSOExchangeError::new("invalid pkce verifier".to_string()));
|
||||
}
|
||||
"".to_string()
|
||||
|
||||
});
|
||||
if should_start {
|
||||
self.start();
|
||||
}
|
||||
return match res {
|
||||
Some(res) => res,
|
||||
_ => "".to_string(),
|
||||
match res {
|
||||
Some(res) => {
|
||||
return res;
|
||||
},
|
||||
_ => {
|
||||
return Err(SSOExchangeError::new("invalid result".to_string()));
|
||||
},
|
||||
};
|
||||
}
|
||||
}
|
||||
|
||||
Loading…
Reference in New Issue
Block a user