|
|
@ -216,12 +216,8 @@ impl<'r> FromRequest<'r> for PublicToken {
|
|
|
|
if time_now > claims.exp {
|
|
|
|
if time_now > claims.exp {
|
|
|
|
err_handler!("Token expired");
|
|
|
|
err_handler!("Token expired");
|
|
|
|
}
|
|
|
|
}
|
|
|
|
// Check if claims.iss is host|claims.scope[0]
|
|
|
|
// Check if claims.iss is domain|claims.scope[0]
|
|
|
|
let host = match auth::Host::from_request(request).await {
|
|
|
|
let complete_host = format!("{}|{}", CONFIG.domain_origin(), claims.scope[0]);
|
|
|
|
Outcome::Success(host) => host,
|
|
|
|
|
|
|
|
_ => err_handler!("Error getting Host"),
|
|
|
|
|
|
|
|
};
|
|
|
|
|
|
|
|
let complete_host = format!("{}|{}", host.host, claims.scope[0]);
|
|
|
|
|
|
|
|
if complete_host != claims.iss {
|
|
|
|
if complete_host != claims.iss {
|
|
|
|
err_handler!("Token not issued by this server");
|
|
|
|
err_handler!("Token not issued by this server");
|
|
|
|
}
|
|
|
|
}
|
|
|
|