diff options
Diffstat (limited to 'app/middleware/token_auth.go')
| -rw-r--r-- | app/middleware/token_auth.go | 11 |
1 files changed, 2 insertions, 9 deletions
diff --git a/app/middleware/token_auth.go b/app/middleware/token_auth.go index 6454ddb..08e302e 100644 --- a/app/middleware/token_auth.go +++ b/app/middleware/token_auth.go | |||
| @@ -7,6 +7,7 @@ import ( | |||
| 7 | 7 | ||
| 8 | "code.crute.us/mcrute/ssh-proxy/app/models" | 8 | "code.crute.us/mcrute/ssh-proxy/app/models" |
| 9 | "github.com/labstack/echo/v4" | 9 | "github.com/labstack/echo/v4" |
| 10 | "golang.org/x/exp/slices" | ||
| 10 | ) | 11 | ) |
| 11 | 12 | ||
| 12 | const authorizedSession = "__ssh-proxy_authorized_session" | 13 | const authorizedSession = "__ssh-proxy_authorized_session" |
| @@ -49,15 +50,7 @@ func (m *TokenAuthMiddleware) Middleware(next echo.HandlerFunc) echo.HandlerFunc | |||
| 49 | }) | 50 | }) |
| 50 | } | 51 | } |
| 51 | 52 | ||
| 52 | foundScope := false | 53 | if !slices.Contains(session.Scope, m.RequiredScope) { |
| 53 | for _, s := range session.Scope { | ||
| 54 | if s == m.RequiredScope { | ||
| 55 | foundScope = true | ||
| 56 | break | ||
| 57 | } | ||
| 58 | } | ||
| 59 | |||
| 60 | if !foundScope { | ||
| 61 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ | 54 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ |
| 62 | Type: models.ErrAccessDenied, | 55 | Type: models.ErrAccessDenied, |
| 63 | }) | 56 | }) |