diff options
Diffstat (limited to 'app/middleware/token_auth.go')
-rw-r--r-- | app/middleware/token_auth.go | 11 |
1 files changed, 2 insertions, 9 deletions
diff --git a/app/middleware/token_auth.go b/app/middleware/token_auth.go index 6454ddb..08e302e 100644 --- a/app/middleware/token_auth.go +++ b/app/middleware/token_auth.go | |||
@@ -7,6 +7,7 @@ import ( | |||
7 | 7 | ||
8 | "code.crute.us/mcrute/ssh-proxy/app/models" | 8 | "code.crute.us/mcrute/ssh-proxy/app/models" |
9 | "github.com/labstack/echo/v4" | 9 | "github.com/labstack/echo/v4" |
10 | "golang.org/x/exp/slices" | ||
10 | ) | 11 | ) |
11 | 12 | ||
12 | const authorizedSession = "__ssh-proxy_authorized_session" | 13 | const authorizedSession = "__ssh-proxy_authorized_session" |
@@ -49,15 +50,7 @@ func (m *TokenAuthMiddleware) Middleware(next echo.HandlerFunc) echo.HandlerFunc | |||
49 | }) | 50 | }) |
50 | } | 51 | } |
51 | 52 | ||
52 | foundScope := false | 53 | if !slices.Contains(session.Scope, m.RequiredScope) { |
53 | for _, s := range session.Scope { | ||
54 | if s == m.RequiredScope { | ||
55 | foundScope = true | ||
56 | break | ||
57 | } | ||
58 | } | ||
59 | |||
60 | if !foundScope { | ||
61 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ | 54 | return c.JSON(http.StatusUnauthorized, models.Oauth2Error{ |
62 | Type: models.ErrAccessDenied, | 55 | Type: models.ErrAccessDenied, |
63 | }) | 56 | }) |