Lanmikeman/Launcher
1
1
Fork 0
mirror of https://github.com/GravitLauncher/Launcher synced 2025-04-01 22:14:01 +03:00
Code Issues Projects Releases Packages Wiki Activity

[FIX OpenID validate issuer and aud (#710)

Browse source 
Co-authored-by: d3coder <admin@xakeps.dk>
This commit is contained in:
XakepSDK 2024-04-25 20:05:53 +05:00 committed by d3coder
parent bd4ec738a2
commit 1cbaf4eea3
2 changed files with 6 additions and 2 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

5
LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDAuthenticator.java
View file

@ -36,7 +36,10 @@ public class OpenIDAuthenticator {
public OpenIDAuthenticator(OpenIDConfig openIDConfig) { public OpenIDAuthenticator(OpenIDConfig openIDConfig) {
this.openIDConfig = openIDConfig; this.openIDConfig = openIDConfig;
var keyLocator = loadKeyLocator(openIDConfig); var keyLocator = loadKeyLocator(openIDConfig);
this.jwtParser = Jwts.parser().keyLocator(keyLocator) this.jwtParser = Jwts.parser()
.keyLocator(keyLocator)
.requireIssuer(openIDConfig.issuer())
.requireAudience(openIDConfig.clientId())
.build(); .build();
} }

3
LaunchServer/src/main/java/pro/gravit/launchserver/auth/core/openid/OpenIDConfig.java
View file

@ -3,7 +3,8 @@
import java.net.URI; import java.net.URI;
public record OpenIDConfig(URI tokenUri, String authorizationEndpoint, String clientId, String clientSecret, public record OpenIDConfig(URI tokenUri, String authorizationEndpoint, String clientId, String clientSecret,
String redirectUri, URI jwksUri, String scopes, ClaimExtractorConfig extractorConfig) { String redirectUri, URI jwksUri, String scopes, String issuer,
ClaimExtractorConfig extractorConfig) {
public record ClaimExtractorConfig(String usernameClaim, String uuidClaim) {} public record ClaimExtractorConfig(String usernameClaim, String uuidClaim) {}
} }