Mirroristas/etcd
2
0
Fork 0
mirror of https://github.com/etcd-io/etcd.git synced 2024-09-27 06:25:44 +00:00
Code Issues Packages Projects Releases Wiki Activity

[WIP]server/auth:fix panic on identical JWT token generation and auth

Browse Source 
Signed-off-by: ArkaSaha30 <arkasaha30@gmail.com>
This commit is contained in:
Lanre Adelowo 2022-12-16 02:28:21 +01:00 committed by ArkaSaha30
parent f9d124974b
commit 386aedef51
No known key found for this signature in database
GPG Key ID: C5FF37943E5BC363
1 changed files with 13 additions and 4 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

17
server/auth/jwt.go
View File

@ -42,7 +42,7 @@ func (t *tokenJWT) info(ctx context.Context, token string, rev uint64) (*AuthInf
// rev isn't used in JWT, it is only used in simple token
var (
username string
revision uint64
revision float64
)
parsed, err := jwt.Parse(token, func(token *jwt.Token) (interface{}, error) {
@ -73,10 +73,19 @@ func (t *tokenJWT) info(ctx context.Context, token string, rev uint64) (*AuthInf
return nil, false
}
username = claims["username"].(string)
revision = uint64(claims["revision"].(float64))
username, ok = claims["username"].(string)
if !ok {
t.lg.Warn("failed to obtain user claims from jwt token")
return nil, false
}
return &AuthInfo{Username: username, Revision: revision}, true
revision, ok = claims["revision"].(float64)
if !ok {
t.lg.Warn("failed to obtain revision claims from jwt token")
return nil, false
}
return &AuthInfo{Username: username, Revision: uint64(revision)}, true
}
func (t *tokenJWT) assign(ctx context.Context, username string, revision uint64) (string, error) {