reivilibre/idcoop
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Check if openid scope is present in the auth request, but only warn if not

Browse Source
This commit is contained in:
Olivier 'reivilibre' 2024-01-21 13:39:05 +00:00
parent 0a2c1f37b4
commit bbbb28b45f
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
src/web/oauth_openid/authorisation.rs
View File

@ -11,7 +11,7 @@ use chrono::Utc;
use eyre::{Context, ContextCompat}; use eyre::{Context, ContextCompat};
use serde::{Deserialize, Serialize}; use serde::{Deserialize, Serialize};
use tracing::{error, info}; use tracing::{error, warn};
use crate::{ use crate::{
config::{Configuration, OidcClientConfiguration}, config::{Configuration, OidcClientConfiguration},
@ -72,7 +72,10 @@ pub async fn oidc_authorisation(
.into_response(); .into_response();
} }
}; };
info!("auth {query:?}");
if !query.scope.split(' ').any(|word| word == "openid") {
warn!("No OpenID scope requested! Continuing anyway, but beware.");
}
let (client_id, client_config) = match validate_authorisation_basics(&query, &config) { let (client_id, client_config) = match validate_authorisation_basics(&query, &config) {
Ok(x) => x, Ok(x) => x,