pierre/BasicOIDC
1
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Add /openid/token route

Browse Source
This commit is contained in:
Pierre HUBERT
2022-04-12 20:40:44 +02:00
parent 97203a955d
commit d69b44528e
8 changed files with 188 additions and 16 deletions
Download Patch File Download Diff File Expand all files Collapse all files

4
src/middlewares/auth_middleware.rs
View File

@ -13,7 +13,7 @@ use actix_web::body::EitherBody;
use actix_web::http::{header, Method};
use askama::Template;
use crate::constants::{ADMIN_ROUTES, AUTHENTICATED_ROUTES, AUTHORIZE_URI};
use crate::constants::{ADMIN_ROUTES, AUTHENTICATED_ROUTES, AUTHORIZE_URI, TOKEN_URI};
use crate::controllers::base_controller::{FatalErrorPage, redirect_user_for_login};
use crate::data::app_config::AppConfig;
use crate::data::session_identity::{SessionIdentity, SessionIdentityData, SessionStatus};
@ -91,7 +91,7 @@ impl<S, B> Service<ServiceRequest> for AuthInnerMiddleware<S>
// Check if POST request comes from another website (block invalid origins)
let origin = req.headers().get(header::ORIGIN);
if req.method() == Method::POST {
if req.method() == Method::POST && req.path() != TOKEN_URI {
if let Some(o) = origin {
if !o.to_str().unwrap_or("bad").eq(&config.website_origin) {
log::warn!(