nikdoof/pocket-id
1
0
Fork 0
mirror of https://github.com/nikdoof/pocket-id.git synced 2025-12-14 15:22:18 +00:00
Code Issues Packages Projects Releases Wiki Activity

fix: passkey can't be added if PUBLIC_APP_URL includes a port

Browse Source
This commit is contained in:
Elias Schneider
2024-12-31 10:42:54 +01:00
parent 2d0bd8dcbf
commit 0729ce9e1a
3 changed files with 5 additions and 6 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
backend/internal/service/jwt_service.go
View File

@@ -12,7 +12,6 @@ import (
"github.com/golang-jwt/jwt/v5" "github.com/golang-jwt/jwt/v5"
"github.com/stonith404/pocket-id/backend/internal/common" "github.com/stonith404/pocket-id/backend/internal/common"
"github.com/stonith404/pocket-id/backend/internal/model" "github.com/stonith404/pocket-id/backend/internal/model"
"github.com/stonith404/pocket-id/backend/internal/utils"
"log" "log"
"math/big" "math/big"
"os" "os"
@@ -96,7 +95,7 @@ func (s *JwtService) GenerateAccessToken(user model.User) (string, error) {
Subject: user.ID, Subject: user.ID,
ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Duration(sessionDurationInMinutes) * time.Minute)), ExpiresAt: jwt.NewNumericDate(time.Now().Add(time.Duration(sessionDurationInMinutes) * time.Minute)),
IssuedAt: jwt.NewNumericDate(time.Now()), IssuedAt: jwt.NewNumericDate(time.Now()),
Audience: jwt.ClaimStrings{utils.GetHostFromURL(common.EnvConfig.AppURL)}, Audience: jwt.ClaimStrings{common.EnvConfig.AppURL},
}, },
IsAdmin: user.IsAdmin, IsAdmin: user.IsAdmin,
} }
@@ -125,7 +124,7 @@ func (s *JwtService) VerifyAccessToken(tokenString string) (*AccessTokenJWTClaim
return nil, errors.New("can't parse claims") return nil, errors.New("can't parse claims")
} }
if !slices.Contains(claims.Audience, utils.GetHostFromURL(common.EnvConfig.AppURL)) { if !slices.Contains(claims.Audience, common.EnvConfig.AppURL) {
return nil, errors.New("audience doesn't match") return nil, errors.New("audience doesn't match")
} }
return claims, nil return claims, nil

2
backend/internal/service/webauthn_service.go
View File

@@ -23,7 +23,7 @@ type WebAuthnService struct {
func NewWebAuthnService(db *gorm.DB, jwtService *JwtService, auditLogService *AuditLogService, appConfigService *AppConfigService) *WebAuthnService { func NewWebAuthnService(db *gorm.DB, jwtService *JwtService, auditLogService *AuditLogService, appConfigService *AppConfigService) *WebAuthnService {
webauthnConfig := &webauthn.Config{ webauthnConfig := &webauthn.Config{
RPDisplayName: appConfigService.DbConfig.AppName.Value, RPDisplayName: appConfigService.DbConfig.AppName.Value,
RPID: utils.GetHostFromURL(common.EnvConfig.AppURL), RPID: utils.GetHostnameFromURL(common.EnvConfig.AppURL),
RPOrigins: []string{common.EnvConfig.AppURL}, RPOrigins: []string{common.EnvConfig.AppURL},
Timeouts: webauthn.TimeoutsConfig{ Timeouts: webauthn.TimeoutsConfig{
Login: webauthn.TimeoutConfig{ Login: webauthn.TimeoutConfig{

4
backend/internal/utils/string_util.go
View File

@@ -29,12 +29,12 @@ func GenerateRandomAlphanumericString(length int) (string, error) {
return string(result), nil return string(result), nil
} }
func GetHostFromURL(rawURL string) string { func GetHostnameFromURL(rawURL string) string {
parsedURL, err := url.Parse(rawURL) parsedURL, err := url.Parse(rawURL)
if err != nil { if err != nil {
return "" return ""
} }
return parsedURL.Host return parsedURL.Hostname()
} }
// StringPointer creates a string pointer from a string value // StringPointer creates a string pointer from a string value