admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

FSN#37678 SSO/ JWT aanscherpingen

Browse Source 
svn path=/Website/trunk/; revision=30716
This commit is contained in:
Jos Groot Lipman
2016-09-14 20:45:21 +00:00
parent 2e79925b91
commit 795fcbbdb2
1 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
APPL/Shared/loginTry.asp
View File

@@ -89,8 +89,7 @@ if (user_key < 0)
// jwt claim // jwt claim
// TODO: altijd/ ook als user_key > 0? // TODO: altijd/ ook als user_key > 0?
// TODO ook uit form POST ondersteunen? var jwt = getQParam("jwt", getFParam("jwt", ""));
var jwt = getQParam("jwt", "");
if (user_key < 0 && !jwt) if (user_key < 0 && !jwt)
{ {
var auth = String(Request.ServerVariables("HTTP_AUTHORIZATION")); var auth = String(Request.ServerVariables("HTTP_AUTHORIZATION"));
@@ -112,7 +111,8 @@ if (user_key < 0 && jwt)
var sql = "SELECT *" var sql = "SELECT *"
+ " FROM fac_idp" + " FROM fac_idp"
+ " WHERE fac_idp_issuer = " + safe.quoted_sql(claim.payload.iss); + " WHERE fac_idp_issuer = " + safe.quoted_sql(claim.payload.iss)
+ " AND fac_idp_audience = " + safe.quoted_sql(claim.payload.aud);
var oRs = Oracle.Execute(sql); var oRs = Oracle.Execute(sql);
if (oRs.Eof) if (oRs.Eof)
shared.internal_error("Unknown JWT issuer: " + claim.payload.iss); shared.internal_error("Unknown JWT issuer: " + claim.payload.iss);