1
0
mirror of https://github.com/dani-garcia/vaultwarden.git synced 2024-11-10 04:52:40 +01:00

Remove whitespace before processing tokens

This commit is contained in:
Daniel García 2019-01-07 20:37:14 +01:00
parent 21b85b78b1
commit 50eeb4f651
No known key found for this signature in database
GPG Key ID: FC8A7D14C3CD543A
2 changed files with 8 additions and 3 deletions

View File

@ -51,7 +51,9 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, Error> {
algorithms: vec![JWT_ALGORITHM],
};
jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation)
let token = token.replace(char::is_whitespace, "");
jsonwebtoken::decode(&token, &PUBLIC_RSA_KEY, &validation)
.map(|d| d.claims)
.map_res("Error decoding login JWT")
}
@ -68,7 +70,9 @@ pub fn decode_invite_jwt(token: &str) -> Result<InviteJWTClaims, Error> {
algorithms: vec![JWT_ALGORITHM],
};
jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation)
let token = token.replace(char::is_whitespace, "");
jsonwebtoken::decode(&token, &PUBLIC_RSA_KEY, &validation)
.map(|d| d.claims)
.map_res("Error decoding invite JWT")
}

View File

@ -78,7 +78,8 @@ pub fn send_invite(
format!(
"<html>
<p>You have been invited to join the <b>{}</b> organization.<br><br>
<a href=\"{}/#/accept-organization/?organizationId={}&organizationUserId={}&email={}&organizationName={}&token={}\">Click here to join</a></p>
<a href=\"{}/#/accept-organization/?organizationId={}&organizationUserId={}&email={}&organizationName={}&token={}\">
Click here to join</a></p>
<p>If you do not wish to join this organization, you can safely ignore this email.</p>
</html>",
org_name, CONFIG.domain, org_id.unwrap_or("_".to_string()), org_user_id.unwrap_or("_".to_string()), address, org_name, invite_token