mirror of
https://github.com/warp-tech/warpgate.git
synced 2024-09-20 06:46:17 +08:00
fixed GHSA-c94j-vqr5-3mxr - privilege escalation during web auth
This commit is contained in:
parent
80ec7444f9
commit
e3b26b2699
|
@ -129,7 +129,7 @@ impl Api {
|
|||
|
||||
let password_cred = AuthCredential::Password(Secret::new(body.password.clone()));
|
||||
if cp
|
||||
.validate_credential(&body.username, &password_cred)
|
||||
.validate_credential(&state.username(), &password_cred)
|
||||
.await?
|
||||
{
|
||||
state.add_valid_credential(password_cred);
|
||||
|
|
|
@ -194,16 +194,20 @@ pub async fn get_auth_state_for_request(
|
|||
}
|
||||
}
|
||||
|
||||
match session.get_auth_state_id() {
|
||||
Some(id) => Ok(store.get(&id.0).ok_or(WarpgateError::InconsistentState)?),
|
||||
None => {
|
||||
let (id, state) = store
|
||||
.create(None, username, crate::common::PROTOCOL_NAME)
|
||||
.await?;
|
||||
session.set(AUTH_STATE_ID_SESSION_KEY, AuthStateId(id));
|
||||
Ok(state)
|
||||
if let Some(id) = session.get_auth_state_id() {
|
||||
let state = store.get(&id.0).ok_or(WarpgateError::InconsistentState)?;
|
||||
|
||||
let existing_matched = state.lock().await.username() == username;
|
||||
if existing_matched {
|
||||
return Ok(state);
|
||||
}
|
||||
}
|
||||
|
||||
let (id, state) = store
|
||||
.create(None, username, crate::common::PROTOCOL_NAME)
|
||||
.await?;
|
||||
session.set(AUTH_STATE_ID_SESSION_KEY, AuthStateId(id));
|
||||
Ok(state)
|
||||
}
|
||||
|
||||
pub async fn authorize_session(req: &Request, username: String) -> poem::Result<()> {
|
||||
|
|
Loading…
Reference in a new issue