refactor: if the token doesn't match our purpose only error if EmptyAllowed is off
This commit is contained in:
parent
b6c92a6348
commit
b1fcc7f7ae
|
@ -129,7 +129,9 @@ func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handl
|
||||||
aud, _ := claim.GetAudience()
|
aud, _ := claim.GetAudience()
|
||||||
|
|
||||||
if options.Purpose != account.JWTPurposeNone && slices.Contains[jwt.ClaimStrings, string](aud, string(options.Purpose)) == false {
|
if options.Purpose != account.JWTPurposeNone && slices.Contains[jwt.ClaimStrings, string](aud, string(options.Purpose)) == false {
|
||||||
return account.ErrJWTInvalid
|
if !options.EmptyAllowed {
|
||||||
|
return account.ErrJWTInvalid
|
||||||
|
}
|
||||||
}
|
}
|
||||||
|
|
||||||
return nil
|
return nil
|
||||||
|
|
Loading…
Reference in New Issue