refactor: if the token doesn't match our purpose only error if EmptyAllowed is off
This commit is contained in:
parent
b6c92a6348
commit
b1fcc7f7ae
|
@ -129,8 +129,10 @@ func AuthMiddleware(options AuthMiddlewareOptions) func(http.Handler) http.Handl
|
|||
aud, _ := claim.GetAudience()
|
||||
|
||||
if options.Purpose != account.JWTPurposeNone && slices.Contains[jwt.ClaimStrings, string](aud, string(options.Purpose)) == false {
|
||||
if !options.EmptyAllowed {
|
||||
return account.ErrJWTInvalid
|
||||
}
|
||||
}
|
||||
|
||||
return nil
|
||||
})
|
||||
|
|
Loading…
Reference in New Issue