extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2025-06-20 01:38:41 +02:00
Code Issues Packages Projects Releases Wiki Activity

synchronize access to the signing keys

Browse Source
This commit is contained in:
Bethuel 2023-04-19 17:11:38 +03:00
parent f7196cd9a5
commit 90c8cfd863
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
management/server/jwtclaims/jwtValidator.go
View File

@ -14,6 +14,7 @@ import (
"net/http" "net/http"
"strconv" "strconv"
"strings" "strings"
"sync"
"time" "time"
"github.com/golang-jwt/jwt" "github.com/golang-jwt/jwt"
@ -74,6 +75,7 @@ func NewJWTValidator(issuer string, audienceList []string, keysLocation string,
return nil, err return nil, err
} }
var lock sync.Mutex
options := Options{ options := Options{
ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) { ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {
// Verify 'aud' claim // Verify 'aud' claim
@ -97,6 +99,8 @@ func NewJWTValidator(issuer string, audienceList []string, keysLocation string,
if idpSignkeyRefreshEnabled { if idpSignkeyRefreshEnabled {
// If the keys are invalid, retrieve new ones // If the keys are invalid, retrieve new ones
if !keys.stillValid() { if !keys.stillValid() {
lock.Lock()
defer lock.Unlock()
keys, err = getPemKeys(keysLocation) keys, err = getPemKeys(keysLocation)
if err != nil { if err != nil {
log.Debugf("cannot get JSONWebKey: %v", err) log.Debugf("cannot get JSONWebKey: %v", err)