extern/netbird
1
0
Fork 0
mirror of https://github.com/netbirdio/netbird.git synced 2024-11-07 16:54:16 +01:00
Code Issues Packages Projects Releases Wiki Activity

synchronize access to the signing keys

Browse Source
This commit is contained in:
Bethuel 2023-04-19 17:11:38 +03:00
parent f7196cd9a5
commit 90c8cfd863
1 changed files with 4 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
management/server/jwtclaims/jwtValidator.go
View File

@ -14,6 +14,7 @@ import (
"net/http"
"strconv"
"strings"
"sync"
"time"
"github.com/golang-jwt/jwt"
@ -74,6 +75,7 @@ func NewJWTValidator(issuer string, audienceList []string, keysLocation string,
return nil, err
}
var lock sync.Mutex
options := Options{
ValidationKeyGetter: func(token *jwt.Token) (interface{}, error) {
// Verify 'aud' claim
@ -97,6 +99,8 @@ func NewJWTValidator(issuer string, audienceList []string, keysLocation string,
if idpSignkeyRefreshEnabled {
// If the keys are invalid, retrieve new ones
if !keys.stillValid() {
lock.Lock()
defer lock.Unlock()
keys, err = getPemKeys(keysLocation)
if err != nil {
log.Debugf("cannot get JSONWebKey: %v", err)