Check sub of UserInfo JSON (references #183)
This commit is contained in:
parent
bb69d7c255
commit
3c3cc39d0c
@ -39,6 +39,12 @@ sub getUser {
|
||||
$self->{tmp}->{OpenIDConnect_user_info} =
|
||||
$self->decodeJSON($userinfo_content);
|
||||
|
||||
# Check that received sub is the same than current user
|
||||
unless ( $self->{tmp}->{OpenIDConnect_user_info}->{sub} eq $self->{user} ) {
|
||||
$self->lmLog( "Received sub do not match current user", 'error' );
|
||||
return PE_BADCREDENTIALS;
|
||||
}
|
||||
|
||||
PE_OK;
|
||||
}
|
||||
|
||||
|
Loading…
Reference in New Issue
Block a user