zydronium/rdpgw
1
0
Fork 0
mirror of https://github.com/bolkedebruin/rdpgw.git synced 2025-08-17 05:53:50 +02:00
Code Issues Projects Releases Packages Wiki Activity

Fix check and use 256 bit

Browse source
This commit is contained in:
Bolke de Bruin 2020-07-25 21:27:03 +02:00
parent 0b299619ff
commit 263312dc7b
4 changed files with 9 additions and 7 deletions
Download patch file Download diff file Expand all files Collapse all files

5
security/jwt.go
View file

@ -36,7 +36,7 @@ func VerifyPAAToken(ctx context.Context, tokenString string) (bool, error) {
if c, ok := token.Claims.(*customClaims); ok && token.Valid {
s := getSessionInfo(ctx)
s.RemoteServer = c.RemoteServer
s.ClientIp = client.GetClientIp(ctx)
s.ClientIp = c.ClientIP
return true, nil
}
@ -78,6 +78,7 @@ func GeneratePAAToken(ctx context.Context, username string, server string) (stri
c := customClaims{
RemoteServer: server,
ClientIP: client.GetClientIp(ctx),
StandardClaims: jwt.StandardClaims{
ExpiresAt: exp,
IssuedAt: now,
@ -86,7 +87,7 @@ func GeneratePAAToken(ctx context.Context, username string, server string) (stri
},
}
token := jwt.NewWithClaims(jwt.SigningMethodHS512, c)
token := jwt.NewWithClaims(jwt.SigningMethodHS256, c)
if ss, err := token.SignedString(SigningKey); err != nil {
log.Printf("Cannot sign PAA token %s", err)
return "", err