diff options
| author |  vman <public@vaughnnugent.com> | 2022-12-15 01:45:03 -0500 |
|---|---|---|
| committer | vman <public@vaughnnugent.com> | 2022-12-15 01:45:03 -0500 |
| commit | 1f2b3530ebeafa162fe4df41e691c33cb2ff0009 (patch) | |
| tree | 7f60d7c761cee2df89303c3ef0550743790a63e2 /Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints | |
| parent | a0d5a8d40de9806e21e64475e3297a2a84effe22 (diff) | |
JWK sigs, session cleanup v1
Diffstat (limited to 'Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints')
| -rw-r--r-- | Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs | 12 |
1 files changed, 6 insertions, 6 deletions
diff --git a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs index a159456..d968398 100644 --- a/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs +++ b/Libs/VNLib.Plugins.Essentials.Sessions.OAuth/Endpoints/AccessTokenEndpoint.cs @@ -30,12 +30,12 @@ using VNLib.Utils.Memory; using VNLib.Hashing.IdentityUtility; using VNLib.Plugins.Essentials.Oauth; using VNLib.Plugins.Essentials.Endpoints; +using VNLib.Plugins.Essentials.Oauth.Tokens; using VNLib.Plugins.Essentials.Oauth.Applications; using VNLib.Plugins.Essentials.Extensions; using VNLib.Plugins.Extensions.Loading; using VNLib.Plugins.Extensions.Loading.Sql; using VNLib.Plugins.Extensions.Validation; -using VNLib.Plugins.Essentials.Oauth.Tokens; namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints { @@ -56,9 +56,9 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints //override protection settings to allow most connections to authenticate protected override ProtectionSettings EndpointProtectionSettings { get; } = new() { - BrowsersOnly = false, - SessionsRequired = false, - VerifySessionCors = false + DisableBrowsersOnly = true, + DisableSessionsRequired = true, + DisableVerifySessionCors = true }; public AccessTokenEndpoint(string path, PluginBase pbase, CreateTokenImpl tokenStore, Task<JsonDocument?> verificationKey) @@ -117,7 +117,7 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints secret = secret.ToLower(); //Convert secret to private string that is unreferrenced - PrivateString secretPv = new(secret, false); + using PrivateString secretPv = new(secret, false); //Get the application from apps store UserApplication? app = await Applications.VerifyAppAsync(clientId, secretPv); @@ -171,7 +171,7 @@ namespace VNLib.Plugins.Essentials.Sessions.OAuth.Endpoints if (result == null) { - entity.CloseResponseError(HttpStatusCode.ServiceUnavailable, ErrorType.TemporarilyUnabavailable, "You have reached the maximum number of valid tokens for this application"); + entity.CloseResponseError(HttpStatusCode.TooManyRequests, ErrorType.TemporarilyUnabavailable, "You have reached the maximum number of valid tokens for this application"); return VfReturnType.VirtualSkip; } |