summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorFDHoho007 <[email protected]>2024-05-19 20:33:31 +0200
committerGitHub <[email protected]>2024-05-19 20:33:31 +0200
commit753a9e0baee3ba3e7b4e05f18d3259e010b68d62 (patch)
tree2e7b584a4f56bba2d63c8012458643c6d595d229
parentf5fb69b64f81dbec80debb1cf59115af4ab3372c (diff)
downloadvaultwarden-753a9e0baee3ba3e7b4e05f18d3259e010b68d62.tar.gz
vaultwarden-753a9e0baee3ba3e7b4e05f18d3259e010b68d62.zip
Fix public api for domains with path prefix (#4500)
-rw-r--r--src/api/core/public.rs8
1 files changed, 2 insertions, 6 deletions
diff --git a/src/api/core/public.rs b/src/api/core/public.rs
index 085ac552..1056f4bb 100644
--- a/src/api/core/public.rs
+++ b/src/api/core/public.rs
@@ -216,12 +216,8 @@ impl<'r> FromRequest<'r> for PublicToken {
if time_now > claims.exp {
err_handler!("Token expired");
}
- // Check if claims.iss is host|claims.scope[0]
- let host = match auth::Host::from_request(request).await {
- Outcome::Success(host) => host,
- _ => err_handler!("Error getting Host"),
- };
- let complete_host = format!("{}|{}", host.host, claims.scope[0]);
+ // Check if claims.iss is domain|claims.scope[0]
+ let complete_host = format!("{}|{}", CONFIG.domain_origin(), claims.scope[0]);
if complete_host != claims.iss {
err_handler!("Token not issued by this server");
}