commit 50eeb4f651b3e320d647bd6830097765ba3788eb
parent 21b85b78b1fd7a9ca81bad004735e8478ca39ad4
Author: Daniel GarcĂa <dani-garcia@users.noreply.github.com>
Date: Mon, 7 Jan 2019 20:37:14 +0100
Remove whitespace before processing tokens
Diffstat:
2 files changed, 8 insertions(+), 3 deletions(-)
diff --git a/src/auth.rs b/src/auth.rs
@@ -51,7 +51,9 @@ pub fn decode_jwt(token: &str) -> Result<JWTClaims, Error> {
algorithms: vec![JWT_ALGORITHM],
};
- jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation)
+ let token = token.replace(char::is_whitespace, "");
+
+ jsonwebtoken::decode(&token, &PUBLIC_RSA_KEY, &validation)
.map(|d| d.claims)
.map_res("Error decoding login JWT")
}
@@ -68,7 +70,9 @@ pub fn decode_invite_jwt(token: &str) -> Result<InviteJWTClaims, Error> {
algorithms: vec![JWT_ALGORITHM],
};
- jsonwebtoken::decode(token, &PUBLIC_RSA_KEY, &validation)
+ let token = token.replace(char::is_whitespace, "");
+
+ jsonwebtoken::decode(&token, &PUBLIC_RSA_KEY, &validation)
.map(|d| d.claims)
.map_res("Error decoding invite JWT")
}
diff --git a/src/mail.rs b/src/mail.rs
@@ -78,7 +78,8 @@ pub fn send_invite(
format!(
"<html>
<p>You have been invited to join the <b>{}</b> organization.<br><br>
- <a href=\"{}/#/accept-organization/?organizationId={}&organizationUserId={}&email={}&organizationName={}&token={}\">Click here to join</a></p>
+ <a href=\"{}/#/accept-organization/?organizationId={}&organizationUserId={}&email={}&organizationName={}&token={}\">
+ Click here to join</a></p>
<p>If you do not wish to join this organization, you can safely ignore this email.</p>
</html>",
org_name, CONFIG.domain, org_id.unwrap_or("_".to_string()), org_user_id.unwrap_or("_".to_string()), address, org_name, invite_token
