From 9826c20d1aed826ed82efa30f28ba76b161c82b3 Mon Sep 17 00:00:00 2001 From: Grant Limberg Date: Thu, 6 Oct 2022 08:59:27 -0700 Subject: [PATCH] set zeroidc.running = false on token exchange error --- zeroidc/src/lib.rs | 22 +++++++++++++++++----- 1 file changed, 17 insertions(+), 5 deletions(-) diff --git a/zeroidc/src/lib.rs b/zeroidc/src/lib.rs index cb92ef6e8..11efb932b 100644 --- a/zeroidc/src/lib.rs +++ b/zeroidc/src/lib.rs @@ -498,7 +498,8 @@ impl ZeroIDC { let n = match i.nonce.clone() { Some(n) => n, None => { - println!("no noce"); + println!("no nonce"); + i.running = false; return None; } }; @@ -507,6 +508,7 @@ impl ZeroIDC { Some(t) => t, None => { println!("no id token"); + i.running = false; return None; } }; @@ -515,6 +517,7 @@ impl ZeroIDC { Ok(c) => c, Err(_e) => { println!("no claims"); + i.running = false; return None; } }; @@ -523,6 +526,7 @@ impl ZeroIDC { Ok(s) => s, Err(_) => { println!("no signing algorithm"); + i.running = false; return None; } }; @@ -535,12 +539,14 @@ impl ZeroIDC { Ok(h) => h, Err(e) => { println!("Error hashing access token: {}", e); + i.running = false; return None; } }; if actual_hash != *expected_hash { println!("token hash error"); + i.running = false; return None; } } @@ -549,7 +555,7 @@ impl ZeroIDC { Err(e) => { println!("token response error: {:?}", e.to_string()); println!("\t {:?}", e.source()); - + i.running = false; None } } @@ -634,10 +640,12 @@ impl ZeroIDC { Ok(bytes) } else if res.status() == 402 { - Err(SSOExchangeError::new( - "additional license seats required. Please contact your network administrator.".to_string(), - )) + i.running = false; + Err(SSOExchangeError::new( + "additional license seats required. Please contact your network administrator.".to_string(), + )) } else { + i.running = false; Err(SSOExchangeError::new( "error from central endpoint".to_string(), )) @@ -649,20 +657,24 @@ impl ZeroIDC { println!("Status: {}", res.status().unwrap()); println!("Post error: {}", res); i.exp_time = 0; + i.running = false; Err(SSOExchangeError::new( "error from central endpoint".to_string(), )) } } } else { + i.running = false; Err(SSOExchangeError::new( "error splitting state token".to_string(), )) } } else { + i.running = false; Err(SSOExchangeError::new("invalid token response".to_string())) } } else { + i.running = false; Err(SSOExchangeError::new("invalid pkce verifier".to_string())) } });