Skip to content

Commit ad35ea6

Browse files
Simon Plourdeamdprophet
Simon Plourde
authored and
amdprophet
committed
Validate that a user is still enabled upon token renewal (#3406)
Signed-off-by: Simon Plourde <[email protected]>
1 parent a93b172 commit ad35ea6

File tree

1 file changed

+3
-0
lines changed
  • backend/authentication/providers/basic

1 file changed

+3
-0
lines changed

backend/authentication/providers/basic/basic.go

+3
Original file line numberDiff line numberDiff line change
@@ -52,6 +52,9 @@ func (p *Provider) Refresh(ctx context.Context, claims *corev2.Claims) (*corev2.
5252
if user == nil {
5353
return nil, fmt.Errorf("user %q does not exist", claims.Provider.UserID)
5454
}
55+
if user.Disabled {
56+
return nil, fmt.Errorf("user %q is disabled", claims.Provider.UserID)
57+
}
5558

5659
newClaims, err := jwt.NewClaims(user)
5760
if err != nil {

0 commit comments

Comments
 (0)