Commit bb8238ee authored by ale's avatar ale

Add an InspectTicket method for unverified ticket inspection

parent f462635a
Pipeline #1431 passed with stages
in 1 minute and 33 seconds
......@@ -270,3 +270,21 @@ func (v *ssoValidator) Validate(encoded, nonce, service string, allowedGroups []
return t, nil
}
// InspectTicket reads a ticket without validating it (beyond syntax),
// returning user and service. The results are untrusted.
func InspectTicket(encoded string) (string, string, error) {
decoded, err := base64.RawURLEncoding.DecodeString(encoded)
if err != nil {
return "", "", err
}
if len(decoded) < signatureLen {
return "", "", ErrMessageTooShort
}
serialized := decoded[signatureLen:]
t, err := deserializeTicket(string(serialized))
if err != nil {
return "", "", err
}
return t.User, t.Service, nil
}
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment