changeset 249:2b09f8e98cfe inbox

merge default -> inbox
author Alain Mazy <am@orthanc.team>
date Fri, 11 Jul 2025 18:41:47 +0200
parents ff21632f3ab6 (current diff) d18a5deb19cf (diff)
children f1c8f36e0b87
files NEWS Plugin/AuthorizationWebService.cpp Plugin/BaseAuthorizationService.h Plugin/IAuthorizationService.h Plugin/Plugin.cpp
diffstat 8 files changed, 18 insertions(+), 39 deletions(-) [+]
line wrap: on
line diff
--- a/NEWS	Fri Jul 11 15:38:38 2025 +0200
+++ b/NEWS	Fri Jul 11 18:41:47 2025 +0200
@@ -16,6 +16,11 @@
 * The User profile can now contain an "id" field if the auth-service
   provides it.
 * New experimental feature: audit-logs (TODO)
+* Fixed a security issue: the entries in the cache token->permissions were kept too long in the cache
+  allowing users to have access to generic routes even with an expired token.
+  These entries are now stored maximum for 10 seconds.
+  Note that the validity duration of the token->user-profile entries is determined by the auth-service;
+  typically 60 seconds.
 
 
 2025-06-11 - v 0.9.3
--- a/Plugin/AuthorizationWebService.cpp	Fri Jul 11 15:38:38 2025 +0200
+++ b/Plugin/AuthorizationWebService.cpp	Fri Jul 11 18:41:47 2025 +0200
@@ -464,8 +464,7 @@
     }
   }
 
-  bool AuthorizationWebService::HasUserPermissionInternal(unsigned int& validity,
-                                                          const std::string& permission,
+  bool AuthorizationWebService::HasUserPermissionInternal(const std::string& permission,
                                                           const UserProfile& profile)
   {
     const std::set<std::string>& permissions = profile.permissions;
--- a/Plugin/AuthorizationWebService.h	Fri Jul 11 15:38:38 2025 +0200
+++ b/Plugin/AuthorizationWebService.h	Fri Jul 11 18:41:47 2025 +0200
@@ -49,8 +49,7 @@
                                         const Token* token,
                                         const std::string& tokenValue) ORTHANC_OVERRIDE;
 
-    virtual bool HasUserPermissionInternal(unsigned int& validity,
-                                           const std::string& permission,
+    virtual bool HasUserPermissionInternal(const std::string& permission,
                                            const UserProfile& profile) ORTHANC_OVERRIDE;
   
   public:
--- a/Plugin/BaseAuthorizationService.h	Fri Jul 11 15:38:38 2025 +0200
+++ b/Plugin/BaseAuthorizationService.h	Fri Jul 11 18:41:47 2025 +0200
@@ -44,8 +44,7 @@
                                         const Token* token,
                                         const std::string& tokenValue) = 0;
 
-    virtual bool HasUserPermissionInternal(unsigned int& validity,
-                                           const std::string& permission,
+    virtual bool HasUserPermissionInternal(const std::string& permission,
                                            const UserProfile& profile) = 0;
 
   public:
@@ -83,8 +82,7 @@
       return GetUserProfileInternal(validity, profile, NULL, "");
     }
 
-    virtual bool HasUserPermission(unsigned int& validity /* out */,
-                                   const std::set<std::string>& anyOfPermissions,
+    virtual bool HasUserPermission(const std::set<std::string>& anyOfPermissions,
                                    const UserProfile& profile) ORTHANC_OVERRIDE
     {
       if (anyOfPermissions.size() == 0)
@@ -94,7 +92,7 @@
 
       for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it)
       {
-        if (HasUserPermissionInternal(validity, *it, profile))
+        if (HasUserPermissionInternal(*it, profile))
         {
           return true;
         }
--- a/Plugin/CachedAuthorizationService.cpp	Fri Jul 11 15:38:38 2025 +0200
+++ b/Plugin/CachedAuthorizationService.cpp	Fri Jul 11 18:41:47 2025 +0200
@@ -160,8 +160,7 @@
     return false;
   }
 
-  bool CachedAuthorizationService::HasUserPermissionInternal(unsigned int& validity,
-                                                             const std::string& permission,
+  bool CachedAuthorizationService::HasUserPermissionInternal(const std::string& permission,
                                                              const UserProfile& profile)
   {
     assert(decorated_.get() != NULL);
@@ -176,28 +175,10 @@
       return (value == "1");
     }        
         
-    bool granted = decorated_->HasUserPermissionInternal(validity, permission, profile);
+    bool granted = decorated_->HasUserPermissionInternal(permission, profile);
+
+    cache_->Store(key, (granted ? "1" : "0"), 10); // don't cache for more than 10 seconds - it's the result of a quite easy computation anyway
 
-    if (granted)
-    {
-      if (validity > 0)
-      {
-        cache_->Store(key, "1", validity);
-      }
-        
-      return true;
-    }
-    else
-    {
-      if (validity > 0)
-      {
-        cache_->Store(key, "0", validity);
-      }
-        
-      return false;
-    }
+    return granted;
   }
-
-
-
 }
--- a/Plugin/CachedAuthorizationService.h	Fri Jul 11 15:38:38 2025 +0200
+++ b/Plugin/CachedAuthorizationService.h	Fri Jul 11 18:41:47 2025 +0200
@@ -58,8 +58,7 @@
                                         const Token* token,
                                         const std::string& tokenValue) ORTHANC_OVERRIDE;
 
-    virtual bool HasUserPermissionInternal(unsigned int& validity,
-                                           const std::string& permission,
+    virtual bool HasUserPermissionInternal(const std::string& permission,
                                            const UserProfile& profile) ORTHANC_OVERRIDE;
 
 
--- a/Plugin/IAuthorizationService.h	Fri Jul 11 15:38:38 2025 +0200
+++ b/Plugin/IAuthorizationService.h	Fri Jul 11 18:41:47 2025 +0200
@@ -94,8 +94,7 @@
     virtual bool GetAnonymousUserProfile(unsigned int& validity /* out */,
                                          UserProfile& profile /* out */) = 0;
 
-    virtual bool HasUserPermission(unsigned int& validity /* out */,
-                                   const std::set<std::string>& anyOfPermissions,
+    virtual bool HasUserPermission(const std::set<std::string>& anyOfPermissions,
                                    const UserProfile& profile) = 0;
 
     virtual bool CreateToken(CreatedToken& response,
--- a/Plugin/Plugin.cpp	Fri Jul 11 15:38:38 2025 +0200
+++ b/Plugin/Plugin.cpp	Fri Jul 11 18:41:47 2025 +0200
@@ -353,8 +353,7 @@
                                     const OrthancPlugins::AssociativeArray& getArguments
                                     )
 {
-  unsigned int validity;  // ignored
-  if (authorizationService_->HasUserPermission(validity, requiredPermissions, profile))
+  if (authorizationService_->HasUserPermission(requiredPermissions, profile))
   {
     LOG(INFO) << msg << " -> granted to user '" << profile.name << "'";
     hasUserRequiredPermissions = true;