Mercurial > hg > orthanc-authorization
changeset 249:2b09f8e98cfe inbox
merge default -> inbox
| author | Alain Mazy <am@orthanc.team> |
|---|---|
| date | Fri, 11 Jul 2025 18:41:47 +0200 |
| parents | ff21632f3ab6 (current diff) d18a5deb19cf (diff) |
| children | f1c8f36e0b87 |
| files | NEWS Plugin/AuthorizationWebService.cpp Plugin/BaseAuthorizationService.h Plugin/IAuthorizationService.h Plugin/Plugin.cpp |
| diffstat | 8 files changed, 18 insertions(+), 39 deletions(-) [+] |
line wrap: on
line diff
--- a/NEWS Fri Jul 11 15:38:38 2025 +0200 +++ b/NEWS Fri Jul 11 18:41:47 2025 +0200 @@ -16,6 +16,11 @@ * The User profile can now contain an "id" field if the auth-service provides it. * New experimental feature: audit-logs (TODO) +* Fixed a security issue: the entries in the cache token->permissions were kept too long in the cache + allowing users to have access to generic routes even with an expired token. + These entries are now stored maximum for 10 seconds. + Note that the validity duration of the token->user-profile entries is determined by the auth-service; + typically 60 seconds. 2025-06-11 - v 0.9.3
--- a/Plugin/AuthorizationWebService.cpp Fri Jul 11 15:38:38 2025 +0200 +++ b/Plugin/AuthorizationWebService.cpp Fri Jul 11 18:41:47 2025 +0200 @@ -464,8 +464,7 @@ } } - bool AuthorizationWebService::HasUserPermissionInternal(unsigned int& validity, - const std::string& permission, + bool AuthorizationWebService::HasUserPermissionInternal(const std::string& permission, const UserProfile& profile) { const std::set<std::string>& permissions = profile.permissions;
--- a/Plugin/AuthorizationWebService.h Fri Jul 11 15:38:38 2025 +0200 +++ b/Plugin/AuthorizationWebService.h Fri Jul 11 18:41:47 2025 +0200 @@ -49,8 +49,7 @@ const Token* token, const std::string& tokenValue) ORTHANC_OVERRIDE; - virtual bool HasUserPermissionInternal(unsigned int& validity, - const std::string& permission, + virtual bool HasUserPermissionInternal(const std::string& permission, const UserProfile& profile) ORTHANC_OVERRIDE; public:
--- a/Plugin/BaseAuthorizationService.h Fri Jul 11 15:38:38 2025 +0200 +++ b/Plugin/BaseAuthorizationService.h Fri Jul 11 18:41:47 2025 +0200 @@ -44,8 +44,7 @@ const Token* token, const std::string& tokenValue) = 0; - virtual bool HasUserPermissionInternal(unsigned int& validity, - const std::string& permission, + virtual bool HasUserPermissionInternal(const std::string& permission, const UserProfile& profile) = 0; public: @@ -83,8 +82,7 @@ return GetUserProfileInternal(validity, profile, NULL, ""); } - virtual bool HasUserPermission(unsigned int& validity /* out */, - const std::set<std::string>& anyOfPermissions, + virtual bool HasUserPermission(const std::set<std::string>& anyOfPermissions, const UserProfile& profile) ORTHANC_OVERRIDE { if (anyOfPermissions.size() == 0) @@ -94,7 +92,7 @@ for (std::set<std::string>::const_iterator it = anyOfPermissions.begin(); it != anyOfPermissions.end(); ++it) { - if (HasUserPermissionInternal(validity, *it, profile)) + if (HasUserPermissionInternal(*it, profile)) { return true; }
--- a/Plugin/CachedAuthorizationService.cpp Fri Jul 11 15:38:38 2025 +0200 +++ b/Plugin/CachedAuthorizationService.cpp Fri Jul 11 18:41:47 2025 +0200 @@ -160,8 +160,7 @@ return false; } - bool CachedAuthorizationService::HasUserPermissionInternal(unsigned int& validity, - const std::string& permission, + bool CachedAuthorizationService::HasUserPermissionInternal(const std::string& permission, const UserProfile& profile) { assert(decorated_.get() != NULL); @@ -176,28 +175,10 @@ return (value == "1"); } - bool granted = decorated_->HasUserPermissionInternal(validity, permission, profile); + bool granted = decorated_->HasUserPermissionInternal(permission, profile); + + cache_->Store(key, (granted ? "1" : "0"), 10); // don't cache for more than 10 seconds - it's the result of a quite easy computation anyway - if (granted) - { - if (validity > 0) - { - cache_->Store(key, "1", validity); - } - - return true; - } - else - { - if (validity > 0) - { - cache_->Store(key, "0", validity); - } - - return false; - } + return granted; } - - - }
--- a/Plugin/CachedAuthorizationService.h Fri Jul 11 15:38:38 2025 +0200 +++ b/Plugin/CachedAuthorizationService.h Fri Jul 11 18:41:47 2025 +0200 @@ -58,8 +58,7 @@ const Token* token, const std::string& tokenValue) ORTHANC_OVERRIDE; - virtual bool HasUserPermissionInternal(unsigned int& validity, - const std::string& permission, + virtual bool HasUserPermissionInternal(const std::string& permission, const UserProfile& profile) ORTHANC_OVERRIDE;
--- a/Plugin/IAuthorizationService.h Fri Jul 11 15:38:38 2025 +0200 +++ b/Plugin/IAuthorizationService.h Fri Jul 11 18:41:47 2025 +0200 @@ -94,8 +94,7 @@ virtual bool GetAnonymousUserProfile(unsigned int& validity /* out */, UserProfile& profile /* out */) = 0; - virtual bool HasUserPermission(unsigned int& validity /* out */, - const std::set<std::string>& anyOfPermissions, + virtual bool HasUserPermission(const std::set<std::string>& anyOfPermissions, const UserProfile& profile) = 0; virtual bool CreateToken(CreatedToken& response,
--- a/Plugin/Plugin.cpp Fri Jul 11 15:38:38 2025 +0200 +++ b/Plugin/Plugin.cpp Fri Jul 11 18:41:47 2025 +0200 @@ -353,8 +353,7 @@ const OrthancPlugins::AssociativeArray& getArguments ) { - unsigned int validity; // ignored - if (authorizationService_->HasUserPermission(validity, requiredPermissions, profile)) + if (authorizationService_->HasUserPermission(requiredPermissions, profile)) { LOG(INFO) << msg << " -> granted to user '" << profile.name << "'"; hasUserRequiredPermissions = true;