Baffle-WAF/baffle-hub
1
0
Fork 0
Code Issues Pull Requests 1 Actions Packages Projects Releases Wiki Activity

Two bug fixes

Browse Source
This commit is contained in:
Dan Milne
2025-12-01 19:54:47 +11:00
parent 54d9c3a0d9
commit f0ad3b2c90
2 changed files with 3 additions and 3 deletions
Download Patch File Download Diff File Expand all files Collapse all files

2
app/controllers/oidc_auth_controller.rb
View File

@@ -175,7 +175,7 @@ class OidcAuthController < ApplicationController
# JWT claim extraction and validation
def extract_claims_from_id_token(id_token)
# Decode JWT without verification first to get claims
decoded_jwt = JWT.decode(id_token, nil, false).first
decoded_jwt = JSON::JWT.decode(id_token, :skip_verification)
{
sub: decoded_jwt['sub'],

4
app/models/waf_policy.rb
View File

@@ -153,8 +153,8 @@ validate :targets_must_be_array
return nil unless matches_network_range?(network_range)
rule = Rule.create!(
rule_type: 'network',
action: policy_action,
waf_rule_type: 'network',
waf_action: policy_action,
network_range: network_range,
waf_policy: self,
user: user,