proxmox-mirrors/pve-access-control
1
0
Fork 0
mirror of https://git.proxmox.com/git/pve-access-control synced 2025-08-12 07:53:52 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

openid: fix groups-claim regex

Browse Source 
The previous regex matched exactly that combination of characters,
rather than any combination of the specified ones.

Fixes: e80f840 ("openid: make groups-claim RE more restrictive")
Signed-off-by: Mira Limbeck <m.limbeck@proxmox.com>
Link: https://lore.proxmox.com/20250408113349.165831-1-m.limbeck@proxmox.com
This commit is contained in:
Mira Limbeck 2025-04-08 13:33:49 +02:00 committed by Thomas Lamprecht
parent 0727e3f517
commit 55ab21ecfc
1 changed files with 1 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
src/PVE/Auth/OpenId.pm
View File

@ -10,7 +10,7 @@ use PVE::Cluster qw(cfs_register_file cfs_read_file cfs_write_file cfs_lock_file
use base qw(PVE::Auth::Plugin);
# FIXME: restrict username-claim as well?
my $openid_claim_regex = qr/A-Za-z0-9\.\-_/;
my $openid_claim_regex = qr/[A-Za-z0-9\.\-_]+/;
sub type {
return 'openid';