[Fix] handle missing fields in WebSocket auth
This commit is contained in:
parent
6caefd2132
commit
60fdb34150
|
@ -153,6 +153,12 @@ public class WebSocketClient implements MessageHandler.Whole<String> {
|
||||||
String authToken = jsonObject.get("authToken").getAsString();
|
String authToken = jsonObject.get("authToken").getAsString();
|
||||||
String username = jsonObject.get("username").getAsString();
|
String username = jsonObject.get("username").getAsString();
|
||||||
|
|
||||||
|
if (authToken.isEmpty() || username.isEmpty()) {
|
||||||
|
logger.error("Received invalid authentication request: " + jsonObject.toString());
|
||||||
|
close(CloseReason.CloseCodes.UNEXPECTED_CONDITION, "Invalid authentication");
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
try {
|
try {
|
||||||
this.certificate = this.sessionHandler.validate(authToken, this.remoteIp);
|
this.certificate = this.sessionHandler.validate(authToken, this.remoteIp);
|
||||||
if (!this.certificate.getUsername().equals(username)) {
|
if (!this.certificate.getUsername().equals(username)) {
|
||||||
|
|
Loading…
Reference in New Issue