Adjust deauth time window and send revocation when SSO members expire.

This commit is contained in:
Adam Ierymenko 2021-08-18 12:17:40 -04:00
parent 2d0f76bb9c
commit 576b4f03a5
No known key found for this signature in database
GPG key ID: C8877CF2D7A5D7F3
6 changed files with 27 additions and 3 deletions

View file

@ -1369,11 +1369,16 @@ void EmbeddedNetworkController::_request(
fprintf(stderr, "authExpiryTime: %lld\n", authenticationExpiryTime);
if (authenticationExpiryTime < now) {
if (!authenticationURL.empty()) {
_db.networkMemberSSOHasExpired(nwid, now);
onNetworkMemberDeauthorize(&_db, nwid, identity.address().toInt());
Dictionary<3072> authInfo;
authInfo.add("aU", authenticationURL.c_str());
fprintf(stderr, "sending auth URL: %s\n", authenticationURL.c_str());
DB::cleanMember(member);
_db.save(member,true);
_sender->ncSendError(nwid,requestPacketId,identity.address(),NetworkController::NC_ERROR_AUTHENTICATION_REQUIRED, authInfo.data(), authInfo.sizeBytes());
return;
}