diff options
author | ꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id> | 2022-09-22 07:05:19 +0800 |
---|---|---|
committer | ꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id> | 2022-09-22 07:05:19 +0800 |
commit | 609f9c149440e23ade0fe8bf0253333dea8e5c32 (patch) | |
tree | c9d08cbcb30beb6ceff02d44484aac9fc54436d3 | |
parent | 1a30e82e02090f4c5b52387d3e278e38466e07bd (diff) |
Verify session details
-rw-r--r-- | sessiontoken.h | 19 |
1 files changed, 16 insertions, 3 deletions
diff --git a/sessiontoken.h b/sessiontoken.h index dfaee0f..e87f0b7 100644 --- a/sessiontoken.h +++ b/sessiontoken.h @@ -12,9 +12,22 @@ static inline bool sessiontoken_isvalid(const char *token, const char *api_key, params.verification_key_length = strlen(api_secret_key); params.validate_exp = 1; params.validate_nbf = 1; - //params.validate_iss = (char *)shop; params.validate_aud = (char *)api_key; + enum l8w8jwt_validation_result validation; - int decode = l8w8jwt_decode(¶ms, &validation, NULL, NULL); - return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID; + struct l8w8jwt_claim *claims; + size_t claims_len; + int decode = l8w8jwt_decode(¶ms, &validation, &claims, &claims_len); + + struct l8w8jwt_claim *dest + = l8w8jwt_get_claim(claims, claims_len, "dest", 4); + _Bool iss_isvalid = !strncmp(dest->value, + l8w8jwt_get_claim(claims, claims_len, "iss", 3)->value, + dest->value_length); + printf("JWT payload sub: %s\n", + l8w8jwt_get_claim(claims, claims_len, "sub", 3)->value); + l8w8jwt_free_claims(claims, claims_len); + + return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID + && iss_isvalid; } |