Verify session details

author: ꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id> 2022-09-22 07:05:19 +0800
committer: ꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id> 2022-09-22 07:05:19 +0800
commit: 609f9c149440e23ade0fe8bf0253333dea8e5c32 (patch)
tree: c9d08cbcb30beb6ceff02d44484aac9fc54436d3
parent: 1a30e82e02090f4c5b52387d3e278e38466e07bd (diff)
1 files changed, 16 insertions, 3 deletions
diff --git a/sessiontoken.h b/sessiontoken.h
index dfaee0f..e87f0b7 100644
--- a/sessiontoken.h
+++ b/sessiontoken.h
@@ -12,9 +12,22 @@ static inline bool sessiontoken_isvalid(const char *token, const char *api_key,
 	params.verification_key_length = strlen(api_secret_key);
 	params.validate_exp = 1;
 	params.validate_nbf = 1;
-	//params.validate_iss = (char *)shop;
 	params.validate_aud = (char *)api_key;
+
 	enum l8w8jwt_validation_result validation;
-	int decode = l8w8jwt_decode(&params, &validation, NULL, NULL);
-	return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID;
+	struct l8w8jwt_claim *claims;
+	size_t claims_len;
+	int decode = l8w8jwt_decode(&params, &validation, &claims, &claims_len);
+
+	struct l8w8jwt_claim *dest
+		= l8w8jwt_get_claim(claims, claims_len, "dest", 4);
+	_Bool iss_isvalid = !strncmp(dest->value,
+			l8w8jwt_get_claim(claims, claims_len, "iss", 3)->value,
+			dest->value_length);
+	printf("JWT payload sub: %s\n",
+			l8w8jwt_get_claim(claims, claims_len, "sub", 3)->value);
+	l8w8jwt_free_claims(claims, claims_len);
+
+	return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID
+		&& iss_isvalid;
 }
author	ꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id>	2022-09-22 07:05:19 +0800
committer	ꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id>	2022-09-22 07:05:19 +0800
commit	609f9c149440e23ade0fe8bf0253333dea8e5c32 (patch)
tree	c9d08cbcb30beb6ceff02d44484aac9fc54436d3
parent	1a30e82e02090f4c5b52387d3e278e38466e07bd (diff)