Start using l8w8jwt instead of libjwt

Rename some vars & attrs for clarity.

1 files changed, 16 insertions, 19 deletions

diff --git a/sessiontoken.h b/sessiontoken.h
index ec7a462..8069ba9 100644
--- a/sessiontoken.h
+++ b/sessiontoken.h
@@ -1,22 +1,19 @@
-#include <jwt.h>
+#include <l8w8jwt/decode.h>
 
-static inline bool sessiontoken_isvalid(const char *token, const char *secret)
+static inline bool sessiontoken_isvalid(const char *token, const char *key,
+		const char *secret_key, const char *shop)
 {
-	const size_t key_len = strlen(secret) / 2;
-	unsigned char key[key_len];
-	for (size_t i = 0; i < key_len; i++) {
-		char hex[3] = { [2] = '\0' };
-		strncpy(hex, &secret[i], 2);
-		key[i] = strtol(hex, NULL, 16);
-	}
-	jwt_t *jwt = NULL;
-	jwt_decode(&jwt, token, key, key_len);
-	printf("exp: %s\n", jwt_get_grant(jwt, "exp"));
-	printf("nbf: %s\n", jwt_get_grant(jwt, "nbf"));
-	printf("iss: %s\n", jwt_get_grant(jwt, "iss"));
-	printf("dest: %s\n", jwt_get_grant(jwt, "dest"));
-	printf("aud: %s\n", jwt_get_grant(jwt, "aud"));
-	printf("sub: %s\n", jwt_get_grant(jwt, "sub"));
-	jwt_free(jwt);
-	return false;
+	struct l8w8jwt_decoding_params params;
+	l8w8jwt_decoding_params_init(&params);
+	params.alg = L8W8JWT_ALG_HS256;
+	params.jwt = (char *)token;
+	params.jwt_length = strlen(token);
+	params.verification_key = (unsigned char *)secret_key;
+	params.verification_key_length = strlen(secret_key);
+	params.validate_exp = 1;
+	params.validate_nbf = 1;
+	params.validate_aud = (char *)key;
+	enum l8w8jwt_validation_result validation;
+	int decode = l8w8jwt_decode(&params, &validation, NULL,NULL);
+	return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID;
 }