summaryrefslogtreecommitdiff
path: root/sessiontoken.h
diff options
context:
space:
mode:
authorꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id>2022-09-22 07:05:19 +0800
committerꦌꦫꦶꦏ꧀ꦦꦿꦧꦮꦑꦩꦭ꧀ <erik@darapsa.co.id>2022-09-22 07:05:19 +0800
commit609f9c149440e23ade0fe8bf0253333dea8e5c32 (patch)
treec9d08cbcb30beb6ceff02d44484aac9fc54436d3 /sessiontoken.h
parent1a30e82e02090f4c5b52387d3e278e38466e07bd (diff)
Verify session details
Diffstat (limited to 'sessiontoken.h')
-rw-r--r--sessiontoken.h19
1 files changed, 16 insertions, 3 deletions
diff --git a/sessiontoken.h b/sessiontoken.h
index dfaee0f..e87f0b7 100644
--- a/sessiontoken.h
+++ b/sessiontoken.h
@@ -12,9 +12,22 @@ static inline bool sessiontoken_isvalid(const char *token, const char *api_key,
params.verification_key_length = strlen(api_secret_key);
params.validate_exp = 1;
params.validate_nbf = 1;
- //params.validate_iss = (char *)shop;
params.validate_aud = (char *)api_key;
+
enum l8w8jwt_validation_result validation;
- int decode = l8w8jwt_decode(&params, &validation, NULL, NULL);
- return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID;
+ struct l8w8jwt_claim *claims;
+ size_t claims_len;
+ int decode = l8w8jwt_decode(&params, &validation, &claims, &claims_len);
+
+ struct l8w8jwt_claim *dest
+ = l8w8jwt_get_claim(claims, claims_len, "dest", 4);
+ _Bool iss_isvalid = !strncmp(dest->value,
+ l8w8jwt_get_claim(claims, claims_len, "iss", 3)->value,
+ dest->value_length);
+ printf("JWT payload sub: %s\n",
+ l8w8jwt_get_claim(claims, claims_len, "sub", 3)->value);
+ l8w8jwt_free_claims(claims, claims_len);
+
+ return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID
+ && iss_isvalid;
}