summaryrefslogtreecommitdiff
path: root/sessiontoken.h
diff options
context:
space:
mode:
Diffstat (limited to 'sessiontoken.h')
-rw-r--r--sessiontoken.h19
1 files changed, 16 insertions, 3 deletions
diff --git a/sessiontoken.h b/sessiontoken.h
index dfaee0f..e87f0b7 100644
--- a/sessiontoken.h
+++ b/sessiontoken.h
@@ -12,9 +12,22 @@ static inline bool sessiontoken_isvalid(const char *token, const char *api_key,
params.verification_key_length = strlen(api_secret_key);
params.validate_exp = 1;
params.validate_nbf = 1;
- //params.validate_iss = (char *)shop;
params.validate_aud = (char *)api_key;
+
enum l8w8jwt_validation_result validation;
- int decode = l8w8jwt_decode(&params, &validation, NULL, NULL);
- return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID;
+ struct l8w8jwt_claim *claims;
+ size_t claims_len;
+ int decode = l8w8jwt_decode(&params, &validation, &claims, &claims_len);
+
+ struct l8w8jwt_claim *dest
+ = l8w8jwt_get_claim(claims, claims_len, "dest", 4);
+ _Bool iss_isvalid = !strncmp(dest->value,
+ l8w8jwt_get_claim(claims, claims_len, "iss", 3)->value,
+ dest->value_length);
+ printf("JWT payload sub: %s\n",
+ l8w8jwt_get_claim(claims, claims_len, "sub", 3)->value);
+ l8w8jwt_free_claims(claims, claims_len);
+
+ return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID
+ && iss_isvalid;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 01:24:09 +0000