From 48247900f53f3668f2eb28f9a74c99ffdf65b837 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=A6=8C=EA=A6=AB=EA=A6=B6=EA=A6=8F=EA=A7=80=EA=A6=A6?= =?UTF-8?q?=EA=A6=BF=EA=A6=A7=EA=A6=AE=EA=A6=91=EA=A6=A9=EA=A6=AD=EA=A7=80?= Date: Tue, 20 Sep 2022 08:40:16 +0800 Subject: Validate iss though won't be valid yet Rename vars for consistency. --- sessiontoken.h | 13 +++++++------ 1 file changed, 7 insertions(+), 6 deletions(-) diff --git a/sessiontoken.h b/sessiontoken.h index 8069ba9..45ee463 100644 --- a/sessiontoken.h +++ b/sessiontoken.h @@ -1,19 +1,20 @@ #include -static inline bool sessiontoken_isvalid(const char *token, const char *key, - const char *secret_key, const char *shop) +static inline bool sessiontoken_isvalid(const char *token, const char *api_key, + const char *api_secret_key, const char *shop) { struct l8w8jwt_decoding_params params; l8w8jwt_decoding_params_init(¶ms); params.alg = L8W8JWT_ALG_HS256; params.jwt = (char *)token; params.jwt_length = strlen(token); - params.verification_key = (unsigned char *)secret_key; - params.verification_key_length = strlen(secret_key); + params.verification_key = (unsigned char *)api_secret_key; + params.verification_key_length = strlen(api_secret_key); params.validate_exp = 1; params.validate_nbf = 1; - params.validate_aud = (char *)key; + params.validate_iss = (char *)shop; + params.validate_aud = (char *)api_key; enum l8w8jwt_validation_result validation; - int decode = l8w8jwt_decode(¶ms, &validation, NULL,NULL); + int decode = l8w8jwt_decode(¶ms, &validation, NULL, NULL); return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID; } -- cgit v1.2.3