From 5b8616b86a38d07779ae796066f36c028b7c025a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=EA=A6=8C=EA=A6=AB=EA=A6=B6=EA=A6=8F=EA=A7=80=EA=A6=A6?= =?UTF-8?q?=EA=A6=BF=EA=A6=A7=EA=A6=AE=EA=A6=91=EA=A6=A9=EA=A6=AD=EA=A7=80?= Date: Tue, 20 Sep 2022 07:52:46 +0800 Subject: Start using l8w8jwt instead of libjwt Rename some vars & attrs for clarity. --- sessiontoken.h | 35 ++++++++++++++++------------------- 1 file changed, 16 insertions(+), 19 deletions(-) (limited to 'sessiontoken.h') diff --git a/sessiontoken.h b/sessiontoken.h index ec7a462..8069ba9 100644 --- a/sessiontoken.h +++ b/sessiontoken.h @@ -1,22 +1,19 @@ -#include +#include -static inline bool sessiontoken_isvalid(const char *token, const char *secret) +static inline bool sessiontoken_isvalid(const char *token, const char *key, + const char *secret_key, const char *shop) { - const size_t key_len = strlen(secret) / 2; - unsigned char key[key_len]; - for (size_t i = 0; i < key_len; i++) { - char hex[3] = { [2] = '\0' }; - strncpy(hex, &secret[i], 2); - key[i] = strtol(hex, NULL, 16); - } - jwt_t *jwt = NULL; - jwt_decode(&jwt, token, key, key_len); - printf("exp: %s\n", jwt_get_grant(jwt, "exp")); - printf("nbf: %s\n", jwt_get_grant(jwt, "nbf")); - printf("iss: %s\n", jwt_get_grant(jwt, "iss")); - printf("dest: %s\n", jwt_get_grant(jwt, "dest")); - printf("aud: %s\n", jwt_get_grant(jwt, "aud")); - printf("sub: %s\n", jwt_get_grant(jwt, "sub")); - jwt_free(jwt); - return false; + struct l8w8jwt_decoding_params params; + l8w8jwt_decoding_params_init(¶ms); + params.alg = L8W8JWT_ALG_HS256; + params.jwt = (char *)token; + params.jwt_length = strlen(token); + params.verification_key = (unsigned char *)secret_key; + params.verification_key_length = strlen(secret_key); + params.validate_exp = 1; + params.validate_nbf = 1; + params.validate_aud = (char *)key; + enum l8w8jwt_validation_result validation; + int decode = l8w8jwt_decode(¶ms, &validation, NULL,NULL); + return decode == L8W8JWT_SUCCESS && validation == L8W8JWT_VALID; } -- cgit v1.2.3