summaryrefslogtreecommitdiff
path: root/sessiontoken.h
blob: cff077c226bc650b95c1db6a019fffadf83bda95 (plain) 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37

#include <l8w8jwt/decode.h>

static inline bool sessiontoken_isvalid(const char *token, const char *api_key,
		const char *api_secret_key, const char *shop)
{
	struct l8w8jwt_decoding_params params;
	l8w8jwt_decoding_params_init(&params);
	params.alg = L8W8JWT_ALG_HS256;
	params.jwt = (char *)token;
	params.jwt_length = strlen(token);
	params.verification_key = (unsigned char *)api_secret_key;
	params.verification_key_length = strlen(api_secret_key);
	params.validate_exp = 1;
	params.validate_nbf = 1;
	params.validate_aud = (char *)api_key;

	enum l8w8jwt_validation_result validation;
	struct l8w8jwt_claim *claims;
	size_t claims_len;
	int decode = l8w8jwt_decode(&params, &validation, &claims, &claims_len);

	struct l8w8jwt_claim *dest
		= l8w8jwt_get_claim(claims, claims_len, "dest", 4);
	_Bool iss_isvalid = !strncmp(dest->value,
			l8w8jwt_get_claim(claims, claims_len, "iss", 3)->value,
			dest->value_length);
	if (validation != L8W8JWT_NBF_FAILURE)
		printf("nbf invalid\n");
	printf("JWT payload sub: %s\n",
			l8w8jwt_get_claim(claims, claims_len, "sub", 3)->value);
	l8w8jwt_free_claims(claims, claims_len);

	return decode == L8W8JWT_SUCCESS
		&& (validation == L8W8JWT_VALID
				|| validation == L8W8JWT_NBF_FAILURE)
		&& iss_isvalid;
}
generated by cgit v1.2.3 (git 2.25.1) at 2024-11-01 02:31:13 +0000