prosody
b3f7c77c1f08
util/paseto.lua

Find changesets by keywords by author, files, the commit message, revision number or hash, or revset expression.

Software / code / prosody

Diff

util/paseto.lua @ 12709:b3f7c77c1f08

util.paseto: Fix to decode footer before comparison
author Matthew Wild <mwild1@gmail.com>
date Mon, 11 Jul 2022 13:51:39 +0100
parent 12694:26a004c96ef8
child 12710:2dbb3335cd34
line wrap: on
line diff
--- a/util/paseto.lua	Mon Jul 11 13:49:47 2022 +0100
+++ b/util/paseto.lua	Mon Jul 11 13:51:39 2022 +0100
@@ -69,6 +69,7 @@
 	if not h then
 		return nil, "invalid-token-format";
 	end
+	f = f and unb64url(f) or nil;
 	if expected_f then
 		if not f or not secure_equals(expected_f, f) then
 			return nil, "invalid-footer";