# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1657543328 -3600
# Node ID 108b1758bd8d6ff2d99de861421ddefaabe55253
# Parent  008a7097fdc553a0ebf03dc7d0c6d74b573d4b11
util.jwt: Consolidate payload parsing, ensure it's always a valid object

diff -r 008a7097fdc5 -r 108b1758bd8d util/jwt.lua
--- a/util/jwt.lua	Mon Jul 11 13:28:29 2022 +0100
+++ b/util/jwt.lua	Mon Jul 11 13:42:08 2022 +0100
@@ -33,6 +33,16 @@
 	return b64url('{"alg":"'..algorithm_name..'","typ":"JWT"}') .. '.';
 end
 
+local function decode_raw_payload(raw_payload)
+	local payload, err = json.decode(unb64url(raw_payload));
+	if err ~= nil then
+		return nil, "json-decode-error";
+	elseif type(payload) ~= "table" then
+		return nil, "invalid-payload-type";
+	end
+	return true, payload;
+end
+
 -- HS*** family
 local function new_hmac_algorithm(name)
 	local static_header = new_static_header(name);
@@ -53,11 +63,8 @@
 		if not secure_equals(b64url(hmac(key, signed)), signature) then
 			return false, "signature-mismatch";
 		end
-		local payload, err = json.decode(unb64url(raw_payload));
-		if err ~= nil then
-			return nil, "json-decode-error";
-		end
-		return true, payload;
+
+		return decode_raw_payload(raw_payload);
 	end
 
 	local function load_key(key)
@@ -101,12 +108,7 @@
 				return false, "signature-mismatch";
 			end
 
-			local payload, err = json.decode(unb64url(raw_payload));
-			if err ~= nil then
-				return nil, "json-decode-error";
-			end
-
-			return true, payload;
+			return decode_raw_payload(raw_payload);
 		end;
 
 		load_public_key = function (public_key_pem)