Software / code / prosody
Changeset
12706:108b1758bd8d
util.jwt: Consolidate payload parsing, ensure it's always a valid object
| author | Matthew Wild <mwild1@gmail.com> |
|---|---|
| date | Mon, 11 Jul 2022 13:42:08 +0100 |
| parents | 12705:008a7097fdc5 |
| children | 12707:f75235110045 |
| files | util/jwt.lua |
| diffstat | 1 files changed, 13 insertions(+), 11 deletions(-) [+] |
line wrap: on
line diff
--- a/util/jwt.lua Mon Jul 11 13:28:29 2022 +0100 +++ b/util/jwt.lua Mon Jul 11 13:42:08 2022 +0100 @@ -33,6 +33,16 @@ return b64url('{"alg":"'..algorithm_name..'","typ":"JWT"}') .. '.'; end +local function decode_raw_payload(raw_payload) + local payload, err = json.decode(unb64url(raw_payload)); + if err ~= nil then + return nil, "json-decode-error"; + elseif type(payload) ~= "table" then + return nil, "invalid-payload-type"; + end + return true, payload; +end + -- HS*** family local function new_hmac_algorithm(name) local static_header = new_static_header(name); @@ -53,11 +63,8 @@ if not secure_equals(b64url(hmac(key, signed)), signature) then return false, "signature-mismatch"; end - local payload, err = json.decode(unb64url(raw_payload)); - if err ~= nil then - return nil, "json-decode-error"; - end - return true, payload; + + return decode_raw_payload(raw_payload); end local function load_key(key) @@ -101,12 +108,7 @@ return false, "signature-mismatch"; end - local payload, err = json.decode(unb64url(raw_payload)); - if err ~= nil then - return nil, "json-decode-error"; - end - - return true, payload; + return decode_raw_payload(raw_payload); end; load_public_key = function (public_key_pem)
