haskal
/
jiti-meet
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

change cjson to cjson.safe and cath error from decode function

This commit is contained in:
Wuriyanto 2020-05-11 06:53:14 +07:00 committed by Дамян Минков
parent 908712b96f
commit 1b8e5d0244
1 changed files with 6 additions and 3 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
resources/prosody-plugins/token/util.lib.lua
View File

@ -7,7 +7,7 @@ local hex = require "util.hex";
local jwt = require "luajwtjitsi";
local http = require "net.http";
local jid = require "util.jid";
local json = require "cjson";
local json_safe = require "cjson.safe";
local path = require "util.paths";
local sha256 = require "util.hashes".sha256;
local timer = require "util.timer";
@ -255,7 +255,10 @@ function Util:process_and_verify_token(session)
if self.asapKeyServer and session.auth_token ~= nil then
local dotFirst = session.auth_token:find("%.");
if not dotFirst then return nil, "Invalid token" end
local header = json.decode(basexx.from_url64(session.auth_token:sub(1,dotFirst-1)));
local header, err = json_safe.decode(basexx.from_url64(session.auth_token:sub(1,dotFirst-1)));
if err then
return false, "not-allowed", "bad token format";
end
local kid = header["kid"];
if kid == nil then
return false, "not-allowed", "'kid' claim is missing";
@ -398,4 +401,4 @@ function Util:verify_room(session, room_address)
end
end
return Util;
return Util;