Fixes using public key to verify tokens.
This commit is contained in:
parent
2a0973a897
commit
34be638fca
|
@ -149,9 +149,10 @@ end
|
||||||
|
|
||||||
--- Verifies token
|
--- Verifies token
|
||||||
-- @param token the token to verify
|
-- @param token the token to verify
|
||||||
|
-- @param secret the secret to use to verify token
|
||||||
-- @return nil and error or the extracted claims from the token
|
-- @return nil and error or the extracted claims from the token
|
||||||
function Util:verify_token(token)
|
function Util:verify_token(token, secret)
|
||||||
local claims, err = jwt.decode(token, self.appSecret, true);
|
local claims, err = jwt.decode(token, secret, true);
|
||||||
if claims == nil then
|
if claims == nil then
|
||||||
return nil, err;
|
return nil, err;
|
||||||
end
|
end
|
||||||
|
@ -217,9 +218,9 @@ function Util:process_and_verify_token(session)
|
||||||
-- now verify the whole token
|
-- now verify the whole token
|
||||||
local claims, msg;
|
local claims, msg;
|
||||||
if self.asapKeyServer then
|
if self.asapKeyServer then
|
||||||
claims, msg = self:verify_token(session.auth_token);
|
claims, msg = self:verify_token(session.auth_token, pubKey);
|
||||||
else
|
else
|
||||||
claims, msg = self:verify_token(session.auth_token);
|
claims, msg = self:verify_token(session.auth_token, self.appSecret);
|
||||||
end
|
end
|
||||||
if claims ~= nil then
|
if claims ~= nil then
|
||||||
-- Binds room name to the session which is later checked on MUC join
|
-- Binds room name to the session which is later checked on MUC join
|
||||||
|
|
Loading…
Reference in New Issue