Fixes using public key to verify tokens.

This commit is contained in:
damencho 2017-05-25 16:45:08 -05:00
parent 2a0973a897
commit 34be638fca
1 changed files with 5 additions and 4 deletions

View File

@ -149,9 +149,10 @@ end
--- Verifies token --- Verifies token
-- @param token the token to verify -- @param token the token to verify
-- @param secret the secret to use to verify token
-- @return nil and error or the extracted claims from the token -- @return nil and error or the extracted claims from the token
function Util:verify_token(token) function Util:verify_token(token, secret)
local claims, err = jwt.decode(token, self.appSecret, true); local claims, err = jwt.decode(token, secret, true);
if claims == nil then if claims == nil then
return nil, err; return nil, err;
end end
@ -217,9 +218,9 @@ function Util:process_and_verify_token(session)
-- now verify the whole token -- now verify the whole token
local claims, msg; local claims, msg;
if self.asapKeyServer then if self.asapKeyServer then
claims, msg = self:verify_token(session.auth_token); claims, msg = self:verify_token(session.auth_token, pubKey);
else else
claims, msg = self:verify_token(session.auth_token); claims, msg = self:verify_token(session.auth_token, self.appSecret);
end end
if claims ~= nil then if claims ~= nil then
-- Binds room name to the session which is later checked on MUC join -- Binds room name to the session which is later checked on MUC join