diff options
author | Robert Newson <rnewson@apache.org> | 2017-05-09 12:35:29 +0100 |
---|---|---|
committer | Robert Newson <rnewson@apache.org> | 2017-05-09 12:35:29 +0100 |
commit | e60fa5015b5b0debf8be7d95e70c731638d7f2bd (patch) | |
tree | c9ef57ff94ba9a2b41e1bb8267174db963525cab | |
parent | 3cb8b7d42475bb9c0f96d075aaa7dffab64a1f7c (diff) | |
download | couchdb-e60fa5015b5b0debf8be7d95e70c731638d7f2bd.tar.gz |
kid belongs in the header
-rw-r--r-- | src/jwtf.erl | 18 |
1 files changed, 9 insertions, 9 deletions
diff --git a/src/jwtf.erl b/src/jwtf.erl index e7157f1f4..1a1877c03 100644 --- a/src/jwtf.erl +++ b/src/jwtf.erl @@ -33,7 +33,7 @@ validate(Header0, Payload0, Signature, Checks, KS) -> validate_payload(Payload1, Checks), Alg = prop(<<"alg">>, Header1), - Key = key(Payload1, Checks, KS), + Key = key(Header1, Checks, KS), verify(Alg, Header0, Payload0, Signature, Key). @@ -311,7 +311,7 @@ invalid_exp_test() -> missing_kid_test() -> - Encoded = encode(valid_header(), {[]}), + Encoded = encode({[]}, {[]}), ?assertEqual({error, missing_kid}, decode(Encoded, [kid], nil)). @@ -336,13 +336,13 @@ malformed_token_test() -> hs256_test() -> - EncodedToken = <<"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJodHRwc" - "zovL2Zvby5jb20iLCJpYXQiOjAsImV4cCI6MTAwMDAwMDAwMDAwMDA" - "sImtpZCI6ImJhciJ9.lpOvEnYLdcujwo9RbhzXme6J-eQ1yfl782qq" - "crR6QYE">>, - KS = fun(_) -> <<"secret">> end, - Checks = [{iss, <<"https://foo.com">>}, iat, exp, kid, sig, typ, alg], - ?assertMatch({ok, _}, decode(EncodedToken, Checks, KS)). + EncodedToken = <<"eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCIsImtpZCI6IjEyMzQ1Ni" + "J9.eyJpc3MiOiJodHRwczovL2Zvby5jb20iLCJpYXQiOjAsImV4cCI" + "6MTAwMDAwMDAwMDAwMDAsImtpZCI6ImJhciJ9.iS8AH11QHHlczkBn" + "Hl9X119BYLOZyZPllOVhSBZ4RZs">>, + KS = fun(<<"123456">>) -> <<"secret">> end, + Checks = [{iss, <<"https://foo.com">>}, iat, exp, sig, typ, alg, kid], + ?assertMatch({ok, _}, catch decode(EncodedToken, Checks, KS)). %% jwt.io example |