use the same data to sign and verify signature
This commit is contained in:
parent
0c139bbd9e
commit
2f27f553fd
2 changed files with 9 additions and 9 deletions
|
@ -14,7 +14,7 @@
|
||||||
url-safe-decode-str))
|
url-safe-decode-str))
|
||||||
(defn- update-map [m k f] (if (contains? m k) (update-in m [k] f) m))
|
(defn- update-map [m k f] (if (contains? m k) (update-in m [k] f) m))
|
||||||
|
|
||||||
(defrecord JWT [header claims signature])
|
(defrecord JWT [header claims signature signed-data])
|
||||||
|
|
||||||
; ----------------------------------
|
; ----------------------------------
|
||||||
; JsonWebToken
|
; JsonWebToken
|
||||||
|
@ -62,7 +62,7 @@
|
||||||
(let [this* (set-alg this alg)
|
(let [this* (set-alg this alg)
|
||||||
sign-fn (get-signature-fn alg)
|
sign-fn (get-signature-fn alg)
|
||||||
data (str (encoded-header this*) "." (encoded-claims this*))]
|
data (str (encoded-header this*) "." (encoded-claims this*))]
|
||||||
(assoc this* :signature (sign-fn key data)))))
|
(assoc this* :signature (sign-fn key data) :signed-data data))))
|
||||||
|
|
||||||
(verify
|
(verify
|
||||||
([this] (verify this ""))
|
([this] (verify this ""))
|
||||||
|
@ -72,9 +72,8 @@
|
||||||
(= :none alg) (= "" key (:signature this))
|
(= :none alg) (= "" key (:signature this))
|
||||||
|
|
||||||
(supported-algorithm? alg)
|
(supported-algorithm? alg)
|
||||||
(let [verify-fn (get-verify-fn alg)
|
(let [verify-fn (get-verify-fn alg)]
|
||||||
data (str (encoded-header this) "." (encoded-claims this))]
|
(verify-fn key (:signed-data this) (:signature this)))
|
||||||
(verify-fn key data (:signature this)))
|
|
||||||
|
|
||||||
:else (throw (Exception. "Unkown signature")))))
|
:else (throw (Exception. "Unkown signature")))))
|
||||||
([this algorithm key]
|
([this algorithm key]
|
||||||
|
@ -83,7 +82,7 @@
|
||||||
false))))
|
false))))
|
||||||
|
|
||||||
; =jwt
|
; =jwt
|
||||||
(defn jwt [claim] (init (->JWT "" "" "") claim))
|
(defn jwt [claim] (init (->JWT "" "" "" "") claim))
|
||||||
|
|
||||||
; =str->jwt
|
; =str->jwt
|
||||||
(defn str->jwt
|
(defn str->jwt
|
||||||
|
@ -91,4 +90,5 @@
|
||||||
(let [[header claims signature] (str/split jwt-string #"\.")]
|
(let [[header claims signature] (str/split jwt-string #"\.")]
|
||||||
(->JWT (encoded-json->map header)
|
(->JWT (encoded-json->map header)
|
||||||
(encoded-json->map claims)
|
(encoded-json->map claims)
|
||||||
(or signature ""))))
|
(or signature "")
|
||||||
|
(str header "." claims))))
|
||||||
|
|
|
@ -98,8 +98,8 @@
|
||||||
|
|
||||||
(facts "JWT verify"
|
(facts "JWT verify"
|
||||||
(fact "Unknown signature algorithm should be thrown exception."
|
(fact "Unknown signature algorithm should be thrown exception."
|
||||||
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "")) => (throws Exception)
|
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "" "")) => (throws Exception)
|
||||||
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "") "") => (throws Exception))
|
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "" "") "") => (throws Exception))
|
||||||
|
|
||||||
(fact "Plain JWT should be verified."
|
(fact "Plain JWT should be verified."
|
||||||
(-> claim jwt verify) => true
|
(-> claim jwt verify) => true
|
||||||
|
|
Loading…
Reference in a new issue