yogsototh/clj-jwt
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

use the same data to sign and verify signature

Browse source
This commit is contained in:
Jonas Abreu 2015-09-17 14:56:41 -03:00
parent 0c139bbd9e
commit 2f27f553fd
2 changed files with 9 additions and 9 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

14
src/clj_jwt/core.clj
View file

@ -14,7 +14,7 @@
url-safe-decode-str))
(defn- update-map [m k f] (if (contains? m k) (update-in m [k] f) m))
(defrecord JWT [header claims signature])
(defrecord JWT [header claims signature signed-data])
; ----------------------------------
; JsonWebToken
@ -62,7 +62,7 @@
(let [this* (set-alg this alg)
sign-fn (get-signature-fn alg)
data (str (encoded-header this*) "." (encoded-claims this*))]
(assoc this* :signature (sign-fn key data)))))
(assoc this* :signature (sign-fn key data) :signed-data data))))
(verify
([this] (verify this ""))
@ -72,9 +72,8 @@
(= :none alg) (= "" key (:signature this))
(supported-algorithm? alg)
(let [verify-fn (get-verify-fn alg)
data (str (encoded-header this) "." (encoded-claims this))]
(verify-fn key data (:signature this)))
(let [verify-fn (get-verify-fn alg)]
(verify-fn key (:signed-data this) (:signature this)))
:else (throw (Exception. "Unkown signature")))))
([this algorithm key]
@ -83,7 +82,7 @@
false))))
; =jwt
(defn jwt [claim] (init (->JWT "" "" "") claim))
(defn jwt [claim] (init (->JWT "" "" "" "") claim))
; =str->jwt
(defn str->jwt
@ -91,4 +90,5 @@
(let [[header claims signature] (str/split jwt-string #"\.")]
(->JWT (encoded-json->map header)
(encoded-json->map claims)
(or signature ""))))
(or signature "")
(str header "." claims))))

4
test/clj_jwt/core_test.clj
View file

@ -98,8 +98,8 @@
(facts "JWT verify"
(fact "Unknown signature algorithm should be thrown exception."
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "")) => (throws Exception)
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "") "") => (throws Exception))
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "" "")) => (throws Exception)
(verify (->JWT {:typ "JWT" :alg "DUMMY"} claim "" "") "") => (throws Exception))
(fact "Plain JWT should be verified."
(-> claim jwt verify) => true