Skip to content
This repository has been archived by the owner on Jun 18, 2024. It is now read-only.

Commit

Permalink
Fix audience validation
Browse files Browse the repository at this point in the history
  • Loading branch information
@Twixes
Twixes committed Jun 10, 2024
1 parent 875ce72 commit 69a3858
Showing 1 changed file with 3 additions and 3 deletions.
6 changes: 3 additions & 3 deletions jwt.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -40,10 +40,10 @@ func decodeAuthToken(authHeader string) (jwt.MapClaims, error) {

// Check if the token is valid and return the claims.
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
// Validate scope
tokenScope := fmt.Sprint(claims["scope"])
// Validate audience
tokenScope := fmt.Sprint(claims["aud"])
if tokenScope != ExpectedScope {
return nil, fmt.Errorf("invalid scope")
return nil, fmt.Errorf("invalid audience")
}
return claims, nil
} else {
Expand Down

0 comments on commit 69a3858

Please sign in to comment.