Skip to content
This repository has been archived by the owner on Jun 18, 2024. It is now read-only.

Commit

Permalink
Add expected scope
Browse files Browse the repository at this point in the history
  • Loading branch information
@Twixes
Twixes committed Jun 10, 2024
1 parent 1c21f93 commit 7b488bf
Showing 1 changed file with 7 additions and 0 deletions.
7 changes: 7 additions & 0 deletions jwt.go
View file
Original file line number Diff line number Diff line change
Expand Up @@ -9,6 +9,8 @@ import (
"github.com/spf13/viper"
)

const ExpectedScope := "posthog:livestream"

func decodeAuthToken(authHeader string) (jwt.MapClaims, error) {
// split the token
parts := strings.Split(authHeader, " ")
Expand Down Expand Up @@ -36,6 +38,11 @@ func decodeAuthToken(authHeader string) (jwt.MapClaims, error) {
return nil, err
}

tokenScope := fmt.Sprint(claims["scope"])
if tokenScope != ExpectedScope {
return nil, fmt.Errorf("invalid scope")
}

// Check if the token is valid and return the claims.
if claims, ok := token.Claims.(jwt.MapClaims); ok && token.Valid {
return claims, nil
Expand Down

0 comments on commit 7b488bf

Please sign in to comment.