Option to check JWT Signature (#183)

2014-11-18 14:24:03 +00:00 · 2014-11-18 14:24:03 +00:00 · 27225cfe86
commit 27225cfe86
parent 2a33f67155
1 changed files with 5 additions and 3 deletions
--- a/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenIDConnect.pm
+++ b/lemonldap-ng-portal/lib/Lemonldap/NG/Portal/AuthOpenIDConnect.pm
@ -106,9 +106,11 @@ sub extractFormInfo {
        $self->lmLog( "ID token: $id_token",         'debug' );

        # Verify JWT signature
-        unless ( $self->verifyJWTSignature($id_token) ) {
-            $self->lmLog( "JWT signature verification failed", 'error' );
-            return PE_ERROR;
+        if ( $self->{OIDCRPCheckJWTSignature} ) {
+            unless ( $self->verifyJWTSignature($id_token) ) {
+                $self->lmLog( "JWT signature verification failed", 'error' );
+                return PE_ERROR;
+            }
        }

        # Get ID token content