dani/lemonldap-ng
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Refactor checksignature

Browse Source
This commit is contained in:
Maxime Besson 2021-01-25 18:11:37 +01:00
parent 09dda56cb8
commit cb04670003
1 changed files with 6 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
lemonldap-ng-portal/lib/Lemonldap/NG/Portal/Lib/OpenIDConnect.pm
View File

@ -15,7 +15,7 @@ use JSON;
use Lemonldap::NG::Common::FormEncode;
use Lemonldap::NG::Common::UserAgent;
use Lemonldap::NG::Common::JWT
qw(getAccessTokenSessionId getJWTPayload getJWTHeader getJWTSignature);
qw(getAccessTokenSessionId getJWTPayload getJWTHeader getJWTSignature getJWTSignedData);
use MIME::Base64 qw/encode_base64 decode_base64/;
use Mouse;
@ -1034,6 +1034,7 @@ sub verifyJWTSignature {
# Extract JWT parts
my $jwt_parts = $self->extractJWT($jwt);
my $signed_data = getJWTSignedData($jwt);
# Read header
my $jwt_header_part = $jwt_parts->[0];
@ -1076,19 +1077,19 @@ sub verifyJWTSignature {
if ( $alg eq "HS256" ) {
$digest =
hmac_sha256_base64( $jwt_parts->[0] . "." . $jwt_parts->[1],
hmac_sha256_base64( $signed_data,
$client_secret );
}
if ( $alg eq "HS384" ) {
$digest =
hmac_sha384_base64( $jwt_parts->[0] . "." . $jwt_parts->[1],
hmac_sha384_base64( $signed_data,
$client_secret );
}
if ( $alg eq "HS512" ) {
$digest =
hmac_sha512_base64( $jwt_parts->[0] . "." . $jwt_parts->[1],
hmac_sha512_base64( $signed_data,
$client_secret );
}
@ -1170,7 +1171,7 @@ sub verifyJWTSignature {
}
return $public_key->verify(
$jwt_parts->[0] . "." . $jwt_parts->[1],
$signed_data,
decode_base64url( $jwt_parts->[2] )
);
}