minor tweeks from code review
This commit is contained in:
parent
fec3b3aeae
commit
3157b7d3ef
@ -60,21 +60,18 @@ void ArduinoJsonJWT::parseJWT(String jwt, JsonDocument &jsonDocument) {
|
||||
// clear json document before we begin, jsonDocument wil be null on failure
|
||||
jsonDocument.clear();
|
||||
|
||||
// must be of minimum length or greater
|
||||
if (jwt.length() <= JWT_SIG_SIZE + JWT_HEADER_SIZE + 2) {
|
||||
return;
|
||||
}
|
||||
// must have the correct header and delimiter
|
||||
if (!jwt.startsWith(JWT_HEADER) || jwt.indexOf('.') != JWT_HEADER_SIZE) {
|
||||
return;
|
||||
}
|
||||
// must have signature of correct length
|
||||
int signatureDelimiterIndex = jwt.length() - JWT_SIG_SIZE - 1;
|
||||
if (jwt.lastIndexOf('.') != signatureDelimiterIndex) {
|
||||
|
||||
// check there is a signature delimieter
|
||||
int signatureDelimiterIndex = jwt.lastIndexOf('.');
|
||||
if (signatureDelimiterIndex == JWT_HEADER_SIZE) {
|
||||
return;
|
||||
}
|
||||
|
||||
// signature must be correct
|
||||
// check the signature is valid
|
||||
String signature = jwt.substring(signatureDelimiterIndex + 1);
|
||||
jwt = jwt.substring(0, signatureDelimiterIndex);
|
||||
if (sign(jwt) != signature){
|
||||
|
@ -11,17 +11,14 @@
|
||||
#include <bearssl/bearssl_hmac.h>
|
||||
#endif
|
||||
|
||||
#define JWT_HEADER_SIZE 36
|
||||
#define JWT_SIG_SIZE 43
|
||||
|
||||
class ArduinoJsonJWT {
|
||||
|
||||
private:
|
||||
String _secret;
|
||||
|
||||
// {"alg": "HS256", "typ": "JWT"}
|
||||
const String JWT_HEADER = "eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9";
|
||||
|
||||
const size_t JWT_HEADER_SIZE = JWT_HEADER.length();
|
||||
|
||||
String sign(String &value);
|
||||
|
||||
static String encode(const char *cstr, int len);
|
||||
|
Loading…
Reference in New Issue
Block a user