| 12345678910111213141516171819202122232425262728293031323334353637383940 |
- -- Token authentication
- -- Copyright (C) 2015 Atlassian
-
- local jwt = require "luajwtjitsi";
-
- local _M = {};
-
- local function _verify_token(token, appId, appSecret, disableRoomNameConstraints)
-
- local claims, err = jwt.decode(token, appSecret, true);
- if claims == nil then
- return nil, err;
- end
-
- local alg = claims["alg"];
- if alg ~= nil and (alg == "none" or alg == "") then
- return nil, "'alg' claim must not be empty";
- end
-
- local issClaim = claims["iss"];
- if issClaim == nil then
- return nil, "'iss' claim is missing";
- end
- if issClaim ~= appId then
- return nil, "Invalid application ID('iss' claim)";
- end
-
- local roomClaim = claims["room"];
- if roomClaim == nil and disableRoomNameConstraints ~= true then
- return nil, "'room' claim is missing";
- end
-
- return claims;
- end
-
- function _M.verify_token(token, appId, appSecret, disableRoomNameConstraints)
- return _verify_token(token, appId, appSecret, disableRoomNameConstraints);
- end
-
- return _M;
|
