validating array values

babelouest / rhonabwy

Javascript Object Signing and Encryption (JOSE) library - JWK, JWKS, JWS, JWE and JWT

https://babelouest.github.io/rhonabwy/

GNU Lesser General Public License v2.1

45 stars 21 forks source link

validating array values #34

Closed spaceone closed 9 months ago

spaceone commented 10 months ago

Hello,

I have a audience claim, which is a list (generated by Keycloak):

"aud": [
    "ldaps://school.dev/",
    "account"
  ],

r_jwt_validate_claims(jwt, R_JWT_CLAIM_AUD, "ldaps://school.dev/", R_JWT_CLAIM_NOP) doesn't return RHN_OK. and r_jwt_get_claim_str_value(jwt, "aud") returns NULL.

What can I do, to validate this correctly?

babelouest commented 9 months ago

Hello @spaceone ,

Thanks for the issue, the problem is not in your code but in my interpretation of the specification which was wrong.

Ive fixed the aud claim check so it can be a string or an array of strings, can you test with the last commit?

spaceone commented 9 months ago

Thank you, that worked.