Schalex1998
commented
3 years ago Hey,
we have the same issue when going from v3 to v4.
Best, Alex
Open milin-wish opened 3 years ago
Schalex1998
commented
3 years ago Hey,
we have the same issue when going from v3 to v4.
Best, Alex
quetzyg
commented
3 years ago I just ran into this issue today. If I added this functionality, would you accept a pull request, @dgrijalva?
Scrap that, I just realised that the v4 branch has this sorted here.
Schalex1998
commented
3 years ago jwt.Parse(token, func(token *jwt.Token) (i interface{}, e error) {
return rsaPublicKey, nil
}, jwt.WithoutAudienceValidation())we just removed the validation as workaround btw
quetzyg
commented
3 years ago jwt.Parse(token, func(token *jwt.Token) (i interface{}, e error) { return rsaPublicKey, nil }, jwt.WithoutAudienceValidation())we just removed the validation as workaround btw
That's just wrong.
quetzyg
commented
3 years ago For those that are stuck in version 3.x for the time being, this work around does the trick:
func verifyAudience(claims jwt.MapClaims, audience string) bool {
original := claims["aud"]
switch aud := claims["aud"].(type) {
case string:
return claims.VerifyAudience(audience, true)
case []interface{}:
for _, val := range aud {
if s, ok := val.(string); ok {
claims["aud"] = s
if claims.VerifyAudience(audience, true) {
claims["aud"] = original
return true
}
}
}
}
claims["aud"] = original
return false
}So instead of calling the VerifyAudience() method of jwt.MapClaims like:
valid := claims.VerifyAudience("some.audience", true);it would instead be:
valid := verifyAudience(claims, "some.audience");
Hi,
According to the spec, "In the general case, the "aud" value is an array of case-sensitive strings, each containing a StringOrURI value." Can you update this library to support an array in the "aud" value?
Thanks, Mike