summaryrefslogtreecommitdiff
path: root/src/services
diff options
context:
space:
mode:
Diffstat (limited to 'src/services')
-rw-r--r--src/services/jwt.rs16
1 files changed, 9 insertions, 7 deletions
diff --git a/src/services/jwt.rs b/src/services/jwt.rs
index 86252c4..489b32f 100644
--- a/src/services/jwt.rs
+++ b/src/services/jwt.rs
@@ -20,7 +20,7 @@ pub enum TokenType {
#[derive(Debug, Clone, Serialize, Deserialize)]
pub struct Claims {
iss: Box<str>,
- aud: Option<Box<[String]>>,
+ aud: Box<[String]>,
#[serde(with = "ts_milliseconds")]
exp: DateTime<Utc>,
#[serde(with = "ts_milliseconds_option")]
@@ -58,9 +58,11 @@ impl Claims {
db::create_auth_code(db, id, exp).await?;
+ let aud = [self_id.to_string(), client_id.to_string()].into();
+
Ok(Self {
iss: Box::from(self_id),
- aud: None,
+ aud,
exp,
nbf: None,
iat: Some(time),
@@ -89,9 +91,11 @@ impl Claims {
.await
.unexpect()?;
+ let aud = [self_id.to_string(), client_id.to_string()].into();
+
Ok(Self {
iss: Box::from(self_id),
- aud: None,
+ aud,
exp,
nbf: None,
iat: Some(time),
@@ -204,10 +208,8 @@ fn verify_jwt(
}
}
- if let Some(aud) = claims.aud.clone() {
- if !aud.contains(&self_id.to_string()) {
- yeet!(VerifyJwtError::BadAudience.into())
- }
+ if !claims.aud.contains(&self_id.to_string()) {
+ yeet!(VerifyJwtError::BadAudience.into())
}
let now = Utc::now();
generated by cgit v1.2.3 (git 2.39.1) at 2026-03-04 11:45:49 +0000