diff --git a/Cargo.toml b/Cargo.toml index 37f8b32..d6f4a2a 100644 --- a/Cargo.toml +++ b/Cargo.toml @@ -1,6 +1,6 @@ [package] name = "jsonwebtoken" -version = "7.0.0-alpha.1" +version = "7.0.0-alpha.2" authors = ["Vincent Prouillet "] license = "MIT" readme = "README.md" diff --git a/src/validation.rs b/src/validation.rs index 48d79c7..b8106ef 100644 --- a/src/validation.rs +++ b/src/validation.rs @@ -147,10 +147,20 @@ pub fn validate(claims: &Map, options: &Validation) -> Result<()> if let Some(ref correct_aud) = options.aud { if let Some(aud) = claims.get("aud") { - let provided_aud: HashSet = from_value(aud.clone())?; - if provided_aud.intersection(correct_aud).count() == 0 { - return Err(new_error(ErrorKind::InvalidAudience)); - } + match aud { + Value::String(aud_found) => { + if !correct_aud.contains(aud_found) { + return Err(new_error(ErrorKind::InvalidAudience)); + } + } + Value::Array(_) => { + let provided_aud: HashSet = from_value(aud.clone())?; + if provided_aud.intersection(correct_aud).count() == 0 { + return Err(new_error(ErrorKind::InvalidAudience)); + } + } + _ => return Err(new_error(ErrorKind::InvalidAudience)) + }; } else { return Err(new_error(ErrorKind::InvalidAudience)); } @@ -432,4 +442,24 @@ mod tests { } }; } + + // https://github.com/Keats/jsonwebtoken/issues/110 + #[test] + fn aud_use_validation_struct() { + let mut claims = Map::new(); + claims.insert("aud".to_string(), to_value("my-googleclientid1234.apps.googleusercontent.com").unwrap()); + + let aud = "my-googleclientid1234.apps.googleusercontent.com".to_string(); + let mut aud_hashset = std::collections::HashSet::new(); + aud_hashset.insert(aud); + + let validation = Validation { + aud: Some(aud_hashset), + validate_exp: false, + ..Validation::default() + }; + let res = validate(&claims, &validation); + println!("{:?}", res); + assert!(res.is_ok()); + } }