You are viewing a plain text version of this content. The canonical link for it is here.
Posted to cvs@httpd.apache.org by mi...@apache.org on 2023/05/19 10:24:27 UTC
svn commit: r1909926 - /httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c
Author: minfrin
Date: Fri May 19 10:24:27 2023
New Revision: 1909926
URL: http://svn.apache.org/viewvc?rev=1909926&view=rev
Log:
Sign with the signer key. Previously the verify key was used, which only worked
if the signing and verifying keys were the same.
Modified:
httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c
Modified: httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c?rev=1909926&r1=1909925&r2=1909926&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c Fri May 19 10:24:27 2023
@@ -616,8 +616,9 @@ static const char *jwt_get_token(request
return "error:no-claims";
}
- if (conf->verifies_set) {
- srec = (auth_bearer_signature_rec *)conf->verifies->elts;
+ /* sign with the first key, if present */
+ if (conf->signs_set) {
+ srec = (auth_bearer_signature_rec *)conf->signs->elts;
}
/* create a JWT containing the claims */