You are viewing a plain text version of this content. The canonical link for it is here.

Posted to cvs@httpd.apache.org by mi...@apache.org on 2023/05/19 10:24:27 UTC

svn commit: r1909926 - /httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c

Author: minfrin
Date: Fri May 19 10:24:27 2023
New Revision: 1909926

URL: http://svn.apache.org/viewvc?rev=1909926&view=rev
Log:
Sign with the signer key. Previously the verify key was used, which only worked
if the signing and verifying keys were the same.

Modified:
    httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c

Modified: httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c
URL: http://svn.apache.org/viewvc/httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c?rev=1909926&r1=1909925&r2=1909926&view=diff
==============================================================================
--- httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c (original)
+++ httpd/httpd/trunk/modules/aaa/mod_autht_jwt.c Fri May 19 10:24:27 2023
@@ -616,8 +616,9 @@ static const char *jwt_get_token(request
         return "error:no-claims";
     }
 
-    if (conf->verifies_set) {
-        srec = (auth_bearer_signature_rec *)conf->verifies->elts;
+    /* sign with the first key, if present */
+    if (conf->signs_set) {
+        srec = (auth_bearer_signature_rec *)conf->signs->elts;
     }
 
     /* create a JWT containing the claims */