aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorMatthew Wild <mwild1@gmail.com>2022-07-11 13:51:39 +0100
committerMatthew Wild <mwild1@gmail.com>2022-07-11 13:51:39 +0100
commite2f61d6e7e2b5862811e22fd7eb065e5997e24e0 (patch)
tree861cb19bc3f10b799aa97c1e86ddd74d84700e22
parent7a36d5edcfce7c91f321783afee1cdf6aa151fa8 (diff)
downloadprosody-e2f61d6e7e2b5862811e22fd7eb065e5997e24e0.tar.gz
prosody-e2f61d6e7e2b5862811e22fd7eb065e5997e24e0.zip
util.paseto: Fix to decode footer before comparison
-rw-r--r--util/paseto.lua1
1 files changed, 1 insertions, 0 deletions
diff --git a/util/paseto.lua b/util/paseto.lua
index 5f162ad0..352c9df0 100644
--- a/util/paseto.lua
+++ b/util/paseto.lua
@@ -69,6 +69,7 @@ function v4_public.verify(tok, pk, expected_f, i)
if not h then
return nil, "invalid-token-format";
end
+ f = f and unb64url(f) or nil;
if expected_f then
if not f or not secure_equals(expected_f, f) then
return nil, "invalid-footer";