jwt token Issuer, also in verification

2023-02-26 20:08:37 +01:00 · 2023-02-26 20:08:37 +01:00 · 8b90a99823
commit 8b90a99823
parent 434e0ddea6
2 changed files with 5 additions and 2 deletions
--- a/src/be/jeffcheasey88/peeratcode/webserver/Client.java
+++ b/src/be/jeffcheasey88/peeratcode/webserver/Client.java
@ -43,8 +43,7 @@ public class Client extends Thread{
 		            .setRequireExpirationTime()
 		            .setAllowedClockSkewInSeconds(30)
 		            .setRequireSubject()
-		            .setExpectedIssuer("Issuer")
-		            .setExpectedAudience("Audience")
+		            .setExpectedIssuer(this.router.getTokenIssuer())
 		            .setVerificationKey(this.router.getWebKey().getKey())
 		            .setJwsAlgorithmConstraints(
 		                    ConstraintType.PERMIT, AlgorithmIdentifiers.RSA_USING_SHA256)
--- a/src/be/jeffcheasey88/peeratcode/webserver/Router.java
+++ b/src/be/jeffcheasey88/peeratcode/webserver/Router.java
@ -57,6 +57,10 @@ public class Router{
 		return this.rsaJsonWebKey;
 	}
 	
+	public String getTokenIssuer(){
+		return this.token_issuer;
+	}
+	
 	public String createAuthUser(int id) throws JoseException{
 		JwtClaims claims = new JwtClaims();
 	    claims.setIssuer(token_issuer);  // who creates the token and signs it