Merge pull request #66 from prince-chrismc/verify-aud-string

Verify aud string and complex object
Thalhammer · May 2, 2020 · 6b349fd · 6b349fd
2 parents 1e0387b + 0c803ed
commit 6b349fd
Show file tree

Hide file tree

Showing 2 changed files with 31 additions and 1 deletion.
diff --git a/include/jwt-cpp/jwt.h b/include/jwt-cpp/jwt.h
@@ -1417,6 +1417,13 @@ namespace jwt {
 		 * \return *this to allow chaining
 		 */
 		verifier& with_audience(const std::set<std::string>& aud) { return with_claim("aud", claim(aud)); }
+		/**
+		 * Set an audience to check for.
+		 * If the specified audiences is not present in the token the check fails.
+		 * \param aud Audience to check for.
+		 * \return *this to allow chaining
+		 */
+		verifier& with_audience(const std::string& aud) { return with_claim("aud", claim(aud)); }
 		/**
 		 * Set an id to check for.
 		 * Check is casesensitive.
@@ -1478,6 +1485,10 @@ namespace jwt {
 							throw token_verification_exception("claim " + key + " does not match expected");
 					}
 				}
+				else if (c.get_type() == claim::type::object) {
+					if( c.to_json().serialize() != jc.to_json().serialize())
+						throw token_verification_exception("claim " + key + " does not match expected");
+				}
 				else if (c.get_type() == claim::type::string) {
 					if (c.as_string() != jc.as_string())
 						throw token_verification_exception("claim " + key + " does not match expected");

diff --git a/tests/TokenTest.cpp b/tests/TokenTest.cpp
@@ -325,7 +325,14 @@ TEST(TokenTest, VerifyFail) {
 		auto verify = jwt::verify()
 			.allow_algorithm(jwt::algorithm::none{})
 			.with_issuer("auth0")
-			.with_audience({ "test" });
+			.with_audience(std::set<std::string>{ "test" });
+		ASSERT_THROW(verify.verify(decoded_token), jwt::token_verification_exception);
+	}
+	{
+		auto verify = jwt::verify()
+			.allow_algorithm(jwt::algorithm::none{})
+			.with_issuer("auth0")
+			.with_audience("test");
 		ASSERT_THROW(verify.verify(decoded_token), jwt::token_verification_exception);
 	}
 	{
@@ -342,6 +349,18 @@ TEST(TokenTest, VerifyFail) {
 			.with_claim("myclaim", jwt::claim(std::string("test")));
 		ASSERT_THROW(verify.verify(decoded_token), jwt::token_verification_exception);
 	}
+	{
+		jwt::claim object;
+		std::istringstream iss{R"({ "test": null })"};
+		iss >> object;
+		ASSERT_EQ(object.get_type() , jwt::claim::type::object);
+
+		auto verify = jwt::verify()
+			.allow_algorithm(jwt::algorithm::none{})
+			.with_issuer("auth0")
+			.with_claim("myclaim", object);
+		ASSERT_THROW(verify.verify(decoded_token), jwt::token_verification_exception);
+	}
 }
 
 TEST(TokenTest, VerifyTokenES256) {