Browse code

jwt: handle claims that have numeric values

- values in between quotes are string always

(cherry picked from commit c0532161f18cce514adaf2b5d784999319445911)

Daniel-Constantin Mierla authored on 02/05/2021 15:43:02
Showing 1 changed files
... ...
@@ -186,6 +186,7 @@ static int ki_jwt_generate(sip_msg_t* msg, str *key, str *alg, str *claims)
186 186
 	param_t *pit = NULL;
187 187
 	int ret = 0;
188 188
 	jwt_t *jwt = NULL;
189
+	long lval = 0;
189 190
 
190 191
 	if(key==NULL || key->s==NULL || alg==NULL || alg->s==NULL
191 192
 			|| claims==NULL || claims->s==NULL || claims->len<=0) {
... ...
@@ -242,16 +243,30 @@ static int ki_jwt_generate(sip_msg_t* msg, str *key, str *alg, str *claims)
242 243
 	iat = time(NULL);
243 244
 
244 245
 	ret = jwt_add_grant_int(jwt, "iat", iat);
246
+	if(ret != 0) {
247
+		LM_ERR("failed to add iat grant\n");
248
+		goto error;
249
+	}
245 250
 	for (pit = params_list; pit; pit=pit->next) {
246 251
 		if(pit->name.len>0 && pit->body.len>0) {
247 252
 			pit->name.s[pit->name.len] = '\0';
248 253
 			pit->body.s[pit->body.len] = '\0';
249
-			jwt_add_grant(jwt, pit->name.s, pit->body.s);
254
+			if(pit->body.s[-1] == '\"' || pit->body.s[-1] == '\'') {
255
+				ret = jwt_add_grant(jwt, pit->name.s, pit->body.s);
256
+			} else if(str2slong(&pit->body, &lval)==0) {
257
+				ret = jwt_add_grant_int(jwt, pit->name.s, lval);
258
+			} else {
259
+				ret = jwt_add_grant(jwt, pit->name.s, pit->body.s);
260
+			}
261
+			if(ret != 0) {
262
+				LM_ERR("failed to add %s grant\n", pit->name.s);
263
+				goto error;
264
+			}
250 265
 		}
251 266
 	}
252 267
 
253 268
 	ret = jwt_set_alg(jwt, valg, (unsigned char*)kdata.s, (size_t)kdata.len);
254
-	if (ret < 0) {
269
+	if (ret != 0) {
255 270
 		LM_ERR("failed to set algorithm and key\n");
256 271
 		goto error;
257 272
 	}
... ...
@@ -324,6 +339,7 @@ static int ki_jwt_verify(sip_msg_t* msg, str *key, str *alg, str *claims,
324 339
 	jwt_t *jwt = NULL;
325 340
 	jwt_valid_t *jwt_valid = NULL;
326 341
 	str sparams = STR_NULL;
342
+	long lval = 0;
327 343
 
328 344
 	if(key==NULL || key->s==NULL || alg==NULL || alg->s==NULL
329 345
 			|| claims==NULL || claims->s==NULL || claims->len<=0
... ...
@@ -384,7 +400,17 @@ static int ki_jwt_verify(sip_msg_t* msg, str *key, str *alg, str *claims,
384 400
 		if(pit->name.len>0 && pit->body.len>0) {
385 401
 			pit->name.s[pit->name.len] = '\0';
386 402
 			pit->body.s[pit->body.len] = '\0';
387
-			jwt_valid_add_grant(jwt_valid, pit->name.s, pit->body.s);
403
+			if(pit->body.s[-1] == '\"' || pit->body.s[-1] == '\'') {
404
+				ret = jwt_valid_add_grant(jwt_valid, pit->name.s, pit->body.s);
405
+			} else if(str2slong(&pit->body, &lval)==0) {
406
+				ret = jwt_valid_add_grant_int(jwt_valid, pit->name.s, lval);
407
+			} else {
408
+				ret = jwt_valid_add_grant(jwt_valid, pit->name.s, pit->body.s);
409
+			}
410
+			if(ret != 0) {
411
+				LM_ERR("failed to add %s valid grant\n", pit->name.s);
412
+				goto error;
413
+			}
388 414
 		}
389 415
 	}
390 416