Be paranoid

parent 2792260b
Pipeline #28235 passed with stage
in 31 seconds
......@@ -191,7 +191,7 @@
For a jwt without scope, an empty set will be returned."
[claims]
(assert (map? claims) "claims must be a map!")
(if-let [claims (get claims :scope)]
(if-let [claims (not-empty (get claims :scope))]
(do
(assert (string? claims) ":scope in claims must be a string!")
(into (sorted-set) (str/split claims #"\s+")))
......
......@@ -74,6 +74,9 @@ vLu9XxKFHYlWPccluz3pqDfaGNPO12968DAldwvAV6hTGgx7oMaNPu0UltgD/aaj
(clj-jwt/scopes nil))))
(testing "Missing scope gives empty set"
(is (= #{} (->> (buddy-jwt/sign {:sub "jalla" :scope ""} ec-privkey {:alg :rs256 :header {:kid "test-key"}})
(clj-jwt/unsign (resource "jwks.json"))
(clj-jwt/scopes))))
(is (= #{} (->> (buddy-jwt/sign {:sub "jalla"} ec-privkey {:alg :rs256 :header {:kid "test-key"}})
(clj-jwt/unsign (resource "jwks.json"))
(clj-jwt/scopes)))))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment