You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
Hi. I noticed your code in TJWS.CheckCompactToken is rather simple, where you check if the given string contains 3 non-empty parts separated by a dot. While this might be sufficient for most cases, it could be more strict in a way that you try to parse the Header and Claims (Payload) section to a JSON value. For example:
classfunctionTJWS.CheckCompactToken(constValue: TJOSEBytes; const AStrict: Boolean): Boolean;
var
LRes: TStringDynArray;
LIndex: Integer;
begin
Result := True;
ifValue.IsEmpty then
Exit(False);
LRes := SplitString(Value, PART_SEPARATOR);
ifnot (Length(LRes) = COMPACT_PARTS) then
Exit(False);
for LIndex := 0to Length(LRes) - 1dobeginif LRes[LIndex].IsEmpty then
Exit(False);
end;
if TJSONObject.ParseJSONValue(LRes[0]) = nilthen
Exit(False);
if TJSONObject.ParseJSONValue(LRes[1]) = nilthen
Exit(False);
end;
Thanks for creating this library and writing such clean and readable code!
The text was updated successfully, but these errors were encountered:
Yes, I knew that the check was not "strong" but I simply forgot to refactor this function, I like your solution... how about you create a PR so I can credit you for this work?
Hi. I noticed your code in TJWS.CheckCompactToken is rather simple, where you check if the given string contains 3 non-empty parts separated by a dot. While this might be sufficient for most cases, it could be more strict in a way that you try to parse the Header and Claims (Payload) section to a JSON value. For example:
Thanks for creating this library and writing such clean and readable code!
The text was updated successfully, but these errors were encountered: