Permalink
Browse files

Externally created tokens were failing to vaildate, it turns out that…

… signatures were being double encoded.

I used the debugger at jwt.io to confirm.
  • Loading branch information...
henderjon committed Feb 22, 2018
1 parent c702dd3 commit 2479b53da499cc20e4164eccba239cfda66b74e3
Showing with 3 additions and 3 deletions.
  1. +3 −3 algorithms.go
View
@@ -41,13 +41,13 @@ func (a *Algorithm) write(data []byte) (int, error) {
}
// Sign signs the token with the given hash, and key
func (a *Algorithm) Sign(unsignedToken string) (string, error) {
func (a *Algorithm) Sign(unsignedToken string) ([]byte, error) {
_, err := a.write([]byte(unsignedToken))
if err != nil {
return "", errors.Wrap(err, "Unable to write to HMAC-SHA256")
return nil, errors.Wrap(err, "Unable to write to HMAC-SHA256")
}
encodedToken := base64.RawURLEncoding.EncodeToString(a.sum(nil))
encodedToken := a.sum(nil)
a.reset()
return encodedToken, nil

0 comments on commit 2479b53

Please sign in to comment.