From 4342d9033dc4d2e6be90342a12ff17df463beac2 Mon Sep 17 00:00:00 2001
From: Shinichi Morimoto <shnmorimoto@gmail.com>
Date: Sat, 26 Mar 2022 21:31:34 +0900
Subject: [PATCH 1/2] #286 allow multiple audiences

---
 jwt/validation.go | 9 +++++++--
 1 file changed, 7 insertions(+), 2 deletions(-)

diff --git a/jwt/validation.go b/jwt/validation.go
index 6f3ff4e8..1b3e0d0c 100644
--- a/jwt/validation.go
+++ b/jwt/validation.go
@@ -87,11 +87,16 @@ func (c Claims) ValidateWithLeeway(e Expected, leeway time.Duration) error {
 	}
 
 	if len(e.Audience) != 0 {
+		flag := false
 		for _, v := range e.Audience {
-			if !c.Audience.Contains(v) {
-				return ErrInvalidAudience
+			if c.Audience.Contains(v) {
+				flag = true
+				break
 			}
 		}
+		if !flag {
+			return ErrInvalidAudience
+		}
 	}
 
 	if !e.Time.IsZero() {

From 07268a3cb3ceabf209f6ee6ce71472b28c5bdc82 Mon Sep 17 00:00:00 2001
From: Shinichi Morimoto <shnmorimoto@gmail.com>
Date: Sun, 27 Mar 2022 00:11:12 +0900
Subject: [PATCH 2/2] #286 change test for multiple audiences validation

---
 jwt/validation_test.go | 11 +++++++++++
 1 file changed, 11 insertions(+)

diff --git a/jwt/validation_test.go b/jwt/validation_test.go
index 6edcabd3..07a6aee7 100644
--- a/jwt/validation_test.go
+++ b/jwt/validation_test.go
@@ -44,6 +44,17 @@ func TestFieldsMatch(t *testing.T) {
 		assert.NoError(t, c.Validate(v))
 	}
 
+	claimsWithSingleAudience := Claims{
+		Issuer:   "issuer",
+		Subject:  "subject",
+		Audience: []string{"a1"},
+		ID:       "42",
+	}
+
+	for _, v := range valid {
+		assert.NoError(t, claimsWithSingleAudience.Validate(v))
+	}
+
 	invalid := []struct {
 		Expected Expected
 		Error    error