Skip to content

Commit

Permalink
fix: paseto formatted access token audience is a single string
Browse files Browse the repository at this point in the history
  • Loading branch information
panva committed Aug 4, 2019
1 parent 90d6942 commit 1fd45f5
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions lib/models/formats/paseto.js
Original file line number Diff line number Diff line change
Expand Up @@ -32,11 +32,16 @@ module.exports = (provider) => {
async getValueAndPayload() {
const [, payload] = await opaque.getValueAndPayload.call(this);
const {
jti, accountId: sub, iat, exp, scope, aud, clientId: azp, 'x5t#S256': x5t, 'jkt#S256': jkt, extra,
jti, accountId: sub, iat, exp, scope, clientId: azp, 'x5t#S256': x5t, 'jkt#S256': jkt, extra,
} = payload;
let { aud } = payload;

if (Array.isArray(aud) && aud.length > 1) {
throw new Error('only a single audience ("aud") value is permitted for this token type');
if (Array.isArray(aud)) {
if (aud.length > 1) {
throw new Error('only a single audience ("aud") value is permitted for this token type');
} else {
[aud] = aud;
}
}

let value;
Expand Down

0 comments on commit 1fd45f5

Please sign in to comment.