From 36fbb2c575c374830b03ea47add2ca69a6d6a916 Mon Sep 17 00:00:00 2001
From: Jos Groot Lipman <jos.grootlipman@aareon.nl>
Date: Thu, 20 Oct 2016 07:17:01 +0000
Subject: [PATCH] Iets strenger controleren op type=JWT

svn path=/Website/branches/v2016.2/; revision=31160
---
 APPL/Shared/loginTry.asp | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/APPL/Shared/loginTry.asp b/APPL/Shared/loginTry.asp
index 6fd63efdff..b257c6e4db 100644
--- a/APPL/Shared/loginTry.asp
+++ b/APPL/Shared/loginTry.asp
@@ -112,7 +112,8 @@ if (user_key < 0 && jwt)
 
     var sql = "SELECT *"
             + "  FROM fac_idp"
-            + " WHERE fac_idp_issuer = " + safe.quoted_sql(claim.payload.iss)
+            + " WHERE fac_idp_type = 4" // JWT
+            + "   AND fac_idp_issuer = " + safe.quoted_sql(claim.payload.iss)
             + "   AND fac_idp_audience = " + safe.quoted_sql(claim.payload.aud);
     var oRs = Oracle.Execute(sql);
     if (oRs.Eof)