admin/Facilitor
1
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

ALLI#41420 KKÖNIGEL ook correct kunnen inloggen via JWT-SSO

Browse Source 
svn path=/Website/branches/v2017.1/; revision=34756
This commit is contained in:
Jos Groot Lipman
2017-07-26 18:14:42 +00:00
parent 191a2443d1
commit bbd391f035
1 changed files with 4 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

5
APPL/AUT/Login.inc
View File

@@ -1194,6 +1194,9 @@ function jwt_decode(token)
// FSN#39763 SLNKDWF.DLL v4.16 heeft nog een bug in het decoderen van
// url-safe encoded teksten. Daarom hier voor-corrigeren
// De jwt_verify moet straks wel op de originelen
result.orgheaderSeg = result.headerSeg;
result.orgpayloadSeg = result.payloadSeg;
result.headerSeg = result.headerSeg.replace(/\-/g, "+").replace(/\_/g, "/");
result.payloadSeg = result.payloadSeg.replace(/\-/g, "+").replace(/\_/g, "/");
@@ -1216,7 +1219,7 @@ function jwt_verify(decoded_jwt, secret, skew, duration)
return { err: "Only HS256 is supported" };
var oCrypto = new ActiveXObject("SLNKDWF.Crypto");
var sig = oCrypto.hex_hmac_sha256(secret, decoded_jwt.headerSeg + "." + decoded_jwt.payloadSeg);
var sig = oCrypto.hex_hmac_sha256(secret, decoded_jwt.orgheaderSeg + "." + decoded_jwt.orgpayloadSeg);
var sig64 = oCrypto.hex2base64(sig, false, true); // no padding, urlsafe
var now = new Date().getTime() / 1000;