Add option for JWT field name containing JID

author: Stu Tomlinson <stu@nosnilmot.com> 2019-10-25 16:56:18 +0100
committer: Stu Tomlinson <stu@nosnilmot.com> 2019-10-25 16:56:18 +0100
commit: b2651dae0f4b3f8f025787b80fe1cc8368dac61c (patch)
tree: b10cf6e76e4fcde725f3b6c3a56b354b76b4261e /src/ejabberd_auth_jwt.erl
parent: Avoid calling to logger module on OTP<22 (diff)
1 files changed, 2 insertions, 4 deletions
diff --git a/src/ejabberd_auth_jwt.erl b/src/ejabberd_auth_jwt.erl
index 71fbabb4..8fce8e39 100644
--- a/src/ejabberd_auth_jwt.erl
+++ b/src/ejabberd_auth_jwt.erl
@@ -86,6 +86,7 @@ use_cache(_) ->
 %%%----------------------------------------------------------------------
 check_jwt_token(User, Server, Token) ->
     JWK = ejabberd_option:jwt_key(Server),
+    JidField = ejabberd_option:jwt_jid_field(Server),
     try jose_jwt:verify(JWK, Token) of
         {true, {jose_jwt, Fields}, Signature} ->
             ?DEBUG("jwt verify: ~p - ~p~n", [Fields, Signature]),
@@ -97,7 +98,7 @@ check_jwt_token(User, Server, Token) ->
                     Now = erlang:system_time(second),
                     if
                         Exp > Now ->
-                            case maps:find(<<"jid">>, Fields) of
+                            case maps:find(JidField, Fields) of
                                 error ->
                                     false;
                                 {ok, SJID} ->
@@ -121,6 +122,3 @@ check_jwt_token(User, Server, Token) ->
             false
     end.
 
-%% TODO: auth0 username is defined in 'jid' field, but we should
-%% allow customizing the name of the field containing the username
-%% to adapt to custom claims.
author	Stu Tomlinson <stu@nosnilmot.com>	2019-10-25 16:56:18 +0100
committer	Stu Tomlinson <stu@nosnilmot.com>	2019-10-25 16:56:18 +0100
commit	b2651dae0f4b3f8f025787b80fe1cc8368dac61c (patch)
tree	b10cf6e76e4fcde725f3b6c3a56b354b76b4261e /src/ejabberd_auth_jwt.erl
parent	Avoid calling to logger module on OTP<22 (diff)