From fb1fe3ed9675c0b45c61bd2e645b6db8b5157ad5 Mon Sep 17 00:00:00 2001 From: Robin Hazewinkel Date: Wed, 10 Dec 2025 11:36:32 +0100 Subject: [PATCH 1/3] Fix wrong error code --- Library/AppSrc/JWT/JWT.pkg | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/Library/AppSrc/JWT/JWT.pkg b/Library/AppSrc/JWT/JWT.pkg index 385f200..1dc7bae 100644 --- a/Library/AppSrc/JWT/JWT.pkg +++ b/Library/AppSrc/JWT/JWT.pkg @@ -326,7 +326,7 @@ Class cBaseJsonWebToken is a cJsonObject // Try parse Get ParseUtf8 ucaTemp to bOk If (not(bOk)) Begin - Function_Return False + Function_Return C_JWT_INVALID End // Verify is JWT From c0756b9e42deecc14e7ade4c50d4e9f8d3c8be21 Mon Sep 17 00:00:00 2001 From: Robin Hazewinkel Date: Sun, 14 Dec 2025 22:47:03 +0100 Subject: [PATCH 2/3] Rewriten audience so that it is based on Array. --- Demo/AppSrc/Dashboard.wo | 15 +++++++++--- Library/AppSrc/JWT/JWT.pkg | 35 +++++++++++++++++++++++++-- Library/AppSrc/JWT/l8w8jwt2_mixin.pkg | 17 +++++++------ 3 files changed, 54 insertions(+), 13 deletions(-) diff --git a/Demo/AppSrc/Dashboard.wo b/Demo/AppSrc/Dashboard.wo index fc3eea8..4471c57 100644 --- a/Demo/AppSrc/Dashboard.wo +++ b/Demo/AppSrc/Dashboard.wo @@ -98,7 +98,8 @@ Object oDashboard is a cWebView Forward Send OnClick Integer iReturnValue String sJWT sReturnValue - String sSubject sIssuer sAudience + String sSubject sIssuer + String[] saAudience UBigInt ubiIssuedAt ubiExpiration ubiNotBefore WebGet psValue of oWebForm to sJWT @@ -107,14 +108,17 @@ Object oDashboard is a cWebView Get Subject of oJWT to sSubject Get Issuer of oJWT to sIssuer - Get Audience of oJWT to sAudience + Get Audience of oJWT to saAudience Get IssuedAt of oJWT to ubiIssuedAt Get Expiration of oJWT to ubiExpiration Get NotBefore of oJWT to ubiNotBefore WebSet psValue of oWebForm1 to sSubject WebSet psValue of oWebForm2 to sIssuer - WebSet psValue of oWebForm3 to sAudience + If (SizeOfArray(saAudience) > 1) ; + WebSet psValue of oWebForm3 to (StrJoinFromArray(saAudience, ' ')) + Else ; + WebSet psValue of oWebForm3 to saAudience[0] WebSet psValue of oWebForm4 to ubiIssuedAt WebSet psValue of oWebForm5 to ubiExpiration WebSet psValue of oWebForm6 to ubiNotBefore @@ -236,7 +240,10 @@ Object oDashboard is a cWebView WebGet psValue of oWebForm2 to sValue Set Issuer of oJWT to sValue WebGet psValue of oWebForm3 to sValue - Set Audience of oJWT to sValue + If (Pos(' ', sValue)) ; + Set Audience_Array of oJWT to (StrSplitToArray(sValue, " ")) + Else ; + Set Audience of oJWT to sValue WebGet psValue of oWebForm4 to ubiUnixTime Set IssuedAt of oJWT to ubiUnixTime WebGet psValue of oWebForm5 to ubiUnixTime diff --git a/Library/AppSrc/JWT/JWT.pkg b/Library/AppSrc/JWT/JWT.pkg index 1dc7bae..7654cb7 100644 --- a/Library/AppSrc/JWT/JWT.pkg +++ b/Library/AppSrc/JWT/JWT.pkg @@ -185,9 +185,40 @@ Class cBaseJsonWebToken is a cJsonObject Send SetMemberValue "aud" jsonTypeString sValue End_Procedure { MethodType=Property } - Function Audience Returns String + Procedure Set Audience_Array String[] saValues + String sValue + Boolean bSuccess + Handle hoTempJson + Get StrJoinFromArray saValues '","' to sValue + Move ('["' - sValue - '"]') to sValue + Get Create (RefClass(cJsonObject)) to hoTempJson + Send InitializeJsonType of hoTempJson jsonTypeArray + Get ParseString of hoTempJson sValue to bSuccess + If (bSuccess) ; + Send SetMember "aud" hoTempJson + Send Destroy of hoTempJson + End_Procedure + { MethodType=Property } + Function Audience Returns String[] + Integer iJsonTypeMember + String sMemberValue + String[] saMemberValue + Handle hoMember + If (not(HasMember(Self, "aud"))) Function_Return "" - Function_Return (MemberValue(Self, "aud")) + Get MemberValue "aud" to sMemberValue + Get MemberJsonType "aud" to iJsonTypeMember + If (iJsonTypeMember = jsonTypeArray) Begin + Move (Replace('[ "', sMemberValue, '')) to sMemberValue + Move (Replace('" ]', sMemberValue, '')) to sMemberValue + Get StrSplitToArray sMemberValue '", "' to saMemberValue + Function_Return saMemberValue + End + Else If (iJsonTypeMember = jsonTypeString) Begin + Move sMemberValue to saMemberValue[0] + Function_Return saMemberValue + End + Else Function_Return saMemberValue //Empty End_Function { MethodType=Property } diff --git a/Library/AppSrc/JWT/l8w8jwt2_mixin.pkg b/Library/AppSrc/JWT/l8w8jwt2_mixin.pkg index 9688a4a..a383b20 100644 --- a/Library/AppSrc/JWT/l8w8jwt2_mixin.pkg +++ b/Library/AppSrc/JWT/l8w8jwt2_mixin.pkg @@ -166,12 +166,6 @@ Class cL8w8jwt_Mixin is a Mixin Move (AddressOf(sIss)) to stl8w8jwt_encoding_params.iss Move (SizeOfString(sIss)) to stl8w8jwt_encoding_params.iss_length End - //Aud - If (HasMember(hoJsonWebToken, 'aud')) Begin - Get MemberValue of hoJsonWebToken 'aud' to sAud - Move (AddressOf(sAud)) to stl8w8jwt_encoding_params.aud - Move (SizeOfString(sAud)) to stl8w8jwt_encoding_params.aud_length - End //JTI If (HasMember(hoJsonWebToken, 'jti')) Begin Get MemberValue of hoJsonWebToken 'jti' to sJti @@ -204,8 +198,17 @@ Class cL8w8jwt_Mixin is a Mixin Move (AddressOf(pJWTResult)) to stl8w8jwt_encoding_params.out Move (AddressOf(iSizeOfJWTResult)) to stl8w8jwt_encoding_params.out_length + Move (StrSplitToArray("sub,iss,iat,exp,nbf", ',')) to saBlacklistMembers + //Aud + If (HasMember(hoJsonWebToken, 'aud')) Begin + Get MemberValue of hoJsonWebToken 'aud' to sAud + If (not(Pos('[', sAud) > 0 or Pos(']', sAud) > 0)) Begin + Move (AddressOf(sAud)) to stl8w8jwt_encoding_params.aud + Move (SizeOfString(sAud)) to stl8w8jwt_encoding_params.aud_length + Move 'aud' to saBlacklistMembers[SizeOfArray(saBlacklistMembers)] + End + End //Additional claims - Move (StrSplitToArray("sub,iss,aud,iat,exp,nbf", ',')) to saBlacklistMembers Move (SortArray(saBlacklistMembers)) to saBlacklistMembers Move 0 to iClaimsCounter From 974808d2f9220b6d7cc02c6560c25f3ca789f157 Mon Sep 17 00:00:00 2001 From: Robin Hazewinkel Date: Thu, 18 Dec 2025 12:01:12 +0100 Subject: [PATCH 3/3] Merge comments Made it in a way that it still returns a string. --- Demo/AppSrc/Dashboard.wo | 15 ++++--------- Library/AppSrc/JWT/JWT.pkg | 43 ++++++++++++++++++++++---------------- 2 files changed, 29 insertions(+), 29 deletions(-) diff --git a/Demo/AppSrc/Dashboard.wo b/Demo/AppSrc/Dashboard.wo index 4471c57..fc3eea8 100644 --- a/Demo/AppSrc/Dashboard.wo +++ b/Demo/AppSrc/Dashboard.wo @@ -98,8 +98,7 @@ Object oDashboard is a cWebView Forward Send OnClick Integer iReturnValue String sJWT sReturnValue - String sSubject sIssuer - String[] saAudience + String sSubject sIssuer sAudience UBigInt ubiIssuedAt ubiExpiration ubiNotBefore WebGet psValue of oWebForm to sJWT @@ -108,17 +107,14 @@ Object oDashboard is a cWebView Get Subject of oJWT to sSubject Get Issuer of oJWT to sIssuer - Get Audience of oJWT to saAudience + Get Audience of oJWT to sAudience Get IssuedAt of oJWT to ubiIssuedAt Get Expiration of oJWT to ubiExpiration Get NotBefore of oJWT to ubiNotBefore WebSet psValue of oWebForm1 to sSubject WebSet psValue of oWebForm2 to sIssuer - If (SizeOfArray(saAudience) > 1) ; - WebSet psValue of oWebForm3 to (StrJoinFromArray(saAudience, ' ')) - Else ; - WebSet psValue of oWebForm3 to saAudience[0] + WebSet psValue of oWebForm3 to sAudience WebSet psValue of oWebForm4 to ubiIssuedAt WebSet psValue of oWebForm5 to ubiExpiration WebSet psValue of oWebForm6 to ubiNotBefore @@ -240,10 +236,7 @@ Object oDashboard is a cWebView WebGet psValue of oWebForm2 to sValue Set Issuer of oJWT to sValue WebGet psValue of oWebForm3 to sValue - If (Pos(' ', sValue)) ; - Set Audience_Array of oJWT to (StrSplitToArray(sValue, " ")) - Else ; - Set Audience of oJWT to sValue + Set Audience of oJWT to sValue WebGet psValue of oWebForm4 to ubiUnixTime Set IssuedAt of oJWT to ubiUnixTime WebGet psValue of oWebForm5 to ubiUnixTime diff --git a/Library/AppSrc/JWT/JWT.pkg b/Library/AppSrc/JWT/JWT.pkg index 7654cb7..55372fb 100644 --- a/Library/AppSrc/JWT/JWT.pkg +++ b/Library/AppSrc/JWT/JWT.pkg @@ -180,26 +180,32 @@ Class cBaseJsonWebToken is a cJsonObject Function_Return (MemberValue(Self, "sub")) End_Function + //If the audience is a space separated string, then it would be a JSON Array, otherwise just a String. { MethodType=Property } Procedure Set Audience String sValue - Send SetMemberValue "aud" jsonTypeString sValue - End_Procedure - { MethodType=Property } - Procedure Set Audience_Array String[] saValues - String sValue + String sTempString Boolean bSuccess Handle hoTempJson - Get StrJoinFromArray saValues '","' to sValue - Move ('["' - sValue - '"]') to sValue - Get Create (RefClass(cJsonObject)) to hoTempJson - Send InitializeJsonType of hoTempJson jsonTypeArray - Get ParseString of hoTempJson sValue to bSuccess - If (bSuccess) ; - Send SetMember "aud" hoTempJson - Send Destroy of hoTempJson + String[] saAudience + + If (Pos(' ', sValue)) Begin + Move (StrSplitToArray(sValue, " ")) to saAudience + If (SizeOfArray(saAudience) > 0) Begin + Get StrJoinFromArray saAudience '","' to sTempString + Move ('["' - sTempString - '"]') to sTempString + Get Create (RefClass(cJsonObject)) to hoTempJson + Send InitializeJsonType of hoTempJson jsonTypeArray + Get ParseString of hoTempJson sTempString to bSuccess + If (bSuccess) ; + Send SetMember "aud" hoTempJson + Send Destroy of hoTempJson + End + End + Else ; + Send SetMemberValue "aud" jsonTypeString sValue End_Procedure { MethodType=Property } - Function Audience Returns String[] + Function Audience Returns String Integer iJsonTypeMember String sMemberValue String[] saMemberValue @@ -207,18 +213,19 @@ Class cBaseJsonWebToken is a cJsonObject If (not(HasMember(Self, "aud"))) Function_Return "" Get MemberValue "aud" to sMemberValue + Get MemberJsonType "aud" to iJsonTypeMember If (iJsonTypeMember = jsonTypeArray) Begin Move (Replace('[ "', sMemberValue, '')) to sMemberValue Move (Replace('" ]', sMemberValue, '')) to sMemberValue Get StrSplitToArray sMemberValue '", "' to saMemberValue - Function_Return saMemberValue + Function_Return (StrJoinFromArray(saMemberValue, ' ')) End Else If (iJsonTypeMember = jsonTypeString) Begin - Move sMemberValue to saMemberValue[0] - Function_Return saMemberValue + Function_Return sMemberValue End - Else Function_Return saMemberValue //Empty + Else ; + Function_Return "" End_Function { MethodType=Property }