diff options
| author |  kim <grufwub@gmail.com> | 2025-08-12 16:04:30 +0200 |
|---|---|---|
| committer |  kim <gruf@noreply.codeberg.org> | 2025-08-12 16:04:30 +0200 |
| commit | 1edc0f7b3c9264c2d4b21455afb5fc2e14ff1ab7 (patch) | |
| tree | 4f5525b6141f2744b95eedaec744873c36f799fd /vendor/github.com/golang-jwt/jwt/v5/parser_option.go | |
| parent | [feature] scheduled statuses (#4274) (diff) | |
| download | gotosocial-1edc0f7b3c9264c2d4b21455afb5fc2e14ff1ab7.tar.xz | |
[chore] bump to code.superseriousbusiness.org/oauth2/v4@ssb-v4.5.3-2 (#4367)
Reviewed-on: https://codeberg.org/superseriousbusiness/gotosocial/pulls/4367
Co-authored-by: kim <grufwub@gmail.com>
Co-committed-by: kim <grufwub@gmail.com>
Diffstat (limited to 'vendor/github.com/golang-jwt/jwt/v5/parser_option.go')
| -rw-r--r-- | vendor/github.com/golang-jwt/jwt/v5/parser_option.go | 25 |
1 files changed, 21 insertions, 4 deletions
diff --git a/vendor/github.com/golang-jwt/jwt/v5/parser_option.go b/vendor/github.com/golang-jwt/jwt/v5/parser_option.go index 88a780fbd..431573557 100644 --- a/vendor/github.com/golang-jwt/jwt/v5/parser_option.go +++ b/vendor/github.com/golang-jwt/jwt/v5/parser_option.go @@ -66,20 +66,37 @@ func WithExpirationRequired() ParserOption { } } -// WithAudience configures the validator to require the specified audience in -// the `aud` claim. Validation will fail if the audience is not listed in the -// token or the `aud` claim is missing. +// WithAudience configures the validator to require any of the specified +// audiences in the `aud` claim. Validation will fail if the audience is not +// listed in the token or the `aud` claim is missing. // // NOTE: While the `aud` claim is OPTIONAL in a JWT, the handling of it is // application-specific. Since this validation API is helping developers in // writing secure application, we decided to REQUIRE the existence of the claim, // if an audience is expected. -func WithAudience(aud string) ParserOption { +func WithAudience(aud ...string) ParserOption { return func(p *Parser) { p.validator.expectedAud = aud } } +// WithAllAudiences configures the validator to require all the specified +// audiences in the `aud` claim. Validation will fail if the specified audiences +// are not listed in the token or the `aud` claim is missing. Duplicates within +// the list are de-duplicated since internally, we use a map to look up the +// audiences. +// +// NOTE: While the `aud` claim is OPTIONAL in a JWT, the handling of it is +// application-specific. Since this validation API is helping developers in +// writing secure application, we decided to REQUIRE the existence of the claim, +// if an audience is expected. +func WithAllAudiences(aud ...string) ParserOption { + return func(p *Parser) { + p.validator.expectedAud = aud + p.validator.expectAllAud = true + } +} + // WithIssuer configures the validator to require the specified issuer in the // `iss` claim. Validation will fail if a different issuer is specified in the // token or the `iss` claim is missing. |