Skip to content

Commit

Permalink
fix: reimplement iss check with dual valid iss scheme
Browse files Browse the repository at this point in the history 
Co-authored-by: Loïc Leuilliot <[email protected]>
  • Loading branch information
@Crypta-Eve @warlof
Crypta-Eve and warlof authored Oct 31, 2023
1 parent 92175e3 commit 231a3f4
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion src/Socialite/EveOnline/Provider.php
View file
Original file line number Diff line number Diff line change
Expand Up @@ -166,7 +166,7 @@ private function validateJwtToken(string $access_token): array
$jws = Load::jws($access_token)
->algs(['RS256', 'ES256', 'HS256'])
->exp()
// ->iss('login.eveonline.com') // Disabled temporarily to account for CCP iss change. SeAT v5 will re-enable with proper handling.
->claim('iss', new \Jose\Component\Checker\IssuerChecker(['https://login.eveonline.com', 'login.eveonline.com'], true))
->header('typ', new TypeChecker(['JWT'], true))
->claim('scp', new ScpChecker($scopes))
->claim('sub', new SubEveCharacterChecker())
Expand Down

0 comments on commit 231a3f4

Please sign in to comment.