Google Git
Sign in
edge/third_party/SermoDigital/jose/a9a1ba408d5ff288b3331191b39e25f9cf12db43^1..a9a1ba408d5ff288b3331191b39e25f9cf12db43/.
commit
a9a1ba408d5ff288b3331191b39e25f9cf12db43
[log] [tgz]
author
Eric Lagergren <ericscottlagergren@gmail.com>
Sun Jan 31 20:19:45 2016 -0800
committer
Eric Lagergren <ericscottlagergren@gmail.com>
Sun Jan 31 20:19:45 2016 -0800
tree
17aae107ce5134f1055975fc86436572fd796529
parent
9832dc87c1ba19273511f0c512ed7f0772401f26 [diff]
parent
e33ecf232adf93e44c4d854ce2822518aba0a5bd [diff]
Merge branch 'master' of github.com:SermoDigital/jose

diff --git a/jws/jws.go b/jws/jws.go
index 3716d38..d0b1a54 100644
--- a/jws/jws.go
+++ b/jws/jws.go

@@ -407,7 +407,7 @@
 
 func fromHeader(req *http.Request) ([]byte, bool) {
 	if ah := req.Header.Get("Authorization"); ah != "" && len(ah) > 6 && strings.EqualFold(ah[0:6], "BEARER") {
-		return []byte(ah[:7]), true
+		return []byte(ah[7:]), true
 	}
 	return nil, false
 }

diff --git a/jwt/jwt.go b/jwt/jwt.go
index ed41220..bd84259 100644
--- a/jwt/jwt.go
+++ b/jwt/jwt.go

@@ -69,9 +69,11 @@
 		j.Claims().Get("jti") != jti {
 		return ErrInvalidJTIClaim
 	}
-	if aud, ok := v.Expected.Audience(); ok &&
-		!eq(j.Claims().Get("aud"), aud) {
-		return ErrInvalidAUDClaim
+
+	if aud, ok := v.Expected.Audience(); ok {
+		if aud2, _ := j.Claims().Audience(); !eq(aud, aud2){
+			return ErrInvalidAUDClaim
+		}
 	}
 
 	if v.Fn != nil {