diff options
Diffstat (limited to 'src/scm/webid-oidc/authorization-code.scm')
-rw-r--r-- | src/scm/webid-oidc/authorization-code.scm | 43 |
1 files changed, 21 insertions, 22 deletions
diff --git a/src/scm/webid-oidc/authorization-code.scm b/src/scm/webid-oidc/authorization-code.scm index 3a0da3b..267d67a 100644 --- a/src/scm/webid-oidc/authorization-code.scm +++ b/src/scm/webid-oidc/authorization-code.scm @@ -19,6 +19,7 @@ #:use-module ((webid-oidc stubs) #:prefix stubs:) #:use-module (webid-oidc jws) #:use-module (webid-oidc jti) + #:use-module ((webid-oidc parameters) #:prefix p:) #:use-module (web uri) #:use-module (srfi srfi-19)) @@ -129,28 +130,26 @@ (string->uri (assq-ref (the-authorization-code-payload code) 'client_id))) -(define-public (authorization-code-decode current-time jti-list str jwk) - (when (date? current-time) - (set! current-time (date->time-utc current-time))) - (when (time? current-time) - (set! current-time (time-second current-time))) - (with-exception-handler - (lambda (error) - (raise-cannot-decode-authorization-code str error)) - (lambda () - (let ((code (the-authorization-code (jws-decode str (lambda (x) jwk))))) - (let ((exp (time-second (date->time-utc (authorization-code-exp code))))) - (unless (<= current-time exp) - (raise-authorization-code-expired exp current-time)) - (unless (jti-check current-time (authorization-code-jti code) - jti-list - (- exp current-time)) - (with-exception-handler - (lambda (error) - (raise-jti-found (authorization-code-jti code) error)) - (lambda () - (error "the jti-check function returned #f")))) - code))))) +(define-public (authorization-code-decode str jwk) + (parameterize ((p:current-date + (time-second (date->time-utc ((p:current-date)))))) + (with-exception-handler + (lambda (error) + (raise-cannot-decode-authorization-code str error)) + (lambda () + (let ((code (the-authorization-code (jws-decode str (lambda (x) jwk))))) + (let ((exp (time-second (date->time-utc (authorization-code-exp code)))) + (current-time (time-second (date->time-utc ((p:current-date)))))) + (unless (<= current-time exp) + (raise-authorization-code-expired exp current-time)) + (unless (jti-check (authorization-code-jti code) + (- exp current-time)) + (with-exception-handler + (lambda (error) + (raise-jti-found (authorization-code-jti code) error)) + (lambda () + (error "the jti-check function returned #f")))) + code)))))) (define-public (authorization-code-encode authorization-code key) (with-exception-handler |