fix: key check order/clause for rsa and ec

adhocore · adhocore · commit 9f29c7937636 · 2021-10-14T15:08:14.000+07:00
diff --git a/goic.go b/goic.go
@@ -259,12 +259,12 @@ func (g *Goic) verifyToken(p *Provider, tok *Token, nonce string) error {
 
 		for _, key := range p.wellKnown.jwks.Keys {
 			kid := key.Kid == t.Header["kid"]
-			if kid && key.Kty == "RSA" && key.Alg == alg {
-				return &rsa.PublicKey{E: ParseExponent(key.E), N: ParseModulo(key.N)}, nil
-			}
 			if kid && key.Kty == "EC" && key.Alg == alg {
 				return &ecdsa.PublicKey{X: ParseModulo(key.X), Y: ParseModulo(key.Y), Curve: GetCurve(key.Crv)}, nil
 			}
+			if kid && (key.Kty == "RSA" || key.Alg == alg) {
+				return &rsa.PublicKey{E: ParseExponent(key.E), N: ParseModulo(key.N)}, nil
+			}
 		}
 
 		return nil, ErrTokenKey

Original file line number	Diff line number	Diff line change
`@@ -259,12 +259,12 @@ func (g Goic) verifyToken(p Provider, tok *Token, nonce string) error {`
`259`	`259`
`260`	`260`	`for _, key := range p.wellKnown.jwks.Keys {`
`261`	`261`	`kid := key.Kid == t.Header["kid"]`
`262`		`- if kid && key.Kty == "RSA" && key.Alg == alg {`
`263`		`- return &rsa.PublicKey{E: ParseExponent(key.E), N: ParseModulo(key.N)}, nil`
`264`		`- }`
`265`	`262`	`if kid && key.Kty == "EC" && key.Alg == alg {`
`266`	`263`	`return &ecdsa.PublicKey{X: ParseModulo(key.X), Y: ParseModulo(key.Y), Curve: GetCurve(key.Crv)}, nil`
`267`	`264`	`}`
	`265`	`+ if kid && (key.Kty == "RSA" \|\| key.Alg == alg) {`
	`266`	`+ return &rsa.PublicKey{E: ParseExponent(key.E), N: ParseModulo(key.N)}, nil`
	`267`	`+ }`
`268`	`268`	`}`
`269`	`269`
`270`	`270`	`return nil, ErrTokenKey`