Fix missing symbol handling in aud verify code

jwt · Sep 16, 2016 · 729a7e0 · 729a7e0
1 parent 1b14269
commit 729a7e0
Show file tree

Hide file tree

Showing 2 changed files with 15 additions and 2 deletions.
diff --git a/lib/jwt/verify.rb b/lib/jwt/verify.rb
@@ -26,13 +26,13 @@ def verify_aud
             raise(
               JWT::InvalidAudError,
               'Invalid audience'
-            ) unless @payload['aud'].include?(aud)
+            ) unless @payload['aud'].include?(aud.to_s)
           end
         else
           raise(
             JWT::InvalidAudError,
             'Invalid audience'
-          ) unless @payload['aud'].include?(options_aud)
+          ) unless @payload['aud'].include?(options_aud.to_s)
         end
       else
         raise(

diff --git a/spec/jwt/verify_spec.rb b/spec/jwt/verify_spec.rb
@@ -46,6 +46,19 @@ module JWT
       it 'must allow an array with any value matching the one in the options with a string options key' do
         Verify.verify_aud(array_payload, options.merge('aud' => array_aud.first))
       end
+
+      it 'should allow strings or symbolds in options array' do
+        options['aud'] = [
+          'ruby-jwt-aud', 
+          'test-aud',
+          'ruby-ruby-ruby',
+          :test
+        ]
+
+        array_payload['aud'].push('test')
+
+        Verify.verify_aud(array_payload, options)
+      end
     end
 
     context '.verify_expiration(payload, options)' do