Add a validation config that reflects we aren't setting metadata fiel…

…ds when checking server token. Fixes crossbeam-rs#414
exrook · May 1, 2019 · 38f6592 · 38f6592
1 parent c1615ae
commit 38f6592
Showing 1 changed file with 10 additions and 1 deletion.
diff --git a/src/bin/sccache-dist/main.rs b/src/bin/sccache-dist/main.rs
@@ -367,7 +367,16 @@ fn run(command: Command) -> Result<i32> {
                     if secret_key.len() != 256 / 8 {
                         bail!("Size of secret key incorrect")
                     }
-                    let validation = jwt::Validation::new(jwt::Algorithm::HS256);
+                    let validation = jwt::Validation {
+                        leeway: 0,
+                        validate_exp: false,
+                        validate_iat: false,
+                        validate_nbf: false,
+                        aud: None,
+                        iss: None,
+                        sub: None,
+                        algorithms: vec![jwt::Algorithm::HS256],
+                    };
                     Box::new(move |server_token| {
                         check_jwt_server_token(server_token, &secret_key, &validation)
                     })