fix: Disable strong client_id check

CommunitySolidServer · Jan 15, 2021 · ffa9ad4 · ffa9ad4
1 parent abeec07
commit ffa9ad4
Show file tree

Hide file tree

Showing 3 changed files with 3 additions and 11 deletions.
diff --git a/package.json b/package.json
@@ -1,6 +1,6 @@
 {
   "name": "@solid/identity-token-verifier",
-  "version": "0.4.3",
+  "version": "0.5.0",
   "description": "Verifies Solid access tokens via their WebID claim, and thus asserts ownership of WebIDs.",
   "license": "MIT",
   "keywords": [

diff --git a/src/guards/AccessTokenGuard.ts b/src/guards/AccessTokenGuard.ts
@@ -30,16 +30,8 @@ export function isAccessTokenHeader(
 export function isAccessTokenPayload(
   x: unknown
 ): asserts x is AccessTokenPayload {
-  asserts.areObjectPropertiesOf(x, [
-    "aud",
-    "client_id",
-    "exp",
-    "iat",
-    "iss",
-    "webid",
-  ]);
+  asserts.areObjectPropertiesOf(x, ["aud", "exp", "iat", "iss", "webid"]);
   asserts.isLiteral(x.aud, "solid" as const);
-  asserts.isString(x.client_id);
   asserts.isNumber(x.exp);
   asserts.isNumber(x.iat);
   asserts.isString(x.iss);

diff --git a/src/types/AccessToken.ts b/src/types/AccessToken.ts
@@ -12,7 +12,7 @@ export interface AccessTokenHeader {
 
 export interface AccessTokenPayload {
   aud: "solid";
-  client_id: string;
+  client_id?: string;
   cnf?: { jkt: string };
   exp: number;
   iat: number;