From 536e89b0d5c487a7cfdacb6d760f05e6b81461fd Mon Sep 17 00:00:00 2001
From: Helmut Merz <helmutm@cy55.de>
Date: Sun, 25 Aug 2024 11:52:36 +0200
Subject: [PATCH] web/jwt, util: improvements and fixes

---
 util.lisp    | 15 ++++++++-------
 web/jwt.lisp |  8 +++++---
 2 files changed, 13 insertions(+), 10 deletions(-)

diff --git a/util.lisp b/util.lisp
index ab8c99e..5d65822 100644
--- a/util.lisp
+++ b/util.lisp
@@ -41,9 +41,8 @@
 
 ;;;; secrets, digests, and other crypto stuff
 
-(defun create-secret (&key (bytes 16) (scheme :original))
-  (str:trim-right (b64:encode-bytes (ironclad:random-data bytes) :scheme scheme)
-                  :char-bag "="))
+(defun create-secret (&key (bytes 16) (scheme :uri))
+  (b64-encode (ironclad:random-data bytes) :scheme scheme))
 
 (defun digest (tx &key (scheme :original) (alg :sha256))
   (b64:encode-bytes (ironclad:digest-sequence alg (to-bytes tx)) :scheme scheme))
@@ -55,8 +54,7 @@
          ;                 :initial-contents (b64:decode-string key)))
          (mac (ironclad:make-mac :hmac bkey :sha256)))
     (ironclad:update-mac mac binp)
-    (str:trim-right (b64:encode-bytes (ironclad:produce-mac mac) :scheme :uri) 
-                    :char-bag "=")))
+    (b64-encode (ironclad:produce-mac mac) :scheme :uri)))
 
 ;;;; lists and loops
 
@@ -112,8 +110,11 @@
 (defun to-bytes (s)
   (flexi-streams:string-to-octets s :external-format :utf8))
 
-(defun to-b64 (s &key (scheme :original))
-  (str:trim-right (b64:encode-bytes (to-bytes s) :scheme scheme) :char-bag "="))
+(defun b64-encode (b &key (scheme :uri))
+  (str:trim-right (b64:encode-bytes b :scheme scheme) :char-bag "="))
+
+(defun to-b64 (s &key (scheme :uri))
+  (b64-encode (to-bytes s) :scheme scheme))
 
 ;;;; directory and pathname utilities
 
diff --git a/web/jwt.lisp b/web/jwt.lisp
index b18d399..fee1cf6 100644
--- a/web/jwt.lisp
+++ b/web/jwt.lisp
@@ -9,14 +9,16 @@
 (in-package :scopes/web/jwt)
  
 (defvar *header* 
-  (util:to-b64 "{\"alg\": \"HS256\", \"typ\": \"JWT\"}" :scheme :uri))
+  (util:to-b64 "{\"alg\":\"HS256\",\"typ\":\"JWT\"}" :scheme :uri))
 
-(defvar *payload-format* "{\"sub\": ~s, \"name\": ~s, \"iat\": ~s}")
+(defvar *payload-format* "{\"sub\":~s,\"name\":~s,\"iat\":~s}")
 
 (defun create (secret name &key (subject "scopes") (ttl 86400))
   (let* ((iat (util:to-unix-time (+ (get-universal-time) ttl)))
          (payload (util:to-b64 
-                    (format nil *payload-format* subject (util:to-string name) iat)
+                    (format nil *payload-format* 
+                            (util:keyword-to-string subject)
+                            (util:keyword-to-string name) iat)
                     :scheme :uri))
          (data (str:join "." (list *header* payload)))
          (sign (util:sign data secret)))