From 477d2fb520f87a47234f690b9564bff71baed637 Mon Sep 17 00:00:00 2001
From: WangGuan <wgwntp@theplant.jp>
Date: Tue, 25 Apr 2023 18:04:55 +0800
Subject: [PATCH] Use alg() to compare two method instead compare directly

---
 session_storer.go | 3 +--
 1 file changed, 1 insertion(+), 2 deletions(-)

diff --git a/session_storer.go b/session_storer.go
index 780ec24..0041d6f 100644
--- a/session_storer.go
+++ b/session_storer.go
@@ -41,7 +41,6 @@ type SessionStorer struct {
 // Get get claims from request
 func (sessionStorer *SessionStorer) Get(req *http.Request) (*claims.Claims, error) {
 	tokenString := req.Header.Get("Authorization")
-
 	// Get Token from Cookie
 	if tokenString == "" {
 		tokenString = sessionStorer.SessionManager.Get(req, sessionStorer.SessionName)
@@ -83,7 +82,7 @@ func (sessionStorer *SessionStorer) SignedToken(claims *claims.Claims) string {
 // ValidateClaims validate auth token
 func (sessionStorer *SessionStorer) ValidateClaims(tokenString string) (*claims.Claims, error) {
 	token, err := jwt.ParseWithClaims(tokenString, &claims.Claims{}, func(token *jwt.Token) (interface{}, error) {
-		if token.Method != sessionStorer.SigningMethod {
+		if token.Method.Alg() != sessionStorer.SigningMethod.Alg() {
 			return nil, fmt.Errorf("unexpected signing method")
 		}
 		return []byte(sessionStorer.SignedString), nil