From 6e26ff040368aae82f8e91973c5d995492c5dd6a Mon Sep 17 00:00:00 2001
From: David Mosbach <mosbach@cip.ifi.lmu.de>
Date: Wed, 10 Jan 2024 16:12:44 +0000
Subject: [PATCH] flipped token encoding/decoding keys

---
 src/Server.hs | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/src/Server.hs b/src/Server.hs
index 855b1de..e6155b8 100644
--- a/src/Server.hs
+++ b/src/Server.hs
@@ -217,12 +217,12 @@ tokenEndpoint = provideToken
 
 mkToken :: AuthState -> IO JWTWrapper
 mkToken state = do
-  privateKey <- atomically $ readTVar state >>= return . privateKey
+  pubKey <- atomically $ readTVar state >>= return . publicKey
   now <- getCurrentTime
   let
     lifetime = nominalDay / 4 -- TODO make configurable
     jwt = JWT "Oauth2MockServer" (lifetime `addUTCTime` now)
-  encoded <- jwkEncode RSA_OAEP_256 A128GCM privateKey (Nested . Jwt . toStrict $ encode jwt)
+  encoded <- jwkEncode RSA_OAEP_256 A128GCM pubKey (Nested . Jwt . toStrict $ encode jwt)
   case encoded of
     Right (Jwt token) -> return $ JWTW (BS.unpack token) lifetime
     Left e -> error $ show e
@@ -265,8 +265,8 @@ userEndpoint = handleUserData
 
 decodeToken :: Text -> AuthState -> IO (Either JwtError JwtContent)
 decodeToken token state = do
-  pubKey <- atomically $ readTVar state >>= return . publicKey
-  jwkDecode pubKey $ encodeUtf8 token
+  prKey <- atomically $ readTVar state >>= return . privateKey
+  jwkDecode prKey $ encodeUtf8 token
 
 userListEndpoint :: forall user userData . UserData user userData => AuthServer (UserList userData)
 userListEndpoint = handleUserData