From 79a9127986b9299a798a4b143d98b47d7b29f56e Mon Sep 17 00:00:00 2001
From: Timshel <Timshel@users.noreply.github.com>
Date: Tue, 24 Oct 2023 13:30:42 +0200
Subject: [PATCH] Audience is required with jsonwebtoken > 9.0.0

---
 src/sso.rs | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/src/sso.rs b/src/sso.rs
index a9ad640f218..94bf6a140df 100644
--- a/src/sso.rs
+++ b/src/sso.rs
@@ -116,12 +116,14 @@ fn prepare_decoding() -> (DecodingKey, Validation) {
             validation.leeway = 30; // 30 seconds
             validation.validate_exp = true;
             validation.validate_nbf = true;
+            validation.set_audience(&[CONFIG.sso_client_id()]);
             validation.set_issuer(&[CONFIG.sso_authority()]);
 
             (key, validation)
         }
         None => {
             let mut validation = jsonwebtoken::Validation::default();
+            validation.set_audience(&[CONFIG.sso_client_id()]);
             validation.insecure_disable_signature_validation();
 
             (DecodingKey::from_secret(&[]), validation)