From 42b2e535a5d2286b0a70a1e851fbd6bb57c5652d Mon Sep 17 00:00:00 2001
From: recursive_tree <recursivetreemail@gmail.com>
Date: Thu, 2 Nov 2023 11:45:59 +0100
Subject: [PATCH 1/2] fix iss claims for seat 5

---
 src/Checker/EsiTokenValidator.php | 4 ++--
 tests/Fetchers/FetcherTest.php    | 2 +-
 2 files changed, 3 insertions(+), 3 deletions(-)

diff --git a/src/Checker/EsiTokenValidator.php b/src/Checker/EsiTokenValidator.php
index 32234fd..4f7c128 100644
--- a/src/Checker/EsiTokenValidator.php
+++ b/src/Checker/EsiTokenValidator.php
@@ -3,7 +3,7 @@
 /*
  * This file is part of SeAT
  *
- * Copyright (C) 2015 to 2022 Leon Jacobs
+ * Copyright (C) 2015 to present Leon Jacobs
  *
  * This program is free software; you can redistribute it and/or modify
  * it under the terms of the GNU General Public License as published by
@@ -148,7 +148,7 @@ private function getJWTClaimsPolicy(string $client_id): ClaimCheckerManager
     {
         return new ClaimCheckerManager([
             new IssuerChecker([
-                Configuration::getInstance()->sso_host,
+                sprintf('%s://%s', Configuration::getInstance()->sso_scheme, Configuration::getInstance()->sso_host),
             ]),
             new ExpirationTimeChecker(),
             new AudienceChecker('EVE Online'),
diff --git a/tests/Fetchers/FetcherTest.php b/tests/Fetchers/FetcherTest.php
index 59c3e31..5e50f48 100644
--- a/tests/Fetchers/FetcherTest.php
+++ b/tests/Fetchers/FetcherTest.php
@@ -348,7 +348,7 @@ private function getJwsToken(JWK $jwk): string
             'name' => 'Warlof Tutsimo',
             'owner' => 'svnSjVa1uGYyp/ZL3mfkIwkJYzQ=',
             'exp'   => $time + 3600,
-            'iss' => 'login.eveonline.com',
+            'iss' => 'https://login.eveonline.com',
         ]);
 
         $builder = new JWSBuilder($manager);

From 9e796273694700beeb3d2551202fc6bf816b336f Mon Sep 17 00:00:00 2001
From: recursive_tree <recursivetreemail@gmail.com>
Date: Thu, 2 Nov 2023 11:52:22 +0100
Subject: [PATCH 2/2] allow old claim

---
 src/Checker/EsiTokenValidator.php | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

diff --git a/src/Checker/EsiTokenValidator.php b/src/Checker/EsiTokenValidator.php
index 4f7c128..d6e7e68 100644
--- a/src/Checker/EsiTokenValidator.php
+++ b/src/Checker/EsiTokenValidator.php
@@ -148,7 +148,8 @@ private function getJWTClaimsPolicy(string $client_id): ClaimCheckerManager
     {
         return new ClaimCheckerManager([
             new IssuerChecker([
-                sprintf('%s://%s', Configuration::getInstance()->sso_scheme, Configuration::getInstance()->sso_host),
+                sprintf('%s://%s', Configuration::getInstance()->sso_scheme, Configuration::getInstance()->sso_host), // the currently used iss claim
+                Configuration::getInstance()->sso_host, // just to be sure, still allow the old claim without protocol
             ]),
             new ExpirationTimeChecker(),
             new AudienceChecker('EVE Online'),