From 06411918a7a557359526490687b2608ed3f3c450 Mon Sep 17 00:00:00 2001
From: tigerbot <seth.gibelyou@daplie.com>
Date: Mon, 20 Mar 2017 18:18:47 -0600
Subject: [PATCH] changed jwt.verify to not directly use WebCrypto

---
 oauth3.core.js | 15 +++------------
 1 file changed, 3 insertions(+), 12 deletions(-)

diff --git a/oauth3.core.js b/oauth3.core.js
index 97d6bb9..fd1a421 100644
--- a/oauth3.core.js
+++ b/oauth3.core.js
@@ -213,21 +213,12 @@
 
         return { header: jsons[0], payload: jsons[1] };
       }
-    , verify: function (str, pubKey) {
-        var parts = str.split(/\./g);
+    , verify: function (jwk, token) {
+        var parts = token.split(/\./g);
         var data = OAUTH3._binStr.binStrToBuffer(parts.slice(0, 2).join('.'));
         var signature = OAUTH3._base64.urlSafeToBuffer(parts[2]);
 
-        var keyPromise;
-        if (pubKey instanceof OAUTH3._browser.window.CryptoKey) {
-          keyPromise = OAUTH3.PromiseA.resolve(pubKey);
-        } else {
-          keyPromise = OAUTH3._browser.window.crypto.subtle.importKey('jwk', pubKey, {name: 'ECDSA', namedCurve: pubKey.crv}, false, ['verify']);
-        }
-
-        return keyPromise.then(function (key) {
-          return OAUTH3._browser.window.crypto.subtle.verify({name: 'ECDSA', hash: {name: 'SHA-256'}}, key, signature, data);
-        });
+        return OAUTH3.crypto.core.verify(jwk, data, signature);
       }
     , freshness: function (tokenMeta, staletime, _now) {
         staletime = staletime || (15 * 60);