# HG changeset patch
# User Matthew Wild <mwild1@gmail.com>
# Date 1657543899 -3600
# Node ID b3f7c77c1f08af92f14f20541e747fc7a0e4e954
# Parent  9953ac7b0c1532727cab379c08bc9ef4a081d7a6
util.paseto: Fix to decode footer before comparison

diff -r 9953ac7b0c15 -r b3f7c77c1f08 util/paseto.lua
--- a/util/paseto.lua	Mon Jul 11 13:49:47 2022 +0100
+++ b/util/paseto.lua	Mon Jul 11 13:51:39 2022 +0100
@@ -69,6 +69,7 @@
 	if not h then
 		return nil, "invalid-token-format";
 	end
+	f = f and unb64url(f) or nil;
 	if expected_f then
 		if not f or not secure_equals(expected_f, f) then
 			return nil, "invalid-footer";