From 68252ab4a0efacf4b41709ba333bcc7ba3caaa27 Mon Sep 17 00:00:00 2001
From: Twilight <im@ivampiresp.com>
Date: Wed, 24 Jul 2024 00:41:39 +0800
Subject: [PATCH] =?UTF-8?q?=E6=94=B9=E8=BF=9B=20token=20=E8=AE=A4=E8=AF=81?=
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

---
 app/Providers/AppServiceProvider.php | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

diff --git a/app/Providers/AppServiceProvider.php b/app/Providers/AppServiceProvider.php
index 5a5aed8..ce245cf 100644
--- a/app/Providers/AppServiceProvider.php
+++ b/app/Providers/AppServiceProvider.php
@@ -52,11 +52,11 @@ private function setJWTGuard(): void
                 return response()->json(['error' => 'Invalid token, '.$e->getMessage()], 401);
             }
 
-            if (! in_array($decoded->aud, config('oauth.trusted_aud'))) {
-                return response()->json(['error' => 'The application rejected the token, token aud is '.$decoded->aud.', app aud is '.config('oauth.client_id')], 401);
-            }
+            if (config('oauth.force_aud')) {
+                if (! in_array($decoded->aud, config('oauth.trusted_aud'))) {
+                    return response()->json(['error' => 'The application rejected the token, token aud is '.$decoded->aud.', app aud is '.config('oauth.client_id')], 401);
+                }
 
-            if (config('oauth.force_aud') && $decoded->aud != config('oauth.client_id')) {
                 return response()->json(['error' => 'The token not match the application, '.' token aud is '.$decoded->aud.', app aud is '.config('oauth.client_id')], 401);
             }