From 3899901c34737bb4ecf3b593854fedadcbc9d84b Mon Sep 17 00:00:00 2001
From: Hugh Nimmo-Smith <hughns@element.io>
Date: Wed, 22 Jan 2025 15:47:47 +0000
Subject: [PATCH] Actually validate lk-jwt-service response

---
 src/livekit/openIDSFU.ts | 18 +++++++++++++++++-
 1 file changed, 17 insertions(+), 1 deletion(-)

diff --git a/src/livekit/openIDSFU.ts b/src/livekit/openIDSFU.ts
index b88499dc..5b733384 100644
--- a/src/livekit/openIDSFU.ts
+++ b/src/livekit/openIDSFU.ts
@@ -122,7 +122,23 @@ async function getLiveKitJWT(
   }
 
   try {
-    return await res.json();
+    const json = await res.json();
+    if (typeof json.jwt !== "string") {
+      // We don't need to check that the JWT is valid, because we pass it through to
+      // the SFU opaquely.
+      throw new Error("Invalid jwt field in server response: not string");
+    }
+    if (typeof json.url !== "string") {
+      throw new Error("Invalid url field in server response: not string");
+    }
+    if (!json.url.startsWith("wss://")) {
+      throw new Error("Invalid url field in server response: not a wss:// URL");
+    }
+
+    return {
+      jwt: json.jwt,
+      url: json.url,
+    };
   } catch (e) {
     throw new InvalidServerResponseError(url, e);
   }