From a76531b90b552824a7832f65708eea7f4ba5ef67 Mon Sep 17 00:00:00 2001
From: Pouriya <pouriya.jahanbakhsh@gmail.com>
Date: Mon, 14 Dec 2020 10:44:58 +0330
Subject: [PATCH] feat: add hook to check decoded JWT after success
 authentication (#3446)

---
 src/ejabberd_auth_jwt.erl | 9 +++++----
 1 file changed, 5 insertions(+), 4 deletions(-)

diff --git a/src/ejabberd_auth_jwt.erl b/src/ejabberd_auth_jwt.erl
index fa29571a6..911cae963 100644
--- a/src/ejabberd_auth_jwt.erl
+++ b/src/ejabberd_auth_jwt.erl
@@ -102,10 +102,11 @@ check_jwt_token(User, Server, Token) ->
                                 error ->
                                     false;
                                 {ok, SJID} ->
-                                    try
-                                        JID = jid:decode(SJID),
-                                        (JID#jid.luser == User) andalso
-                                        (JID#jid.lserver == Server)
+                                    try jid:decode(SJID) of
+                                        JID ->
+                                            (JID#jid.luser == User) andalso
+                                            (JID#jid.lserver == Server) andalso
+                                            ejabberd_hooks:run_fold(check_decoded_jwt, Server, true, [Fields, Signature, User])
                                     catch error:{bad_jid, _} ->
                                             false
                                     end