From 082904830a22df115a98d3ea832a423de8f8ab3c Mon Sep 17 00:00:00 2001
From: Jamie Smith <jamies@criticalblue.com>
Date: Wed, 26 Oct 2016 12:01:36 +0100
Subject: [PATCH] The IP claim in the Approov token should not be checked when
 it does not exist

---
 shapes/server/runServer.py | 17 ++++++++++-------
 1 file changed, 10 insertions(+), 7 deletions(-)

diff --git a/shapes/server/runServer.py b/shapes/server/runServer.py
index 7f1f8cc..dcb3945 100644
--- a/shapes/server/runServer.py
+++ b/shapes/server/runServer.py
@@ -33,14 +33,17 @@ def verifyToken(token, clientIP):
     # Token could not be decoded, token is bad
     return 0
 
-  # Get IP Hash from token contents
-  issuedIP = (tokenContents['ip'])
-  return 1
+  # Get IP Hash from token contents if present then check it
+  try:
+    issuedIP = (tokenContents['ip'])
 
-  # Compare the issued IP hash with the hash of the requester IP
-  if clientIP != issuedIP:
-    # Requester IP did not match issued IP
-    return 0
+    # Compare the issued IP hash with the hash of the requester IP
+    if clientIP != issuedIP:
+        # Requester IP did not match issued IP
+        return 0
+  except:
+    # There is no IP claim, we don't need to check it
+    pass
 
   # Token was decoded successfully, token is good
   return 1