Vincent Prouillet
Vincent Prouillet
Can you rebase by any chance?
Honestly, decoding a token without validating the signature is something that you shouldn't do most of the time so I do not particularly care about making it user friendly
Well you can't really trust any of the things you see in the claims unless you validate the signature
I'd take a PR for something like `jsonwebtoken::insecure_decode_without_signature_validation`
In practice there's no point validating a token where you don't validate the signature so that would be useless function to add.
See https://github.com/Keats/jsonwebtoken/pull/377 It seems there are issues building it on Windows?
I'd rather not have multiple backend if possible
I don't mind that switch too much if it's easy to build on Windows. Another thing to consider is https://github.com/Keats/jsonwebtoken/pull/318 which removes Ring entirely and uses rust-crypto crates instead. Easier...
I'm not sure what's the best way to go at it. #318 removes ring but we want to add a facade so maybe it could be done as starting a...