BrentSchmaltz
BrentSchmaltz
@mdrgeniebelt @leastprivilege @brockallen we are hoping to have this implemented before the end of year. The plan is to use System.Text.Json, hydrate the JsonWebToken once from a utf-8 into binary...
@onyxmaster as brockallen pointed out, in a JWE with an inner JWS, the cty is required. Are you seeing the cty in other than JWE's? Do you need a back-compat...
@onyxmaster @dmitry-kosar would on by default, with the ability to turn off with a switch in SecurityTokenDescriptor work for you? Sorry about the hassle.
@RojaEnnam make sure to address ^^ @onyxmaster we should apologize, after all these years we know changing a wire format needs a back-compat switch.
@aKzenT thanks for pointing this out, will investigate.
@aKzenT can you point us to the code you are trying to make work?
@blowdart @keegan-caruso @matra774 it looks like our documentation is incorrect. The exp, iat, nbf claims should be NumericDate https://tools.ietf.org/html/rfc7519#section-4.1.4 . We should be throwing. It would be prudent to ensure...
@matra774 yes i agree a "DateTime" such as "2020-09-08T21:18:18.5297739+02:00" is not NumericDate. However, if we modify this behavior and throw, we may break users.
@matra774 i agree we have 2038 issue and will have to add a new API, so we don't break backcompat. @keegan-caruso i see a couple of issues with out GetIntClaim...
@jairofranchi assigning this to @sruke.