jwt

jwt copied to clipboard

This PR is part of a series of experiments, to see which options we have to implement validation options in a backwards compatible way. I want to get a fell...

oxisto

This PR is part of a series of experiments, to see which options we have to implement validation options in a backwards compatible way. I want to get a fell...

oxisto

TimeFunc being static prevents from using this package in a parallel test

1

I tried to bring this `TimeFunc` on the `ParserOptions`, then pass it in the `Claims` But I just saw a recent retraction of something very similar. https://github.com/golang-jwt/jwt/pull/184 So, I would...

jsgoupil

Make issued at (iat) claim validation optional

5

Based on https://datatracker.ietf.org/doc/html/rfc7519/#section-4.1.6 we should only validate the type for map claims. The current behavior remains unchanged and this allows the caller to disable the check. This PR also adds...

ksegun

Add support for encryption (RFC7516)

2

Migrated from https://github.com/dgrijalva/jwt-go/issues/346: > maxshifrin commented on Jul 30, 2019 > > It would be great if this library could also support payload encryption (https://tools.ietf.org/html/rfc7516) > > It would greatly...

lggomez

Native support for key rotation in verifications

14

Add native support for key rotation for ES*, Ed*, HS*, RS*, and PS* verifications. In those SigningMethod's Verify implementations, also allow the key to be the type of the slice...

fishy

Token used before issued

11

Having switched from `github.com/dgrijalva/jwt-go` to `github.com/golang-jwt/jwt/v4` I still get `token used before issued` errors due to clock skew, even though @dgrijalva said this check would be removed from v4, in...

JorritSalverda

Supporting alternative base64/json encoder/decoder

9

Would you be open to supporting alternative base64 implementations? The one we've been using is https://github.com/segmentio/asm/tree/main/base64 It's significantly faster than the stdlib encoding, and takes shortcuts that I don't see...

mattrobenolt

Comparison of token parsing errors

3

My parsing of token: ```go token, err := jwt.ParseWithClaims(tokenString, &accessToken{}, func(token *jwt.Token) (interface{}, error) { return []byte(t.secretKey), nil }) ``` I took an example of how to distinguish between errors...

fresonn

cmd: add handling of HS keys

2

cmd: add handling of HS keys Signed-off-by: Paul Greenberg

greenpau