passport-openidconnect icon indicating copy to clipboard operation
passport-openidconnect copied to clipboard

Published 20 hours ago verified publisher icon jaredhanson

Added two further checks for the JWT and the JWS

Open PhilipSkinner opened this issue 8 years ago • 1 comments
trafficstars

Added in a the recommended check for validating the time the JWT was issued against the expiry time - probably to deal with machines with different clocks.

Added in the recommended check to ensure there is an algorithm provided in the jose header, though this does not check the signing thumbprint against those that can be read from the well known endpoint.

PhilipSkinner avatar Apr 20 '17 13:04 PhilipSkinner

This PR isn't diff'ing cleanly. I'll attempt to review this and merge by hand.

jaredhanson avatar Oct 27 '21 14:10 jaredhanson