njwt If token is not HS256 using a verifier instance will throw a JwtParseError "Unexpected signature algorithm"

If token is not HS256 using a verifier instance will throw a JwtParseError "Unexpected signature algorithm"

Open Anntoin opened this issue 4 years ago • 1 comments

If using a different algorithm to the default (HS256) it must be set manually before calling verify, otherwise will get an "Unexpected signature algorithm" due to the check here https://github.com/jwtk/njwt/blob/master/index.js#L361

The example here should probably call this behaviour out https://github.com/jwtk/njwt#using-a-key-resolver

This tripped me up for a while when verifying a AWS Cognito token

Aug 04 '20 11:08 Anntoin

add setSigningAlgorithm, for example:

var verifier = nJwt.createVerifier().withKeyResolver(myKeyResolver)
verifier.setSigningAlgorithm('ES256')

Oct 10 '21 07:10 vitaliytv

njwt njwt copied to clipboard

If token is not HS256 using a verifier instance will throw a JwtParseError "Unexpected signature algorithm"

njwt
njwt copied to clipboard