jwt
jwt copied to clipboard
kataras
A fast and simple JWT implementation for Go
[Spec](https://tools.ietf.org/html/rfc7519#section-4.1.3): > Each principal intended to process the JWT MUST > identify itself with a value in the audience claim. If the principal > processing the claim does not identify...
Because there's no `default:` branch erroring out, I could smuggle any valid JSON there, like `true`, `false`, `null`, any number or an object. https://github.com/kataras/jwt/blob/1639fcff96f82f7ff118fcff6e1fbd0e01754f2c/claims.go#L69 They'll simply be discarded. I don't...
Go has [RawStdEncoding](https://pkg.go.dev/encoding/base64#pkg-variables) which makes this unnecessary: https://github.com/kataras/jwt/blob/1639fcff96f82f7ff118fcff6e1fbd0e01754f2c/token.go#L247 Not trying to nitpick here, rather I think security-wise it's dangerous as a concept to mutate untrusted input data before it's fed...
https://github.com/kataras/jwt#token-pair How to refresh jwt token? From this help document, it seems that I don't see how to use it. Can you give a specific http web demo or how...
### Situation ```go type fooClaims struct { Foo string `json:"foo"` } func main() { key := ([]byte("foo")) foo := fooClaims{ Foo: "foo", } token, err := jwt.Sign(jwt.HS256, key, foo, jwt.MaxAge(time.Second*1))...
``` go package main import ( "github.com/kataras/iris/v12" "github.com/kataras/iris/v12/apps" "github.com/kataras/jwt" "github.com/rs/cors" "log" "time" ) type UserClaims struct { ID int `json:"id"` Username string `json:"username"` } func main() { app := iris.New()...
Hello, I'm trying to validate Cloudflare Zero Trust JWT, but I'm getting the error "jwt: unexpected token algorithm". Looking at the code, I think the problem is related to this...
