Skip to content

Confirm JWK algorithm
Compare
Choose a tag to compare
@MicahParks MicahParks released this 01 Nov 13:51
v1.5.2
5a2fb27
This commit was created on GitHub.com and signed with GitHub’s verified signature. The key has expired.
GPG key ID: 4AEE18F83AFDEB23
Expired
Verified
Learn about vigilant mode.

The purpose of this release is to confirm the alg parameter in a JWK matches the alg in a JWT's header before returning that JWK's public key for signature verification. For discussion, please see the related issue.

Thank you, @sermojohn for opening this issue!

Related issues:

Related pull requests:

Contributors

sermojohn
Assets 2
Loading