You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
The problem right now is, that the jsowebtoken library enforces a structure, where public claims are located on another property ( data ) what should not be the case according to https://datatracker.ietf.org/doc/html/rfc7519#section-4.2.
Since predefined claims and public claims are on the same level, the rfc requires that there is no identical naming.
Due to the current structure, this library prevents other implementations in other programming languages from successfully decoding the token and accessing the public claims.
The jsonwebtoken crate also does not enforce a structure for the entire transferred claim and only checks whether the predefined claims exist during validation.
The text was updated successfully, but these errors were encountered:
The problem right now is, that the jsowebtoken library enforces a structure, where public claims are located on another property (
data
) what should not be the case according to https://datatracker.ietf.org/doc/html/rfc7519#section-4.2.Since predefined claims and public claims are on the same level, the rfc requires that there is no identical naming.
Due to the current structure, this library prevents other implementations in other programming languages from successfully decoding the token and accessing the public claims.
The jsonwebtoken crate also does not enforce a structure for the entire transferred claim and only checks whether the predefined claims exist during validation.
The text was updated successfully, but these errors were encountered: