You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
This code line will throw an exception when any other JTW type besides "jwt" is found.
This RFC https://datatracker.ietf.org/doc/html/rfc9068 registers the type "at+jwt" for OAuth2 access tokens and I think this library should be able to validate them.
Section 4 of the RFC outlines the validation steps needed, which seems to be pretty much in line with what this library does anyway:
validate signature
validate ISS
validate AUD
validate EXP
In case the access token is encrypted, it would need to be decrypted, same holds for type "jwt". What do you think?
The text was updated successfully, but these errors were encountered:
php-jwt/src/Parser.php
Line 154 in 6555d0d
This code line will throw an exception when any other JTW type besides "jwt" is found.
This RFC https://datatracker.ietf.org/doc/html/rfc9068 registers the type "at+jwt" for OAuth2 access tokens and I think this library should be able to validate them.
Section 4 of the RFC outlines the validation steps needed, which seems to be pretty much in line with what this library does anyway:
In case the access token is encrypted, it would need to be decrypted, same holds for type "jwt". What do you think?
The text was updated successfully, but these errors were encountered: