Skip to content
This repository has been archived by the owner on May 21, 2022. It is now read-only.

Comformance status on jwt.io? #154

Open
jianfeiliao opened this issue Jul 22, 2016 · 4 comments
Open

Comformance status on jwt.io? #154

jianfeiliao opened this issue Jul 22, 2016 · 4 comments

Comments

@jianfeiliao
Copy link

Why does this library show a bunch red x marks on https://jwt.io/#libraries-io?

image
@dgrijalva
Copy link
Owner

There are no built in checks for those fields. This library is intentionally slim to allow developers flexibility. I've been thinking about how to add some of these without significantly complicating the API. They're all basically string compares where a library adds little value, if any.

-dave

On Jul 22, 2016, at 5:47 PM, jianfeiliao notifications@github.com wrote:

Why does this library show a bunch red x marks on https://jwt.io/#libraries-io?


You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or mute the thread.

@siscia
Copy link

siscia commented Oct 15, 2016

Humm, similar issues with JWT.io, maybe should open a new issues, but the title of this one seems perfect.

$ cat key 
aaa
$ echo {\"foo\":\"bar\"} | jwt -key key -alg HS256 -sign - 
eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9.eyJmb28iOiJiYXIifQ.o-sa9p5QPzt21er3dLUYU-CXLwScBGI3HBT4ycmIiBk

The token produces is not verified by JWT.io.
screenshot from 2016-10-15 13-35-49

@siscia siscia mentioned this issue Oct 16, 2016
Closed
@sagikazarmark
Copy link

Possible duplicate of #202

@karlbateman
Copy link

Critical Vulnerabilities in JSON Web Token Libraries provides some insight into those checks.

Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@dgrijalva @siscia @sagikazarmark @jianfeiliao @karlbateman