strategy does not pass algorithms option #25

newmanw · 2015-08-23T20:14:09Z

Add option for algorithms such that it can be passed through to jwt.verify.

More info on why this is important:
https://auth0.com/blog/2015/03/31/critical-vulnerabilities-in-json-web-token-libraries/

add algorithms option that is passed through to jwt.verify to verify jwt algorithm is in this 'whitelist' array. fixes mikenicholson#25

Add algorithms option. Fixes #25.

New Features: #25 Added algorithms option to allow user to specify allowabe JWT signing algorithms. #13 Add ignoreExpiration option to allow user to skip validation of token's expiration date. Bug Fixes: #30 Fixed typos in unit test strings

newmanw pushed a commit to newmanw/passport-jwt that referenced this issue Aug 23, 2015

Add algorithms option

69bb170

add algorithms option that is passed through to jwt.verify to verify jwt algorithm is in this 'whitelist' array. fixes mikenicholson#25

newmanw mentioned this issue Aug 23, 2015

Add algorithms option #26

Merged

mikenicholson closed this as completed in #26 Aug 24, 2015

mikenicholson added a commit that referenced this issue Aug 24, 2015

Merge pull request #26 from newmanw/bugfix-25

0a883e2

Add algorithms option. Fixes #25.

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

strategy does not pass algorithms option #25

strategy does not pass algorithms option #25

newmanw commented Aug 23, 2015

strategy does not pass algorithms option #25

strategy does not pass algorithms option #25

Comments

newmanw commented Aug 23, 2015