Comments (10)
Just ran into the "token used before issued" error today for the first time, after things had been working fine previously.
The discussion at #98 referenced this issue. Are there any plans to implement it and disregard the pre-IAT check?
In a world with infinite time, yes :) Currently I am waiting for #108 to be merged. This one will be next.
from jwt.
I had a quick look yesterday and I am not sure if we can port this over in a backwards compatible manner, since the interface of Claims
needs to be changed. Especially the Valid
function needs to have an additional parameter for the ValidationHelper
. I guess I will first focus on the functionality and then see whether we can port this to v4 or if this will then introduce a v5 branch with breaking changes.
from jwt.
I was wondering about the implementation of the leeway:
Why does the incorporation of leeway depend on the validating server instead of the authorizing client?
To me, it seems like it would be cleaner for the JWT to be the source of truth, with leeway built into the iat/exp
from jwt.
Just ran into the "token used before issued" error today for the first time, after things had been working fine previously.
The discussion at #98 referenced this issue. Are there any plans to implement it and disregard the pre-IAT check?
from jwt.
Awesome, appreciate your work!
from jwt.
Currently I am waiting for #108 to be merged.
it's been merged 👀 :)
from jwt.
This is something we relied on from the old library as we ran on the preview version and would help us move to adopt this port.
from jwt.
Yes, we also rely in this functionality from the old library :)
@oxisto , regarding your statement below:
I guess I will first focus on the functionality and then see whether we can port this to v4 or if this will then introduce a v5 branch with breaking changes.
So, what are the intended functionality that are targeted in v4.x?
from jwt.
Please see #211 for an ongoing discussion how to proceed.
from jwt.
Fixed by #234
from jwt.
Related Issues (20)
- Add a specific return type / type constraint to `Keyfunc` and `SignedString`
- Token.New example is for the wrong func HOT 2
- KeyFunc should be able to return a slice HOT 2
- ParseUnverified godoc update HOT 1
- Verifying multiple audiences HOT 2
- Restore .Valid() Functionality Somehow HOT 9
- Is it possible to parse JWT without verifying signature?
- I've mad a small library to help with JWT
- v5.0.0/request/request.go: with WithLeeway support? HOT 2
- SigningString produces a string without a signature HOT 2
- RSA-PSS (RSASSA-PSS) keys are unusable in Go language
- Let KeyFunc take Context as parameter HOT 3
- Customize the unit of timestamp/exp in payload HOT 1
- ECDSA signature is invalid
- I found an error message "token has invalid claims: token is expired"
- Only some registered claims can be optionally required HOT 1
- I have no RegisteredClaims. I have error key is invalid HOT 4
- Question / FR: Subsequent Verification of an Unverified Token
- Consider validating key length HOT 5
- 希望可以校验token格式 I hope that the token format can be verified HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt.