Comments (5)
Hi,
In general, to better assist you, please provide the version of the library and the target framework.
But in this particular case, this information is not needed. The second parameter key/keys
is an artifact of the past and is used only by symmetric algorithms. Here's the code:
Lines 248 to 255 in 9b9484f
In case of asymmetric algorithm, the instance of an algorithm holds the certificate object and uses it to validate the signature:
Lines 142 to 143 in 9b9484f
Hope this helps.
from jwt.
@abatishchev thanks so much.
As I understand correctly, passing the key/keys to the decoding has no effect at all, because it uses the certificate in my algorithm.
I can safely assume that the data is verified during the decoding process? 🙂
I guess where I got confused was that JwtEncoder.Encode
expects either a string or a byte[], whereas JwtDecoder.Decode
is fine with just the token.
Anyhow, I now have the following:
JwtEncoder.Encode(payload, default(byte[]))
and JwtDecoder.Decode(tokenString);
from jwt.
Yes, the 3rd parameter verify
controls whether the signature is verified. By default it's true
.
To make sure it works, try to malform the signature and run with true
. Then run with false
.
from jwt.
Some methods's definitions are legacy and there might not not enough overloads indeed. Please feel free to open a PR and add some more. Contributions are always welcome and I try to review and merge them quickly :)
from jwt.
Thanks! The library is very useful.
from jwt.
Related Issues (20)
- Decode<JwtHeader> not working HOT 25
- "Illegal base64url string" when try to decode token HOT 20
- Not properly serilized object in fluent version of Decode HOT 9
- Support Asynchronous Signing in IJwtAlgorithm interface HOT 5
- Why has the HMAC SHA algorithm become obsolete? HOT 2
- InvalidOperationException occurs in Decode() after DecodeHeader(). HOT 2
- Support JWT authentication with public key using ES256 algorithm on .NET Compact Framework 3.5 HOT 2
- How to enable MODERN_DOTNET? HOT 5
- Dotnet 8.0 AOT Issues
- Where is `RS256Algorirhm`? HOT 1
- Expiry Time is added to claims when decoding HOT 3
- Having trouble with first example Encode() HOT 2
- Expired token not throwing TokenExpiredException HOT 7
- Null reference error when trying to Decode HOT 2
- How to use IJwtValidator.Validate / TryValidate? HOT 5
- jwt is missing NuGet package README file HOT 2
- X21 HOT 1
- X21 HOT 1
- System.Text.Json should only be a dependency for .NET standard HOT 3
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from jwt.