-
At my company we just discovered that the financial services application (NestJS backend) we are building has a critical security vulnerability because our JWT passport strategy accepted claims signed…
-
## The devDependency [@types/jsonwebtoken](https://github.com/DefinitelyTyped/DefinitelyTyped) was updated from `8.3.2` to `8.3.3`.
🚨 [View failing branch](https://github.com/dooboolab/talktalk-node…
-
Would be very helpful for the docs to clearly document the various types of error codes.
I had all sorts of problems because I didn't know which errors were coming from this library, and what they …
-
### Description
I have some JWTs obtained from AWS/Cognito with the Elastic Load Balancer performing authentication for me. I also have the associated public key from the documented endpoints for the…
-
### What happened?
[Docs say](https://www.pulumi.com/registry/packages/gcp/installation-configuration/#configuration-reference) you can set a config named `gcp:credentials` in order to provide the cr…
gunar updated
1 month ago
-
### Description
Currently, client can get a client via jwt signing withouth passing a `expiresIn` attribute. For example,
```javascript
import jwt from "jsonwebtoken"
const secret = jwt.sign…
-
### What happened?
I'm doing some development with octokit and probot which bring jsonwebtoken as a dependency. After updating octokit/auth-app to 4.0.8 which supports jsonwebtoken 9.0.1, I'm getting…
-
## Summary
The `Microsoft.AspNetCore.Authentication.JwtBearer` middleware silently fails token validation when the `Microsoft.IdentityModel.Tokens.JsonWebTokens` package is not installed, despite vali…
-
**Describe the bug**
A clear and concise description of what the bug is.
- jjwt-gson cannot use the require series methods of io.jsonwebtoken.JwtParserBuilder normally.
- Found at https://git…
-
Hello!
I am in a multiple frontend applications + API + Auth0 for authenticating all those setup.
Basically what I would like to do is to enable my API to inspect the bearer tokens that a fronte…