-
ES256, ES384, ES512
-
ruby-jwt fails with a `Signature verification failed (JWT::VerificationError)` error when decoding a valid JWT signed with ES512. I believe this is due to an issue with improper ECDSA signature serial…
-
Seems it should go in the here as an optional field:
https://github.com/nov/openid_connect/blob/master/lib/openid_connect/response_object/id_token.rb#L9
I'm not sure if anything else in the file nee…
-
The PHP core supports EC private keys for signing and verification. This [change](https://github.com/php/php-src/commit/19524fc6feb44050bbb70c19717c59864ae4955d) was introduced in January 2014.
Curren…
-
Currently the tool hard-codes the hashing to using the `hash_hmac` functionality in PHP (HS256, HS384, HS512) but there are other hashing methods allowed by the JWT spec:
RS256
RS384
RS512
ES256
ES38…
-
I would like to make this library the best it can be. I think the current API reflects my misunderstandings of the JWT spec and how people use JWT in practice. I am making this issue to propose a bett…