Keats
commented
1 year ago Decode the token after using https://docs.rs/jsonwebtoken/latest/jsonwebtoken/struct.Validation.html#method.insecure_disable_signature_validation
Closed mrichman closed 1 year ago
Keats
commented
1 year ago Decode the token after using https://docs.rs/jsonwebtoken/latest/jsonwebtoken/struct.Validation.html#method.insecure_disable_signature_validation
mrichman
commented
1 year ago I did validation.insecure_disable_signature_validation() but I still get ExpiredSignature. Anything else I can do?
Keats
commented
1 year ago You need to set validate_exp and validte_nbf to false as well
mrichman
commented
1 year ago That did the trick, thanks!
Is it possible to decode a token without performing validation? I have unit tests where I need to retrieve just the claims from the token without calling out to a JWKS URL for validation purposes.