search

auth0 / node-jws

JSON Web Signatures
http://self-issued.info/docs/draft-ietf-jose-json-web-signature.html
MIT License
709 stars 108 forks source link

Update verify-stream.js #36

Closed joshgubler closed 8 years ago

joshgubler commented 8 years ago

'=' is a valid character in base64 which java web signatures use.

omsmith commented 8 years ago

The JWS spec requires url-safe base64, and trying to interoperate outside of that will just cause a bunch of headaches.

If you're using a Java JWA/JWS/JWT implementation that is not using url-safe base64, it is broken and you should file a bug there