Currently, actual behavior does not match the docs.
For Validation's field aud it says: "If it contains a value, the validation will check that the aud claim value is in the values provided.". Reading this, I assume that it will skip validation of aud claim if this option is None
But in reality, it will fail for any token if the aud is None (because of validation logic inside jsonwebtoken crate)
This PR fixes it by setting an appropriate option validate_aud for validation options of jsonwebtoken
NotNorom
commented
3 months ago
Currently, actual behavior does not match the docs.
For
Validation's fieldaudit says: "If it contains a value, the validation will check that theaudclaim value is in the values provided.". Reading this, I assume that it will skip validation ofaudclaim if this option isNoneBut in reality, it will fail for any token if the
audisNone(because of validation logic insidejsonwebtokencrate)This PR fixes it by setting an appropriate option
validate_audfor validation options ofjsonwebtoken