davidgtonge
commented
9 months ago Thanks, I need to update this to use jose library, I'll get around to it at some point
Open madaster97 opened 1 year ago
davidgtonge
commented
9 months ago Thanks, I need to update this to use jose library, I'll get around to it at some point
Hi there,
If you format a JWK in a slightly incorrect way, this tool will still count it as valid. I think this is fundamentally an issue with rsasignjs, so I submitted a bug report there. I even tried the latest version of that library and the issue was still there, so bumping version wouldn't help.
This caused some headaches for my company, which uses this tool for troubleshooting. The behavior of this doesn't tool line up with the software we use that validates JWTs we receive (Microsoft crypto libraries).