Closed oxisto closed 10 months ago
I wonder if it would make sense to return an interface instead?
This worked perfectly (as far as building and passing unit tests in two of our repos), so I would like to see it Merged (and Released) if TPTB approve.
I wonder if it would make sense to return an interface instead?
Ye, it's uncommon to have an exported function return an unexported type.
An interface would be better, although then we'd be stuck with it in the public API.
What's the status of this? (We're "on hold" upgrading to jwt v5 pending resolution.)
I think it's "on hold' / "gathering more feedback", given this is a potential foot gun.
We've been exporting and adding to the public API sparingly, and want to make sure we're at least having a discussion around it.
i'm realy need ability to validate generic claims and don't copy code from jwt repo. What you want to provide if NewValidator does not exported?
waiting for release =)
waiting for release =)
Unfortunately, we just released 5.1.0 so it might take a while as we usually wait until a few PRs come together. If you really need this feature you can use the pseudo version of the main branch / commit.
You should be able to fetch the latest main
or the merged commit on main
, for example:
go get github.com/golang-jwt/jwt/v5@main
go get github.com/golang-jwt/jwt/v5@a49fa5d91db7b2230d0af0ea591b85f0fa77da3e
This will pull in the pseudo-version:
github.com/golang-jwt/jwt/v5 v5.1.1-0.20231108132144-a49fa5d91db7
Previously, we had
newValidator
as a private function. This PR exports this function so that validation can be done independtly of parsing the claim.