Currently if an audience is not specified for the checker, it is set to an empty string. I'll need to do some testing, but I believe this will cause evaluated jwts that have an aud claim to fail validation.
Instead setting the default value to None would cause the aud claim to not be evaluated when validating the jwt, which would be the expected behavior.
Currently if an audience is not specified for the checker, it is set to an empty string. I'll need to do some testing, but I believe this will cause evaluated jwts that have an
aud
claim to fail validation. Instead setting the default value toNone
would cause theaud
claim to not be evaluated when validating the jwt, which would be the expected behavior.