clintonb
commented
8 years ago @omab please reivew
Closed clintonb closed 8 years ago
clintonb
commented
8 years ago @omab please reivew
omab
commented
8 years ago Merged, thanks!
The first commit adds support for passing kwargs to
jwt.decode(), allowing for great flexibility to determine, for example, which signing algorithms are used or the expected value of the audience claim.The second commit (a) instructs PyJWT to verify the iat claim and ensure a value is present, and (b) makes the value against which the claim is compared configurable. I don't know why I hardcoded this to 10 minutes; but, that is not in the spec, and should be configurable for each individual client.