1. Brian Campbell Avatar Brian Campbell
  2. Untitled project
  3. jose4j
  4. Issues

option to require some integrity protection in JWT validation

Issue #121 closed
Brian Campbell repo owner created an issue

Add an option to JwtConsumerBuilder / JwtConsumer to require that the JWT have some integrity protection, either a signature/MAC JWS or a JWE using a symmetric key management algorithm.

This would be useful in cases where one wants to accept JWTs that could be potentially signed and/or encrypted but want to ensure that some kind of integrity protection is in place.

Comments (3)

  2. Brian Campbell reporter

    e4828d7 addressed this with an option on JwtConsumerBuilder/JwtConsumer to require that the JWT have some integrity protection, either a signature/MAC JWS or a JWE using a symmetric key management algorithm.

  4. Log in to comment
Assignee
Type
enhancement
Priority
major
Status
closed
Votes
0
Watchers
1
Jira: the preferred issue tracker for Bitbucket. Join the team!